From 6757a28d8fb68adc6c2daa51592a4f4f2d8596e5 Mon Sep 17 00:00:00 2001 From: Maru Newby Date: Mon, 14 Dec 2020 20:36:24 -0800 Subject: [PATCH 1/3] bump(*) to 1.20.0 --- go.mod | 124 +- go.sum | 235 +- .../github.com/Azure/go-autorest/.gitignore | 32 + .../github.com/Azure/go-autorest/CHANGELOG.md | 1004 + .../github.com/Azure/go-autorest/GNUmakefile | 23 + .../github.com/Azure/go-autorest/Gopkg.lock | 324 + .../github.com/Azure/go-autorest/Gopkg.toml | 59 + vendor/github.com/Azure/go-autorest/LICENSE | 191 + vendor/github.com/Azure/go-autorest/README.md | 165 + .../go-autorest/autorest/adal/devicetoken.go | 4 + .../Azure/go-autorest/autorest/adal/go.mod | 12 +- .../Azure/go-autorest/autorest/adal/go.sum | 33 +- .../autorest/adal/go_mod_tidy_hack.go | 4 +- .../go-autorest/autorest/adal/persist.go | 62 + .../Azure/go-autorest/autorest/adal/token.go | 87 +- .../go-autorest/autorest/adal/token_1.13.go | 36 + .../go-autorest/autorest/adal/token_legacy.go | 36 + .../go-autorest/autorest/authorization.go | 7 +- .../Azure/go-autorest/autorest/azure/async.go | 8 +- .../autorest/azure/environments.go | 9 +- .../Azure/go-autorest/autorest/date/go.mod | 2 +- .../Azure/go-autorest/autorest/date/go.sum | 18 +- .../autorest/date/go_mod_tidy_hack.go | 4 +- .../Azure/go-autorest/autorest/go.mod | 11 +- .../Azure/go-autorest/autorest/go.sum | 35 +- .../go-autorest/autorest/go_mod_tidy_hack.go | 24 + .../Azure/go-autorest/autorest/mocks/go.mod | 2 +- .../Azure/go-autorest/autorest/mocks/go.sum | 18 +- .../autorest/mocks/go_mod_tidy_hack.go | 4 +- .../Azure/go-autorest/autorest/mocks/mocks.go | 8 +- .../Azure/go-autorest/autorest/sender.go | 19 +- .../Azure/go-autorest/autorest/version.go | 2 +- .../Azure/go-autorest/azure-pipelines.yml | 105 + vendor/github.com/Azure/go-autorest/doc.go | 18 + .../Azure/go-autorest/logger/go.mod | 2 + .../Azure/go-autorest/logger/go.sum | 2 + .../go-autorest/logger/go_mod_tidy_hack.go | 24 + .../Azure/go-autorest/tracing/go.mod | 2 + .../Azure/go-autorest/tracing/go.sum | 2 + .../go-autorest/tracing/go_mod_tidy_hack.go | 24 + .../hcsshim/osversion/osversion_windows.go | 51 + .../hcsshim/osversion/windowsbuilds.go | 23 + .../github.com/aws/aws-sdk-go/aws/config.go | 9 +- .../aws-sdk-go/aws/context_background_1_5.go | 40 +- .../aws-sdk-go/aws/corehandlers/handlers.go | 2 + .../credentials/context_background_go1.5.go | 22 + .../credentials/context_background_go1.7.go | 20 + .../aws/credentials/context_go1.5.go | 39 + .../aws/credentials/context_go1.9.go | 13 + .../aws-sdk-go/aws/credentials/credentials.go | 152 +- .../ec2rolecreds/ec2_role_provider.go | 20 +- .../aws/credentials/endpointcreds/provider.go | 11 +- .../shared_credentials_provider.go | 5 +- .../aws/credentials/static_provider.go | 4 +- .../stscreds/assume_role_provider.go | 44 +- .../stscreds/web_identity_provider.go | 66 +- .../aws/aws-sdk-go/aws/ec2metadata/api.go | 69 +- .../aws/aws-sdk-go/aws/ec2metadata/service.go | 19 +- .../aws/ec2metadata/token_provider.go | 3 +- .../aws/aws-sdk-go/aws/endpoints/decode.go | 2 +- .../aws/aws-sdk-go/aws/endpoints/defaults.go | 4406 +- .../aws/aws-sdk-go/aws/endpoints/v3model.go | 16 +- .../aws/request/connection_reset_error.go | 3 +- .../aws/aws-sdk-go/aws/request/request.go | 8 +- .../aws/aws-sdk-go/aws/request/retryer.go | 1 + .../aws/aws-sdk-go/aws/session/credentials.go | 10 +- .../aws/aws-sdk-go/aws/session/doc.go | 17 + .../aws/aws-sdk-go/aws/session/env_config.go | 10 + .../aws/aws-sdk-go/aws/session/session.go | 61 +- .../aws-sdk-go/aws/session/shared_config.go | 28 +- .../aws/signer/v4/request_context_go1.5.go | 13 + .../aws/signer/v4/request_context_go1.7.go | 13 + .../aws/aws-sdk-go/aws/signer/v4/v4.go | 2 +- vendor/github.com/aws/aws-sdk-go/aws/types.go | 23 + .../github.com/aws/aws-sdk-go/aws/version.go | 2 +- .../internal/context/background_go1.5.go | 40 + .../aws/aws-sdk-go/internal/ini/ini_parser.go | 7 +- .../internal/sync/singleflight/LICENSE | 27 + .../sync/singleflight/singleflight.go | 120 + .../private/protocol/ec2query/build.go | 2 +- .../private/protocol/ec2query/unmarshal.go | 2 +- .../protocol/json/jsonutil/unmarshal.go | 94 +- .../private/protocol/jsonrpc/jsonrpc.go | 4 +- .../protocol/jsonrpc/unmarshal_error.go | 2 +- .../private/protocol/query/build.go | 2 +- .../private/protocol/query/unmarshal.go | 2 +- .../aws-sdk-go/private/protocol/timestamp.go | 9 +- .../private/protocol/xml/xmlutil/build.go | 9 + .../private/protocol/xml/xmlutil/unmarshal.go | 8 + .../aws/aws-sdk-go/service/autoscaling/api.go | 1777 +- .../aws-sdk-go/service/autoscaling/errors.go | 17 +- .../aws/aws-sdk-go/service/ec2/api.go | 13657 ++++- .../aws-sdk-go/service/ec2/customizations.go | 6 +- .../aws/aws-sdk-go/service/ecr/api.go | 1248 +- .../aws/aws-sdk-go/service/ecr/doc.go | 11 +- .../aws/aws-sdk-go/service/ecr/errors.go | 38 +- .../aws/aws-sdk-go/service/elb/api.go | 83 +- .../aws/aws-sdk-go/service/elb/doc.go | 2 +- .../aws/aws-sdk-go/service/elbv2/api.go | 659 +- .../aws/aws-sdk-go/service/elbv2/errors.go | 6 + .../aws/aws-sdk-go/service/kms/api.go | 1415 +- .../aws/aws-sdk-go/service/kms/errors.go | 4 +- .../aws/aws-sdk-go/service/sts/api.go | 6 +- .../aws/aws-sdk-go/service/sts/doc.go | 86 +- .../checkpoint-restore/go-criu/v4/.travis.yml | 7 +- .../checkpoint-restore/go-criu/v4/Makefile | 2 +- .../checkpoint-restore/go-criu/v4/go.sum | 18 - .../checkpoint-restore/go-criu/v4/main.go | 17 +- vendor/github.com/docker/docker/AUTHORS | 13 +- vendor/github.com/docker/docker/NOTICE | 2 +- .../github.com/docker/docker/api/swagger.yaml | 1871 +- .../docker/docker/api/types/client.go | 2 +- .../api/types/container/container_changes.go | 2 +- .../api/types/container/container_create.go | 2 +- .../api/types/container/container_top.go | 6 +- .../api/types/container/container_update.go | 2 +- .../api/types/container/container_wait.go | 2 +- .../docker/api/types/container/host_config.go | 1 - .../docker/docker/api/types/filters/parse.go | 54 +- .../docker/api/types/image/image_history.go | 2 +- .../docker/docker/api/types/volume.go | 5 +- .../docker/api/types/volume/volume_create.go | 7 +- .../docker/api/types/volume/volume_list.go | 5 +- .../github.com/docker/docker/client/client.go | 46 +- .../docker/docker/client/client_unix.go | 2 +- .../github.com/docker/docker/client/hijack.go | 13 +- .../docker/docker/client/interface.go | 2 +- .../docker/docker/client/options.go | 48 +- .../github.com/docker/docker/client/ping.go | 2 + .../docker/docker/client/request.go | 13 +- .../docker/docker/client/session.go | 18 - .../docker/docker/errdefs/http_helpers.go | 33 +- .../docker/pkg/archive/archive_linux.go | 8 +- .../docker/docker/pkg/archive/archive_unix.go | 3 +- .../docker/docker/pkg/idtools/idtools.go | 3 - .../docker/docker/pkg/mount/mount.go | 4 +- .../docker/pkg/mount/mountinfo_linux.go | 18 +- .../docker/pkg/mount/sharedsubtree_linux.go | 24 +- .../docker/docker/pkg/system/init_windows.go | 5 +- .../docker/docker/pkg/system/stat_linux.go | 3 +- .../docker/docker/pkg/system/xattrs_linux.go | 21 +- .../docker/go-connections/nat/nat.go | 2 +- .../tlsconfig/certpool_other.go | 1 - .../docker/go-connections/tlsconfig/config.go | 26 +- .../form3tech-oss/jwt-go/.gitignore | 5 + .../form3tech-oss/jwt-go/.travis.yml | 12 + .../github.com/form3tech-oss/jwt-go/LICENSE | 8 + .../form3tech-oss/jwt-go/MIGRATION_GUIDE.md | 97 + .../github.com/form3tech-oss/jwt-go/README.md | 104 + .../form3tech-oss/jwt-go/VERSION_HISTORY.md | 118 + .../github.com/form3tech-oss/jwt-go/claims.go | 136 + vendor/github.com/form3tech-oss/jwt-go/doc.go | 4 + .../github.com/form3tech-oss/jwt-go/ecdsa.go | 148 + .../form3tech-oss/jwt-go/ecdsa_utils.go | 69 + .../github.com/form3tech-oss/jwt-go/errors.go | 59 + .../github.com/form3tech-oss/jwt-go/hmac.go | 95 + .../form3tech-oss/jwt-go/map_claims.go | 102 + .../github.com/form3tech-oss/jwt-go/none.go | 52 + .../github.com/form3tech-oss/jwt-go/parser.go | 148 + vendor/github.com/form3tech-oss/jwt-go/rsa.go | 101 + .../form3tech-oss/jwt-go/rsa_pss.go | 142 + .../form3tech-oss/jwt-go/rsa_utils.go | 101 + .../form3tech-oss/jwt-go/signing_method.go | 35 + .../github.com/form3tech-oss/jwt-go/token.go | 108 + .../go-openapi/analysis/.codecov.yml | 5 - .../github.com/go-openapi/analysis/.gitignore | 5 - .../go-openapi/analysis/.golangci.yml | 27 - .../go-openapi/analysis/.travis.yml | 15 - .../go-openapi/analysis/CODE_OF_CONDUCT.md | 74 - .../github.com/go-openapi/analysis/README.md | 9 - .../go-openapi/analysis/analyzer.go | 970 - .../go-openapi/analysis/appveyor.yml | 33 - .../github.com/go-openapi/analysis/debug.go | 47 - vendor/github.com/go-openapi/analysis/doc.go | 43 - .../github.com/go-openapi/analysis/fixer.go | 76 - .../github.com/go-openapi/analysis/flatten.go | 1732 - vendor/github.com/go-openapi/analysis/go.mod | 13 - vendor/github.com/go-openapi/analysis/go.sum | 97 - .../go-openapi/analysis/internal/post_go18.go | 29 - .../go-openapi/analysis/internal/pre_go18.go | 29 - .../github.com/go-openapi/analysis/mixin.go | 425 - .../github.com/go-openapi/analysis/schema.go | 234 - .../go-openapi/errors/.golangci.yml | 20 - .../github.com/go-openapi/errors/.travis.yml | 15 - .../go-openapi/errors/CODE_OF_CONDUCT.md | 74 - vendor/github.com/go-openapi/errors/README.md | 8 - vendor/github.com/go-openapi/errors/api.go | 164 - vendor/github.com/go-openapi/errors/go.mod | 6 - vendor/github.com/go-openapi/errors/go.sum | 9 - .../github.com/go-openapi/errors/headers.go | 85 - .../go-openapi/errors/middleware.go | 51 - .../github.com/go-openapi/errors/parsing.go | 59 - .../github.com/go-openapi/loads/.editorconfig | 26 - vendor/github.com/go-openapi/loads/.gitignore | 4 - .../github.com/go-openapi/loads/.golangci.yml | 22 - .../github.com/go-openapi/loads/.travis.yml | 15 - .../go-openapi/loads/CODE_OF_CONDUCT.md | 74 - vendor/github.com/go-openapi/loads/README.md | 7 - vendor/github.com/go-openapi/loads/go.mod | 11 - vendor/github.com/go-openapi/loads/go.sum | 98 - vendor/github.com/go-openapi/loads/spec.go | 298 - .../go-openapi/runtime/.editorconfig | 26 - .../github.com/go-openapi/runtime/.travis.yml | 15 - .../go-openapi/runtime/CODE_OF_CONDUCT.md | 74 - .../github.com/go-openapi/runtime/README.md | 7 - .../go-openapi/runtime/bytestream.go | 155 - .../go-openapi/runtime/client_auth_info.go | 30 - .../go-openapi/runtime/client_operation.go | 41 - .../go-openapi/runtime/client_request.go | 103 - .../go-openapi/runtime/client_response.go | 63 - .../go-openapi/runtime/constants.go | 47 - vendor/github.com/go-openapi/runtime/csv.go | 77 - .../github.com/go-openapi/runtime/discard.go | 9 - vendor/github.com/go-openapi/runtime/go.mod | 16 - vendor/github.com/go-openapi/runtime/go.sum | 133 - .../go-openapi/runtime/interfaces.go | 103 - .../github.com/go-openapi/runtime/request.go | 139 - .../github.com/go-openapi/runtime/statuses.go | 90 - vendor/github.com/go-openapi/runtime/text.go | 117 - .../github.com/go-openapi/runtime/values.go | 19 - vendor/github.com/go-openapi/runtime/xml.go | 36 - .../go-openapi/strfmt/.editorconfig | 26 - .../go-openapi/strfmt/.golangci.yml | 30 - .../github.com/go-openapi/strfmt/.travis.yml | 15 - .../go-openapi/strfmt/CODE_OF_CONDUCT.md | 74 - vendor/github.com/go-openapi/strfmt/README.md | 73 - vendor/github.com/go-openapi/strfmt/go.mod | 13 - vendor/github.com/go-openapi/strfmt/go.sum | 25 - .../go-openapi/validate/.editorconfig | 26 - .../go-openapi/validate/.golangci.yml | 28 - .../go-openapi/validate/.travis.yml | 19 - .../go-openapi/validate/CODE_OF_CONDUCT.md | 74 - .../github.com/go-openapi/validate/README.md | 6 - .../go-openapi/validate/default_validator.go | 281 - vendor/github.com/go-openapi/validate/doc.go | 85 - .../go-openapi/validate/example_validator.go | 270 - vendor/github.com/go-openapi/validate/go.mod | 20 - vendor/github.com/go-openapi/validate/go.sum | 156 - .../github.com/go-openapi/validate/helpers.go | 324 - .../github.com/go-openapi/validate/result.go | 486 - .../go-openapi/validate/schema_option.go | 54 - vendor/github.com/go-openapi/validate/spec.go | 787 - .../go-openapi/validate/spec_messages.go | 360 - .../go-openapi/validate/update-fixtures.sh | 15 - .../go-openapi/validate/validator.go | 646 - vendor/github.com/go-stack/stack/.travis.yml | 15 - vendor/github.com/go-stack/stack/LICENSE.md | 21 - vendor/github.com/go-stack/stack/README.md | 38 - vendor/github.com/go-stack/stack/go.mod | 1 - vendor/github.com/go-stack/stack/stack.go | 400 - .../opencontainers/go-digest/.mailmap | 3 + .../opencontainers/go-digest/.pullapprove.yml | 38 +- .../opencontainers/go-digest/.travis.yml | 3 +- .../go-digest/{LICENSE.code => LICENSE} | 1 + .../opencontainers/go-digest/MAINTAINERS | 12 +- .../opencontainers/go-digest/README.md | 70 +- .../opencontainers/go-digest/algorithm.go | 1 + .../opencontainers/go-digest/digest.go | 1 + .../opencontainers/go-digest/digester.go | 1 + .../opencontainers/go-digest/doc.go | 10 +- .../opencontainers/go-digest/go.mod | 3 + .../opencontainers/go-digest/verifiers.go | 1 + .../runc/libcontainer/cgroups/fs/blkio.go | 12 +- .../runc/libcontainer/cgroups/fs/cpu.go | 24 +- .../runc/libcontainer/cgroups/fs/cpuacct.go | 16 +- .../runc/libcontainer/cgroups/fs/cpuset.go | 12 +- .../runc/libcontainer/cgroups/fs/devices.go | 17 +- .../runc/libcontainer/cgroups/fs/freezer.go | 12 +- .../runc/libcontainer/cgroups/fs/fs.go | 105 +- .../runc/libcontainer/cgroups/fs/hugetlb.go | 15 +- .../runc/libcontainer/cgroups/fs/memory.go | 17 +- .../runc/libcontainer/cgroups/fs/name.go | 11 +- .../runc/libcontainer/cgroups/fs/net_cls.go | 12 +- .../runc/libcontainer/cgroups/fs/net_prio.go | 12 +- .../libcontainer/cgroups/fs/perf_event.go | 12 +- .../runc/libcontainer/cgroups/fs/pids.go | 15 +- .../runc/libcontainer/cgroups/systemd/v1.go | 19 +- .../runc/libcontainer/cgroups/v1_utils.go | 57 +- .../runc/libcontainer/configs/config.go | 9 - .../runc/libcontainer/configs/device.go | 12 - .../runc/libcontainer/configs/device_unix.go | 16 + .../libcontainer/configs/device_windows.go | 5 + .../runc/libcontainer/container_linux.go | 144 +- .../runc/libcontainer/process_linux.go | 6 +- .../runc/libcontainer/rootfs_linux.go | 9 +- .../runc/libcontainer/standard_init_linux.go | 4 +- .../runc/libcontainer/state_linux.go | 4 +- .../runtime-spec/specs-go/config.go | 15 +- .../runtime-spec/specs-go/state.go | 20 +- .../opencontainers/selinux/go-selinux/doc.go | 21 + .../selinux/go-selinux/label/label_selinux.go | 2 +- .../selinux/go-selinux/label/label_stub.go | 1 - .../selinux/go-selinux/selinux.go | 249 + .../selinux/go-selinux/selinux_linux.go | 481 +- .../selinux/go-selinux/selinux_stub.go | 190 +- .../opencontainers/selinux/pkg/pwalk/pwalk.go | 8 +- vendor/github.com/openshift/api/OWNERS | 7 +- .../openshift/api/apps/v1/generated.proto | 3 +- .../github.com/openshift/api/apps/v1/types.go | 1 + ...enshift_01_rolebindingrestriction.crd.yaml | 379 +- .../api/authorization/v1/generated.proto | 2 +- .../openshift/api/build/v1/generated.proto | 4 +- .../openshift/api/build/v1/types.go | 6 +- ...rsion-operator_01_clusteroperator.crd.yaml | 1 + ...ersion-operator_01_clusterversion.crd.yaml | 1 + ...03_config-operator_01_operatorhub.crd.yaml | 2 + .../0000_03_config-operator_01_proxy.crd.yaml | 175 +- ...0_10_config-operator_01_apiserver.crd.yaml | 2 + ...config-operator_01_authentication.crd.yaml | 262 +- .../0000_10_config-operator_01_build.crd.yaml | 2 + ...000_10_config-operator_01_console.crd.yaml | 2 + .../0000_10_config-operator_01_dns.crd.yaml | 2 + ...10_config-operator_01_featuregate.crd.yaml | 126 +- .../0000_10_config-operator_01_image.crd.yaml | 15 + ...config-operator_01_infrastructure.crd.yaml | 2 + ...000_10_config-operator_01_ingress.crd.yaml | 2 + ...000_10_config-operator_01_network.crd.yaml | 2 + .../0000_10_config-operator_01_oauth.crd.yaml | 1269 +- ...000_10_config-operator_01_project.crd.yaml | 105 +- ...0_10_config-operator_01_scheduler.crd.yaml | 164 +- .../api/config/v1/types_authentication.go | 6 + .../openshift/api/config/v1/types_image.go | 8 + .../api/config/v1/types_scheduling.go | 28 +- .../api/config/v1/zz_generated.deepcopy.go | 5 + .../v1/zz_generated.swagger_doc_generated.go | 14 +- .../v1/0000_10_consoleclidownload.crd.yaml | 6 +- .../0000_10_consoleexternalloglink.crd.yaml | 6 +- .../console/v1/0000_10_consolelink.crd.yaml | 6 +- .../v1/0000_10_consolenotification.crd.yaml | 6 +- .../v1/0000_10_consolequickstart.crd.yaml | 202 + .../v1/0000_10_consoleyamlsample.crd.yaml | 6 +- .../openshift/api/console/v1/register.go | 2 + .../console/v1/types_console_quick_start.go | 132 + .../api/console/v1/zz_generated.deepcopy.go | 162 + .../v1/zz_generated.swagger_doc_generated.go | 59 + vendor/github.com/openshift/api/go.mod | 8 +- vendor/github.com/openshift/api/go.sum | 69 +- .../0000_10-helm-chart-repository.crd.yaml | 5 + .../openshift/api/helm/v1beta1/types_helm.go | 4 + .../openshift/api/image/v1/generated.pb.go | 562 +- .../openshift/api/image/v1/generated.proto | 14 +- .../openshift/api/image/v1/register.go | 2 +- .../openshift/api/image/v1/types.go | 7 +- .../api/image/v1/zz_generated.deepcopy.go | 33 + .../api/imageregistry/v1/00-crd.yaml | 4 + .../api/imageregistry/v1/01-crd.yaml | 4 + vendor/github.com/openshift/api/install.go | 2 - .../network/v1/001-clusternetwork-crd.yaml | 30 +- .../api/network/v1/002-hostsubnet-crd.yaml | 50 +- .../api/network/v1/003-netnamespace-crd.yaml | 22 +- .../openshift/api/network/v1/generated.proto | 2 +- .../openshift/api/oauth/v1/generated.proto | 2 +- .../openshift/api/oauth/v1/types.go | 2 + ...0000_10_config-operator_01_config.crd.yaml | 2 + .../0000_12_etcd-operator_01_config.crd.yaml | 2 + ...kube-apiserver-operator_01_config.crd.yaml | 2 + ...roller-manager-operator_01_config.crd.yaml | 2 + ...kube-scheduler-operator_01_config.crd.yaml | 2 + ...hift-apiserver-operator_01_config.crd.yaml | 2 + ...oud-credential-operator_00_config.crd.yaml | 1 + ...rsion-migrator-operator_00_config.crd.yaml | 2 + ...authentication-operator_01_config.crd.yaml | 1 + ...roller-manager-operator_02_config.crd.yaml | 2 + ...00_50_cluster_storage_operator_01_crd.yaml | 2 + ...ess-operator_00-ingresscontroller.crd.yaml | 26 + .../0000_50_service-ca-operator_02_crd.yaml | 2 + ...00_70_cluster-network-operator_01_crd.yaml | 126 +- .../v1/0000_70_console-operator.crd.yaml | 74 + ...perator_00-custom-resource-definition.yaml | 2 + ...i_snapshot_controller_operator_01_crd.yaml | 2 + ...0_90_cluster_csi_driver_01_config.crd.yaml | 2 + .../api/operator/v1/types_console.go | 45 + .../api/operator/v1/types_ingress.go | 30 + .../api/operator/v1/types_network.go | 33 +- .../api/operator/v1/zz_generated.deepcopy.go | 103 +- .../v1/zz_generated.swagger_doc_generated.go | 58 +- ...rator_01_imagecontentsourcepolicy.crd.yaml | 2 + ...10-pod-network-connectivity-check.crd.yaml | 1 + .../openshift/api/project/v1/generated.proto | 2 +- ...openshift_01_clusterresourcequota.crd.yaml | 2 + .../openshift/api/quota/v1/generated.proto | 2 +- .../openshift/api/route/v1/generated.proto | 2 +- .../samples/v1/0000_10_samplesconfig.crd.yaml | 5 +- .../openshift/api/samples/v1/generated.proto | 2 +- ...0000_03_security-openshift_01_scc.crd.yaml | 665 +- .../openshift/api/security/v1/generated.proto | 2 +- .../openshift/api/template/v1/generated.proto | 2 +- .../openshift/api/user/v1/generated.proto | 3 +- .../github.com/openshift/api/user/v1/types.go | 3 +- .../quota/clusterresourcequota/accessor.go | 2 +- .../quota/clusterresourcequota/admission.go | 23 +- .../quota/clusterresourcequota/intializers.go | 2 +- .../sccadmission/admission.go | 2 +- .../versioned/typed/image/v1/imagestream.go | 9 +- .../typed/oauth/v1/generated_expansion.go | 2 + .../versioned/typed/oauth/v1/oauth_client.go | 5 + .../typed/oauth/v1/useroauthaccesstoken.go | 152 + .../informers/externalversions/generic.go | 2 + .../externalversions/oauth/v1/interface.go | 7 + .../oauth/v1/useroauthaccesstoken.go | 73 + .../listers/oauth/v1/expansion_generated.go | 4 + .../listers/oauth/v1/useroauthaccesstoken.go | 52 + .../library-go/pkg/git/repository.go | 20 +- .../library-go/pkg/network/dialer_linux.go | 42 +- .../resourceapply/admissionregistration.go | 140 + .../resource/resourceapply/admissions.go | 77 - .../resource/resourceapply/generic.go | 11 - .../resource/resourceapply/monitoring.go | 3 + .../resourcemerge/admissionregistration.go | 51 + .../resource/resourcemerge/object_merger.go | 28 +- .../prometheus/procfs/CODE_OF_CONDUCT.md | 3 + .../github.com/prometheus/procfs/cpuinfo.go | 44 + .../{cpuinfo_arm.go => cpuinfo_armx.go} | 1 + .../prometheus/procfs/cpuinfo_mips64.go | 18 - .../prometheus/procfs/cpuinfo_mips64le.go | 18 - .../prometheus/procfs/cpuinfo_mipsle.go | 18 - .../{cpuinfo_mips.go => cpuinfo_mipsx.go} | 1 + .../{cpuinfo_arm64.go => cpuinfo_others.go} | 4 +- .../{cpuinfo_ppc64.go => cpuinfo_ppcx.go} | 1 + .../{cpuinfo_default.go => cpuinfo_x86.go} | 0 .../prometheus/procfs/fixtures.ttar | 75 +- .../prometheus/procfs/kernel_random.go | 2 +- vendor/github.com/prometheus/procfs/mdstat.go | 5 +- .../prometheus/procfs/proc_status.go | 6 +- vendor/github.com/quobyte/api/README.md | 4 + vendor/github.com/quobyte/api/quobyte.go | 4 + vendor/github.com/quobyte/api/rpc_client.go | 8 +- vendor/github.com/quobyte/api/types.go | 46 +- vendor/github.com/storageos/go-api/client.go | 53 + vendor/github.com/storageos/go-api/cluster.go | 48 + vendor/github.com/storageos/go-api/health.go | 16 + vendor/github.com/storageos/go-api/licence.go | 43 + .../storageos/go-api/netutil/parsers.go | 6 + vendor/github.com/storageos/go-api/policy.go | 2 +- vendor/github.com/storageos/go-api/pool.go | 2 +- vendor/github.com/storageos/go-api/rule.go | 2 +- .../storageos/go-api/types/cluster.go | 10 + .../storageos/go-api/types/health.go | 14 + .../storageos/go-api/types/licence.go | 35 + vendor/github.com/storageos/go-api/user.go | 3 +- vendor/github.com/willf/bitset/.gitignore | 26 + vendor/github.com/willf/bitset/.travis.yml | 37 + vendor/github.com/willf/bitset/LICENSE | 27 + vendor/github.com/willf/bitset/Makefile | 191 + vendor/github.com/willf/bitset/README.md | 96 + .../willf/bitset/azure-pipelines.yml | 39 + vendor/github.com/willf/bitset/bitset.go | 879 + vendor/github.com/willf/bitset/popcnt.go | 53 + vendor/github.com/willf/bitset/popcnt_19.go | 45 + .../github.com/willf/bitset/popcnt_amd64.go | 68 + vendor/github.com/willf/bitset/popcnt_amd64.s | 104 + .../github.com/willf/bitset/popcnt_generic.go | 24 + .../willf/bitset/trailing_zeros_18.go | 14 + .../willf/bitset/trailing_zeros_19.go | 9 + vendor/go.etcd.io/etcd/auth/jwt.go | 6 +- vendor/go.etcd.io/etcd/auth/metrics.go | 42 + vendor/go.etcd.io/etcd/auth/simple_token.go | 25 +- vendor/go.etcd.io/etcd/auth/store.go | 107 +- .../etcd/clientv3/balancer/picker/err.go | 2 +- .../balancer/picker/roundrobin_balanced.go | 2 +- .../balancer/resolver/endpoint/endpoint.go | 4 +- vendor/go.etcd.io/etcd/clientv3/client.go | 8 - vendor/go.etcd.io/etcd/clientv3/ctx.go | 64 + .../go.etcd.io/etcd/clientv3/maintenance.go | 21 +- .../etcd/clientv3/retry_interceptor.go | 15 +- vendor/go.etcd.io/etcd/clientv3/watch.go | 58 +- vendor/go.etcd.io/etcd/embed/config.go | 17 +- vendor/go.etcd.io/etcd/embed/etcd.go | 93 +- .../etcd/etcdserver/api/etcdhttp/metrics.go | 7 + .../etcd/etcdserver/api/etcdhttp/peer.go | 15 +- .../etcd/etcdserver/api/membership/cluster.go | 4 +- .../etcd/etcdserver/api/rafthttp/http.go | 18 +- .../api/rafthttp/snapshot_sender.go | 10 +- .../etcd/etcdserver/api/snap/snapshotter.go | 98 +- .../etcdserver/api/v2discovery/discovery.go | 22 +- .../etcd/etcdserver/api/v3rpc/interceptor.go | 24 +- .../etcd/etcdserver/api/v3rpc/maintenance.go | 69 +- .../etcd/etcdserver/api/v3rpc/metrics.go | 10 + .../etcd/etcdserver/api/v3rpc/rpctypes/md.go | 2 + .../etcd/etcdserver/api/v3rpc/watch.go | 22 +- vendor/go.etcd.io/etcd/etcdserver/apply.go | 3 + vendor/go.etcd.io/etcd/etcdserver/apply_v2.go | 7 +- vendor/go.etcd.io/etcd/etcdserver/backend.go | 3 +- vendor/go.etcd.io/etcd/etcdserver/config.go | 7 + vendor/go.etcd.io/etcd/etcdserver/corrupt.go | 183 +- .../etcdserverpb/raft_internal_stringer.go | 8 +- .../etcd/etcdserver/etcdserverpb/rpc.pb.go | 4 +- vendor/go.etcd.io/etcd/etcdserver/metrics.go | 24 +- vendor/go.etcd.io/etcd/etcdserver/raft.go | 46 +- vendor/go.etcd.io/etcd/etcdserver/server.go | 79 +- vendor/go.etcd.io/etcd/etcdserver/storage.go | 34 +- vendor/go.etcd.io/etcd/etcdserver/util.go | 37 + .../go.etcd.io/etcd/etcdserver/v3_server.go | 10 +- vendor/go.etcd.io/etcd/integration/cluster.go | 74 +- vendor/go.etcd.io/etcd/lease/lessor.go | 9 +- .../go.etcd.io/etcd/mvcc/backend/backend.go | 33 +- vendor/go.etcd.io/etcd/mvcc/kvstore.go | 16 +- .../etcd/mvcc/kvstore_compaction.go | 1 + vendor/go.etcd.io/etcd/mvcc/metrics.go | 9 + vendor/go.etcd.io/etcd/mvcc/metrics_txn.go | 8 +- .../go.etcd.io/etcd/mvcc/watchable_store.go | 16 +- .../go.etcd.io/etcd/pkg/fileutil/dir_unix.go | 5 + .../etcd/pkg/fileutil/dir_windows.go | 5 + .../go.etcd.io/etcd/pkg/fileutil/fileutil.go | 43 +- vendor/go.etcd.io/etcd/pkg/fileutil/purge.go | 14 +- .../go.etcd.io/etcd/pkg/ioutil/pagewriter.go | 17 +- .../go.etcd.io/etcd/pkg/runtime/fds_linux.go | 17 +- .../go.etcd.io/etcd/pkg/transport/listener.go | 12 +- .../etcd/proxy/grpcproxy/metrics.go | 1 + vendor/go.etcd.io/etcd/version/version.go | 2 +- vendor/go.etcd.io/etcd/wal/decoder.go | 8 + vendor/go.etcd.io/etcd/wal/encoder.go | 12 +- vendor/go.etcd.io/etcd/wal/metrics.go | 8 + vendor/go.etcd.io/etcd/wal/repair.go | 4 +- vendor/go.etcd.io/etcd/wal/wal.go | 114 +- .../go.mongodb.org/mongo-driver/bson/bson.go | 60 - .../mongo-driver/bson/bson_1_8.go | 91 - .../mongo-driver/bson/bsoncodec/bsoncodec.go | 163 - .../bson/bsoncodec/default_value_decoders.go | 1014 - .../bson/bsoncodec/default_value_encoders.go | 648 - .../mongo-driver/bson/bsoncodec/doc.go | 61 - .../mongo-driver/bson/bsoncodec/mode.go | 65 - .../bson/bsoncodec/pointer_codec.go | 110 - .../mongo-driver/bson/bsoncodec/proxy.go | 14 - .../mongo-driver/bson/bsoncodec/registry.go | 384 - .../bson/bsoncodec/struct_codec.go | 367 - .../bson/bsoncodec/struct_tag_parser.go | 119 - .../mongo-driver/bson/bsoncodec/types.go | 80 - .../mongo-driver/bson/bsonrw/copier.go | 389 - .../mongo-driver/bson/bsonrw/doc.go | 9 - .../bson/bsonrw/extjson_parser.go | 731 - .../bson/bsonrw/extjson_reader.go | 659 - .../bson/bsonrw/extjson_tables.go | 223 - .../bson/bsonrw/extjson_wrappers.go | 481 - .../bson/bsonrw/extjson_writer.go | 734 - .../mongo-driver/bson/bsonrw/json_scanner.go | 439 - .../mongo-driver/bson/bsonrw/mode.go | 108 - .../mongo-driver/bson/bsonrw/reader.go | 63 - .../mongo-driver/bson/bsonrw/value_reader.go | 882 - .../mongo-driver/bson/bsonrw/value_writer.go | 589 - .../mongo-driver/bson/bsonrw/writer.go | 96 - .../mongo-driver/bson/bsontype/bsontype.go | 87 - .../mongo-driver/bson/decoder.go | 112 - .../go.mongodb.org/mongo-driver/bson/doc.go | 42 - .../mongo-driver/bson/encoder.go | 99 - .../mongo-driver/bson/marshal.go | 156 - .../mongo-driver/bson/primitive/decimal.go | 307 - .../mongo-driver/bson/primitive/primitive.go | 186 - .../mongo-driver/bson/primitive_codecs.go | 111 - .../go.mongodb.org/mongo-driver/bson/raw.go | 92 - .../mongo-driver/bson/raw_element.go | 51 - .../mongo-driver/bson/raw_value.go | 287 - .../mongo-driver/bson/registry.go | 24 - .../go.mongodb.org/mongo-driver/bson/types.go | 85 - .../mongo-driver/bson/unmarshal.go | 101 - .../mongo-driver/x/bsonx/bsoncore/bsoncore.go | 835 - .../mongo-driver/x/bsonx/bsoncore/document.go | 399 - .../x/bsonx/bsoncore/document_sequence.go | 183 - .../mongo-driver/x/bsonx/bsoncore/element.go | 152 - .../mongo-driver/x/bsonx/bsoncore/tables.go | 223 - .../mongo-driver/x/bsonx/bsoncore/value.go | 1015 - vendor/golang.org/x/net/html/const.go | 3 +- vendor/golang.org/x/net/html/foreign.go | 120 +- vendor/golang.org/x/net/html/node.go | 5 + vendor/golang.org/x/net/html/parse.go | 313 +- vendor/golang.org/x/net/html/render.go | 34 +- vendor/golang.org/x/net/html/token.go | 9 +- .../x/net/http2/client_conn_pool.go | 8 +- vendor/golang.org/x/net/http2/flow.go | 2 + vendor/golang.org/x/net/http2/hpack/encode.go | 2 +- .../golang.org/x/net/http2/hpack/huffman.go | 7 + vendor/golang.org/x/net/http2/http2.go | 13 +- vendor/golang.org/x/net/http2/pipe.go | 7 +- vendor/golang.org/x/net/http2/server.go | 45 +- vendor/golang.org/x/net/http2/transport.go | 206 +- .../x/net/http2/writesched_priority.go | 2 +- vendor/golang.org/x/net/idna/tables11.0.0.go | 2 +- vendor/golang.org/x/net/idna/tables12.0.0.go | 4733 ++ vendor/golang.org/x/net/idna/tables13.0.0.go | 4839 ++ .../x/net/internal/socket/cmsghdr.go | 2 +- .../x/net/internal/socket/cmsghdr_stub.go | 16 +- .../x/net/internal/socket/cmsghdr_unix.go | 21 + .../net/internal/socket/cmsghdr_zos_s390x.go | 25 + .../x/net/internal/socket/error_unix.go | 2 +- .../x/net/internal/socket/iovec_64bit.go | 2 +- .../x/net/internal/socket/iovec_stub.go | 2 +- .../x/net/internal/socket/msghdr_stub.go | 2 +- .../x/net/internal/socket/msghdr_zos_s390x.go | 36 + .../x/net/internal/socket/norace.go | 12 + .../golang.org/x/net/internal/socket/race.go | 37 + .../x/net/internal/socket/rawconn_mmsg.go | 6 + .../x/net/internal/socket/rawconn_msg.go | 9 +- .../x/net/internal/socket/rawconn_nomsg.go | 2 +- .../x/net/internal/socket/socket.go | 10 +- .../golang.org/x/net/internal/socket/sys.go | 14 +- .../x/net/internal/socket/sys_bsdvar.go | 23 - .../x/net/internal/socket/sys_const_zos.go | 17 + .../x/net/internal/socket/sys_darwin.go | 7 - .../x/net/internal/socket/sys_dragonfly.go | 7 - .../x/net/internal/socket/sys_linux.go | 5 - .../x/net/internal/socket/sys_linux_386.go | 2 - .../x/net/internal/socket/sys_linux_s390x.go | 2 - .../x/net/internal/socket/sys_posix.go | 2 +- .../x/net/internal/socket/sys_solaris.go | 11 - .../x/net/internal/socket/sys_stub.go | 18 +- ...{sys_go1_11_darwin.go => sys_zos_s390x.go} | 19 +- .../x/net/internal/socket/sys_zos_s390x.s | 11 + .../x/net/internal/socket/zsys_aix_ppc64.go | 6 +- .../x/net/internal/socket/zsys_darwin_386.go | 5 +- .../net/internal/socket/zsys_darwin_amd64.go | 5 +- .../x/net/internal/socket/zsys_darwin_arm.go | 5 +- .../net/internal/socket/zsys_darwin_arm64.go | 5 +- .../internal/socket/zsys_dragonfly_amd64.go | 5 +- .../x/net/internal/socket/zsys_freebsd_386.go | 5 +- .../net/internal/socket/zsys_freebsd_amd64.go | 5 +- .../x/net/internal/socket/zsys_freebsd_arm.go | 5 +- .../net/internal/socket/zsys_freebsd_arm64.go | 5 +- .../x/net/internal/socket/zsys_linux_386.go | 6 +- .../x/net/internal/socket/zsys_linux_amd64.go | 6 +- .../x/net/internal/socket/zsys_linux_arm.go | 6 +- .../x/net/internal/socket/zsys_linux_arm64.go | 6 +- .../x/net/internal/socket/zsys_linux_mips.go | 6 +- .../net/internal/socket/zsys_linux_mips64.go | 6 +- .../internal/socket/zsys_linux_mips64le.go | 6 +- .../net/internal/socket/zsys_linux_mipsle.go | 6 +- .../x/net/internal/socket/zsys_linux_ppc64.go | 6 +- .../net/internal/socket/zsys_linux_ppc64le.go | 6 +- .../net/internal/socket/zsys_linux_riscv64.go | 6 +- .../x/net/internal/socket/zsys_linux_s390x.go | 6 +- .../x/net/internal/socket/zsys_netbsd_386.go | 6 +- .../net/internal/socket/zsys_netbsd_amd64.go | 6 +- .../x/net/internal/socket/zsys_netbsd_arm.go | 6 +- .../net/internal/socket/zsys_netbsd_arm64.go | 6 +- .../x/net/internal/socket/zsys_openbsd_386.go | 5 +- .../net/internal/socket/zsys_openbsd_amd64.go | 5 +- .../x/net/internal/socket/zsys_openbsd_arm.go | 5 +- .../net/internal/socket/zsys_openbsd_arm64.go | 5 +- .../net/internal/socket/zsys_solaris_amd64.go | 5 +- .../x/net/internal/socket/zsys_zos_s390x.go | 32 + .../golang.org/x/net/internal/socks/socks.go | 2 +- .../x/net/internal/timeseries/timeseries.go | 6 +- vendor/golang.org/x/net/ipv4/control_bsd.go | 3 +- vendor/golang.org/x/net/ipv4/control_stub.go | 2 +- vendor/golang.org/x/net/ipv4/control_zos.go | 86 + vendor/golang.org/x/net/ipv4/header.go | 9 +- vendor/golang.org/x/net/ipv4/helper.go | 17 +- vendor/golang.org/x/net/ipv4/payload_cmsg.go | 2 +- .../golang.org/x/net/ipv4/payload_nocmsg.go | 2 +- vendor/golang.org/x/net/ipv4/sockopt_posix.go | 2 +- vendor/golang.org/x/net/ipv4/sockopt_stub.go | 2 +- vendor/golang.org/x/net/ipv4/sys_asmreq.go | 3 + vendor/golang.org/x/net/ipv4/sys_bpf.go | 7 +- vendor/golang.org/x/net/ipv4/sys_linux.go | 3 +- vendor/golang.org/x/net/ipv4/sys_stub.go | 2 +- vendor/golang.org/x/net/ipv4/sys_zos.go | 55 + .../x/net/ipv4/zsys_freebsd_arm64.go | 93 + .../golang.org/x/net/ipv4/zsys_linux_386.go | 18 - .../golang.org/x/net/ipv4/zsys_linux_amd64.go | 18 - .../golang.org/x/net/ipv4/zsys_linux_arm.go | 18 - .../golang.org/x/net/ipv4/zsys_linux_arm64.go | 18 - .../golang.org/x/net/ipv4/zsys_linux_mips.go | 18 - .../x/net/ipv4/zsys_linux_mips64.go | 18 - .../x/net/ipv4/zsys_linux_mips64le.go | 18 - .../x/net/ipv4/zsys_linux_mipsle.go | 18 - .../golang.org/x/net/ipv4/zsys_linux_ppc.go | 18 - .../golang.org/x/net/ipv4/zsys_linux_ppc64.go | 18 - .../x/net/ipv4/zsys_linux_ppc64le.go | 18 - .../x/net/ipv4/zsys_linux_riscv64.go | 17 - .../golang.org/x/net/ipv4/zsys_linux_s390x.go | 18 - .../golang.org/x/net/ipv4/zsys_zos_s390x.go | 80 + .../x/net/ipv6/control_rfc3542_unix.go | 2 +- vendor/golang.org/x/net/ipv6/control_stub.go | 2 +- vendor/golang.org/x/net/ipv6/control_unix.go | 2 +- vendor/golang.org/x/net/ipv6/helper.go | 1 - vendor/golang.org/x/net/ipv6/icmp_stub.go | 2 +- vendor/golang.org/x/net/ipv6/icmp_zos.go | 29 + vendor/golang.org/x/net/ipv6/payload_cmsg.go | 2 +- .../golang.org/x/net/ipv6/payload_nocmsg.go | 2 +- vendor/golang.org/x/net/ipv6/sockopt_posix.go | 2 +- vendor/golang.org/x/net/ipv6/sockopt_stub.go | 2 +- vendor/golang.org/x/net/ipv6/sys_bpf.go | 7 +- vendor/golang.org/x/net/ipv6/sys_linux.go | 3 +- vendor/golang.org/x/net/ipv6/sys_ssmreq.go | 2 +- .../golang.org/x/net/ipv6/sys_ssmreq_stub.go | 2 +- vendor/golang.org/x/net/ipv6/sys_stub.go | 2 +- vendor/golang.org/x/net/ipv6/sys_zos.go | 70 + .../x/net/ipv6/zsys_freebsd_arm64.go | 122 + .../golang.org/x/net/ipv6/zsys_linux_386.go | 18 - .../golang.org/x/net/ipv6/zsys_linux_amd64.go | 18 - .../golang.org/x/net/ipv6/zsys_linux_arm.go | 18 - .../golang.org/x/net/ipv6/zsys_linux_arm64.go | 18 - .../golang.org/x/net/ipv6/zsys_linux_mips.go | 18 - .../x/net/ipv6/zsys_linux_mips64.go | 18 - .../x/net/ipv6/zsys_linux_mips64le.go | 18 - .../x/net/ipv6/zsys_linux_mipsle.go | 18 - .../golang.org/x/net/ipv6/zsys_linux_ppc.go | 18 - .../golang.org/x/net/ipv6/zsys_linux_ppc64.go | 18 - .../x/net/ipv6/zsys_linux_ppc64le.go | 18 - .../x/net/ipv6/zsys_linux_riscv64.go | 17 - .../golang.org/x/net/ipv6/zsys_linux_s390x.go | 18 - .../golang.org/x/net/ipv6/zsys_zos_s390x.go | 106 + .../golang.org/x/net/websocket/websocket.go | 6 +- .../api/compute/v0.alpha/compute-api.json | 2461 +- .../api/compute/v0.alpha/compute-gen.go | 8858 +-- .../api/compute/v0.beta/compute-api.json | 5545 +- .../api/compute/v0.beta/compute-gen.go | 15214 +++-- .../api/compute/v1/compute-api.json | 3707 +- .../api/compute/v1/compute-gen.go | 48834 +++++++++------- .../api/container/v1/container-api.json | 145 +- .../api/container/v1/container-gen.go | 413 +- .../api/googleapi/googleapi.go | 2 +- .../api/internal/conn_pool.go | 30 + .../google.golang.org/api/internal/creds.go | 13 + .../api/internal/gensupport/version.go | 53 + vendor/google.golang.org/api/internal/pool.go | 51 - .../api/internal/settings.go | 17 + .../api/logging/v2beta1/logging-api.json | 1560 - .../api/logging/v2beta1/logging-gen.go | 4077 -- .../api/monitoring/v3/monitoring-api.json | 336 +- .../api/monitoring/v3/monitoring-gen.go | 1136 +- .../option/internaloption/internaloption.go | 26 + vendor/google.golang.org/api/option/option.go | 43 +- .../api/pubsub/v1/pubsub-api.json | 1698 - .../api/pubsub/v1/pubsub-gen.go | 6938 --- .../google.golang.org/api/tpu/v1/tpu-api.json | 4 +- .../google.golang.org/api/tpu/v1/tpu-gen.go | 40 +- .../api/transport/cert/default_cert.go | 110 + .../api/transport/http/dial.go | 135 +- vendor/google.golang.org/grpc/.travis.yml | 2 +- vendor/google.golang.org/grpc/Makefile | 3 + .../grpc/balancer/balancer.go | 5 - .../grpc/balancer/base/balancer.go | 67 +- vendor/google.golang.org/grpc/clientconn.go | 62 +- .../grpc/credentials/credentials.go | 79 +- .../google.golang.org/grpc/credentials/tls.go | 9 +- vendor/google.golang.org/grpc/dialoptions.go | 25 +- .../grpc/internal/envconfig/envconfig.go | 7 +- .../grpc/internal/internal.go | 2 - .../internal/resolver/dns/dns_resolver.go | 85 +- .../grpc/internal/transport/handler_server.go | 2 +- .../grpc/internal/transport/http2_client.go | 3 +- .../grpc/resolver/resolver.go | 10 - .../grpc/resolver_conn_wrapper.go | 14 +- vendor/google.golang.org/grpc/rpc_util.go | 3 +- .../google.golang.org/grpc/service_config.go | 4 +- vendor/google.golang.org/grpc/trace.go | 3 - vendor/google.golang.org/grpc/version.go | 2 +- vendor/google.golang.org/grpc/vet.sh | 2 +- .../k8s.io/api/admission/v1/generated.proto | 2 +- .../api/admission/v1beta1/generated.proto | 2 +- .../admissionregistration/v1/generated.proto | 2 +- .../v1beta1/generated.proto | 2 +- .../api/apiserverinternal/v1alpha1/doc.go | 25 + .../v1alpha1/generated.pb.go | 1718 + .../v1alpha1/generated.proto | 121 + .../v1alpha1/register.go | 16 +- .../api/apiserverinternal/v1alpha1/types.go | 127 + .../v1alpha1/types_swagger_doc_generated.go | 93 + .../v1alpha1/zz_generated.deepcopy.go | 175 + vendor/k8s.io/api/apps/v1/generated.proto | 2 +- .../k8s.io/api/apps/v1beta1/generated.proto | 2 +- vendor/k8s.io/api/apps/v1beta1/types.go | 16 +- .../zz_generated.prerelease-lifecycle.go | 16 +- .../k8s.io/api/apps/v1beta2/generated.proto | 2 +- vendor/k8s.io/api/apps/v1beta2/types.go | 22 +- .../zz_generated.prerelease-lifecycle.go | 22 +- .../api/authentication/v1/generated.proto | 2 +- .../authentication/v1beta1/generated.proto | 2 +- .../api/authorization/v1/generated.proto | 2 +- .../api/authorization/v1beta1/generated.proto | 2 +- .../k8s.io/api/autoscaling/v1/generated.pb.go | 937 +- .../k8s.io/api/autoscaling/v1/generated.proto | 85 +- vendor/k8s.io/api/autoscaling/v1/types.go | 81 +- .../v1/types_swagger_doc_generated.go | 50 +- .../autoscaling/v1/zz_generated.deepcopy.go | 58 + .../api/autoscaling/v2beta1/generated.pb.go | 942 +- .../api/autoscaling/v2beta1/generated.proto | 85 +- .../k8s.io/api/autoscaling/v2beta1/types.go | 81 +- .../v2beta1/types_swagger_doc_generated.go | 50 +- .../v2beta1/zz_generated.deepcopy.go | 58 + .../api/autoscaling/v2beta2/generated.pb.go | 913 +- .../api/autoscaling/v2beta2/generated.proto | 65 +- .../k8s.io/api/autoscaling/v2beta2/types.go | 65 +- .../v2beta2/types_swagger_doc_generated.go | 48 +- .../v2beta2/zz_generated.deepcopy.go | 44 + vendor/k8s.io/api/batch/v1/generated.proto | 4 +- vendor/k8s.io/api/batch/v1/types.go | 2 + .../batch/v1/types_swagger_doc_generated.go | 4 +- .../k8s.io/api/batch/v1beta1/generated.proto | 2 +- .../k8s.io/api/batch/v2alpha1/generated.proto | 2 +- .../api/certificates/v1/generated.proto | 2 +- .../api/certificates/v1beta1/generated.proto | 2 +- .../api/coordination/v1/generated.proto | 2 +- .../api/coordination/v1beta1/generated.proto | 2 +- vendor/k8s.io/api/core/v1/generated.pb.go | 2671 +- vendor/k8s.io/api/core/v1/generated.proto | 228 +- vendor/k8s.io/api/core/v1/resource.go | 51 +- vendor/k8s.io/api/core/v1/types.go | 267 +- .../core/v1/types_swagger_doc_generated.go | 57 +- .../k8s.io/api/core/v1/well_known_labels.go | 14 +- .../api/core/v1/zz_generated.deepcopy.go | 64 +- .../api/discovery/v1alpha1/generated.pb.go | 215 +- .../api/discovery/v1alpha1/generated.proto | 31 +- vendor/k8s.io/api/discovery/v1alpha1/types.go | 28 +- .../v1alpha1/types_swagger_doc_generated.go | 11 +- .../v1alpha1/zz_generated.deepcopy.go | 15 + .../api/discovery/v1beta1/generated.pb.go | 214 +- .../api/discovery/v1beta1/generated.proto | 31 +- vendor/k8s.io/api/discovery/v1beta1/types.go | 34 +- .../v1beta1/types_swagger_doc_generated.go | 11 +- .../v1beta1/zz_generated.deepcopy.go | 15 + vendor/k8s.io/api/events/v1/generated.proto | 18 +- vendor/k8s.io/api/events/v1/types.go | 19 +- .../events/v1/types_swagger_doc_generated.go | 8 +- .../k8s.io/api/events/v1beta1/generated.proto | 8 +- vendor/k8s.io/api/events/v1beta1/types.go | 9 +- .../v1beta1/types_swagger_doc_generated.go | 2 +- .../api/extensions/v1beta1/generated.proto | 2 +- vendor/k8s.io/api/extensions/v1beta1/types.go | 24 +- .../zz_generated.prerelease-lifecycle.go | 24 +- vendor/k8s.io/api/flowcontrol/v1alpha1/doc.go | 1 + .../api/flowcontrol/v1alpha1/generated.proto | 2 +- .../k8s.io/api/flowcontrol/v1alpha1/types.go | 22 + .../zz_generated.prerelease-lifecycle.go | 121 + .../flowcontrol/v1beta1/doc.go} | 12 +- .../api/flowcontrol/v1beta1/generated.pb.go | 5433 ++ .../api/flowcontrol/v1beta1/generated.proto | 434 + .../api/flowcontrol/v1beta1/register.go | 58 + .../k8s.io/api/flowcontrol/v1beta1/types.go | 529 + .../v1beta1/types_swagger_doc_generated.go | 258 + .../v1beta1/zz_generated.deepcopy.go | 541 + .../zz_generated.prerelease-lifecycle.go | 93 + .../api/imagepolicy/v1alpha1/generated.proto | 2 +- .../k8s.io/api/networking/v1/generated.proto | 2 +- .../api/networking/v1beta1/generated.proto | 2 +- .../api/{settings/v1alpha1 => node/v1}/doc.go | 6 +- vendor/k8s.io/api/node/v1/generated.pb.go | 1411 + vendor/k8s.io/api/node/v1/generated.proto | 109 + vendor/k8s.io/api/node/v1/register.go | 52 + vendor/k8s.io/api/node/v1/types.go | 107 + .../node/v1/types_swagger_doc_generated.go | 71 + .../v1}/zz_generated.deepcopy.go | 99 +- .../k8s.io/api/node/v1alpha1/generated.proto | 6 +- vendor/k8s.io/api/node/v1alpha1/types.go | 4 +- .../v1alpha1/types_swagger_doc_generated.go | 2 +- .../k8s.io/api/node/v1beta1/generated.proto | 6 +- vendor/k8s.io/api/node/v1beta1/types.go | 4 +- .../v1beta1/types_swagger_doc_generated.go | 2 +- .../k8s.io/api/policy/v1beta1/generated.proto | 2 +- vendor/k8s.io/api/rbac/v1/generated.proto | 2 +- .../k8s.io/api/rbac/v1alpha1/generated.proto | 2 +- .../k8s.io/api/rbac/v1beta1/generated.proto | 2 +- .../k8s.io/api/scheduling/v1/generated.proto | 2 +- .../api/scheduling/v1alpha1/generated.proto | 2 +- .../api/scheduling/v1beta1/generated.proto | 2 +- .../api/settings/v1alpha1/generated.pb.go | 1053 - .../api/settings/v1alpha1/generated.proto | 75 - vendor/k8s.io/api/settings/v1alpha1/types.go | 70 - .../v1alpha1/types_swagger_doc_generated.go | 61 - vendor/k8s.io/api/storage/v1/generated.pb.go | 483 +- vendor/k8s.io/api/storage/v1/generated.proto | 52 +- vendor/k8s.io/api/storage/v1/types.go | 51 + .../storage/v1/types_swagger_doc_generated.go | 12 + .../api/storage/v1/zz_generated.deepcopy.go | 33 + .../api/storage/v1alpha1/generated.proto | 2 +- .../api/storage/v1beta1/generated.pb.go | 486 +- .../api/storage/v1beta1/generated.proto | 52 +- vendor/k8s.io/api/storage/v1beta1/types.go | 51 + .../v1beta1/types_swagger_doc_generated.go | 12 + .../storage/v1beta1/zz_generated.deepcopy.go | 33 + .../pkg/apis/apiextensions/v1/generated.proto | 2 +- .../apiextensions/v1beta1/generated.proto | 2 +- .../pkg/apiserver/customresource_handler.go | 49 +- .../apiserver/schema/defaulting/algorithm.go | 26 +- .../apiserver/schema/defaulting/prunenulls.go | 66 + .../apiserver/schema/defaulting/validation.go | 7 +- .../pkg/apiserver/schema/kubeopenapi.go | 151 + .../pkg/apiserver/schema/objectmeta/coerce.go | 2 +- .../pkg/apiserver/schema/skeleton.go | 17 - .../pkg/apiserver/validation/formats.go | 2 +- .../pkg/apiserver/validation/validation.go | 8 +- .../pkg/cmd/server/options/options.go | 8 + .../nonstructuralschema_controller.go | 6 + .../pkg/controller/openapi/builder/builder.go | 6 - .../pkg/controller/openapi/controller.go | 3 +- .../pkg/controller/openapi/v2/conversion.go | 15 + .../generated/openapi/zz_generated.openapi.go | 426 +- .../pkg/registry/customresource/strategy.go | 3 +- .../pkg/registry/customresource/validator.go | 3 +- .../registry/customresourcedefinition/etcd.go | 9 + .../test/integration/fixtures/resources.go | 3 + .../apimachinery/pkg/api/meta/conditions.go | 1 + .../k8s.io/apimachinery/pkg/api/meta/meta.go | 4 - .../apimachinery/pkg/api/meta/restmapper.go | 3 + .../pkg/api/resource/generated.proto | 2 +- .../apimachinery/pkg/api/resource/quantity.go | 36 +- .../apimachinery/pkg/apis/meta/v1/OWNERS | 1 - .../pkg/apis/meta/v1/generated.proto | 3 +- .../pkg/apis/meta/v1/group_version.go | 9 + .../apimachinery/pkg/apis/meta/v1/helpers.go | 14 + .../pkg/apis/meta/v1/micro_time.go | 15 - .../pkg/apis/meta/v1/micro_time_fuzz.go | 39 + .../apimachinery/pkg/apis/meta/v1/time.go | 15 - .../pkg/apis/meta/v1/time_fuzz.go | 39 + .../apimachinery/pkg/apis/meta/v1/types.go | 1 + .../pkg/apis/meta/v1/unstructured/helpers.go | 8 - .../unstructured/unstructuredscheme/scheme.go | 6 +- .../pkg/apis/meta/v1beta1/generated.proto | 2 +- .../apimachinery/pkg/conversion/converter.go | 598 +- .../k8s.io/apimachinery/pkg/labels/labels.go | 19 - .../apimachinery/pkg/labels/selector.go | 50 +- .../apimachinery/pkg/runtime/converter.go | 3 + .../apimachinery/pkg/runtime/generated.proto | 2 +- .../apimachinery/pkg/runtime/interfaces.go | 2 +- .../apimachinery/pkg/runtime/negotiate.go | 33 - .../pkg/runtime/schema/generated.proto | 2 +- .../pkg/runtime/schema/interfaces.go | 4 +- .../k8s.io/apimachinery/pkg/runtime/scheme.go | 30 +- .../pkg/runtime/serializer/codec_factory.go | 12 +- .../pkg/runtime/serializer/json/json.go | 23 +- .../runtime/serializer/protobuf/protobuf.go | 4 + .../apimachinery/pkg/types/namespacedname.go | 6 +- .../apimachinery/pkg/util/cache/expiring.go | 2 +- .../apimachinery/pkg/util/clock/clock.go | 18 +- .../apimachinery/pkg/util/errors/errors.go | 2 +- .../apimachinery/pkg/util/framer/framer.go | 3 + .../pkg/util/httpstream/spdy/connection.go | 50 +- .../pkg/util/httpstream/spdy/roundtripper.go | 49 +- .../pkg/util/httpstream/spdy/upgrade.go | 17 +- .../pkg/util/intstr/generated.proto | 2 +- .../pkg/util/intstr/instr_fuzz.go} | 30 +- .../apimachinery/pkg/util/intstr/intstr.go | 70 +- .../k8s.io/apimachinery/pkg/util/json/json.go | 33 +- .../k8s.io/apimachinery/pkg/util/net/http.go | 51 +- .../apimachinery/pkg/util/net/port_range.go | 2 +- .../apimachinery/pkg/util/runtime/runtime.go | 4 +- .../pkg/util/validation/field/path.go | 3 + .../pkg/util/validation/validation.go | 6 +- .../apimachinery/pkg/util/version/version.go | 5 +- .../k8s.io/apimachinery/pkg/util/wait/wait.go | 29 + .../apimachinery/pkg/util/yaml/decoder.go | 31 + vendor/k8s.io/apimachinery/pkg/watch/mux.go | 65 +- .../apimachinery/pkg/watch/streamwatcher.go | 2 +- vendor/k8s.io/apimachinery/pkg/watch/watch.go | 2 +- vendor/k8s.io/apiserver/pkg/admission/BUILD | 1 + .../apiserver/pkg/admission/initializer/BUILD | 1 + .../pkg/admission/initializer/interfaces.go | 7 + .../pkg/admission/plugin}/resourcequota/BUILD | 34 +- .../plugin}/resourcequota/admission.go | 22 +- .../resourcequota/apis/resourcequota/BUILD | 13 +- .../resourcequota/apis/resourcequota}/doc.go | 3 +- .../apis/resourcequota/install/BUILD | 34 + .../apis/resourcequota/install/install.go | 8 +- .../apis/resourcequota/register.go | 0 .../resourcequota/apis/resourcequota/types.go | 0 .../apis/resourcequota/v1}/BUILD | 5 +- .../apis/resourcequota/v1/defaults.go | 0 .../apis/resourcequota/v1/doc.go | 4 +- .../apis/resourcequota/v1/register.go | 0 .../apis/resourcequota/v1/types.go | 0 .../v1/zz_generated.conversion.go | 2 +- .../resourcequota/v1/zz_generated.deepcopy.go | 0 .../resourcequota/v1/zz_generated.defaults.go | 0 .../apis/resourcequota/v1alpha1/BUILD | 5 +- .../apis/resourcequota/v1alpha1/defaults.go | 0 .../apis/resourcequota/v1alpha1/doc.go | 4 +- .../apis/resourcequota/v1alpha1/register.go | 0 .../apis/resourcequota/v1alpha1/types.go | 0 .../v1alpha1/zz_generated.conversion.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 0 .../v1alpha1/zz_generated.defaults.go | 0 .../apis/resourcequota/v1beta1}/BUILD | 5 +- .../apis/resourcequota/v1beta1/defaults.go | 0 .../apis/resourcequota/v1beta1/doc.go | 4 +- .../apis/resourcequota/v1beta1/register.go | 0 .../apis/resourcequota/v1beta1/types.go | 0 .../v1beta1/zz_generated.conversion.go | 2 +- .../v1beta1/zz_generated.deepcopy.go | 0 .../v1beta1/zz_generated.defaults.go | 0 .../apis/resourcequota/validation/BUILD | 7 +- .../resourcequota/validation/validation.go | 4 +- .../resourcequota/zz_generated.deepcopy.go | 0 .../admission/plugin}/resourcequota/config.go | 6 +- .../plugin}/resourcequota/controller.go | 6 +- .../admission/plugin}/resourcequota/doc.go | 2 +- .../plugin}/resourcequota/resource_access.go | 0 .../admission/plugin/webhook/generic/BUILD | 3 + .../plugin/webhook/generic/webhook.go | 25 +- .../plugin/webhook/mutating/dispatcher.go | 2 +- .../apiserver/pkg/apis/apiserver/types.go | 3 +- .../pkg/apis/apiserver/v1alpha1/types.go | 3 +- .../pkg/apis/apiserver/v1beta1/types.go | 3 +- vendor/k8s.io/apiserver/pkg/apis/audit/OWNERS | 9 - .../pkg/apis/audit/v1/generated.proto | 2 +- .../pkg/apis/audit/v1alpha1/generated.proto | 2 +- .../pkg/apis/audit/v1beta1/generated.proto | 2 +- .../pkg/apis/flowcontrol/bootstrap/BUILD | 2 +- .../pkg/apis/flowcontrol/bootstrap/default.go | 10 +- vendor/k8s.io/apiserver/pkg/audit/OWNERS | 9 - .../authentication/authenticatorfactory/BUILD | 1 + .../authenticatorfactory/delegating.go | 11 +- .../request/bearertoken/bearertoken.go | 2 +- .../pkg/authentication/request/x509/OWNERS | 9 - .../pkg/authentication/request/x509/x509.go | 29 +- .../pkg/authentication/serviceaccount/BUILD | 14 +- .../pkg/authentication/serviceaccount/util.go | 89 + .../apiserver/pkg/authentication/user/user.go | 1 + .../pkg/authorization/authorizerfactory/BUILD | 1 + .../authorization/authorizerfactory/OWNERS | 5 - .../authorizerfactory/delegating.go | 12 + .../pkg/authorization/union/union.go | 2 +- vendor/k8s.io/apiserver/pkg/endpoints/BUILD | 2 + .../pkg/endpoints/filterlatency/BUILD | 35 + .../endpoints/filterlatency/filterlatency.go | 96 + .../apiserver/pkg/endpoints/filters/BUILD | 3 + .../apiserver/pkg/endpoints/filters/OWNERS | 6 - .../pkg/endpoints/filters/storageversion.go | 121 + .../apiserver/pkg/endpoints/groupversion.go | 22 +- .../apiserver/pkg/endpoints/handlers/BUILD | 4 +- .../pkg/endpoints/handlers/create.go | 21 +- .../pkg/endpoints/handlers/delete.go | 2 +- .../pkg/endpoints/handlers/fieldmanager/BUILD | 8 + .../endpoints/handlers/fieldmanager/OWNERS | 5 - .../handlers/fieldmanager/capmanagers.go | 2 +- .../handlers/fieldmanager/fieldmanager.go | 95 +- .../handlers/fieldmanager/internal/BUILD | 11 - .../fieldmanager/internal/gvkparser.go | 14 +- .../fieldmanager/lastappliedmanager.go | 5 +- .../fieldmanager/managedfieldsupdater.go | 6 +- .../handlers/fieldmanager/structuredmerge.go | 10 +- .../{internal => }/typeconverter.go | 7 +- .../{internal => }/versionconverter.go | 6 +- .../apiserver/pkg/endpoints/handlers/patch.go | 23 +- .../apiserver/pkg/endpoints/handlers/rest.go | 82 + .../pkg/endpoints/handlers/update.go | 7 + .../apiserver/pkg/endpoints/installer.go | 125 +- .../apiserver/pkg/endpoints/metrics/BUILD | 1 + .../apiserver/pkg/endpoints/metrics/OWNERS | 5 - .../pkg/endpoints/metrics/metrics.go | 69 +- .../apiserver/pkg/endpoints/openapi/OWNERS | 4 - .../apiserver/pkg/endpoints/request/OWNERS | 4 - .../pkg/endpoints/request/requestinfo.go | 2 +- vendor/k8s.io/apiserver/pkg/features/OWNERS | 4 - .../apiserver/pkg/features/kube_features.go | 53 +- .../pkg/quota/v1/BUILD | 7 +- .../pkg/quota/v1/generic/BUILD | 5 +- .../pkg/quota/v1/generic/configuration.go | 2 +- .../pkg/quota/v1/generic/evaluator.go | 2 +- .../pkg/quota/v1/generic/registry.go | 2 +- .../pkg/quota/v1/interfaces.go | 2 +- .../pkg/quota/v1/resources.go | 2 +- .../apiserver/pkg/registry/generic/OWNERS | 29 - .../pkg/registry/generic/registry/dryrun.go | 4 +- .../generic/registry/storage_factory.go | 2 +- .../pkg/registry/generic/registry/store.go | 8 +- .../pkg/registry/generic/storage_decorator.go | 6 +- .../k8s.io/apiserver/pkg/registry/rest/OWNERS | 24 - vendor/k8s.io/apiserver/pkg/server/BUILD | 3 + vendor/k8s.io/apiserver/pkg/server/config.go | 73 +- .../apiserver/pkg/server/egressselector/BUILD | 1 + .../pkg/server/egressselector/config.go | 35 +- .../server/egressselector/egress_selector.go | 15 +- .../k8s.io/apiserver/pkg/server/filters/BUILD | 11 +- .../apiserver/pkg/server/filters/OWNERS | 5 - .../apiserver/pkg/server/filters/goaway.go | 6 +- .../pkg/server/filters/maxinflight.go | 47 +- .../server/filters/priority-and-fairness.go | 31 +- .../apiserver/pkg/server/filters/wrap.go | 2 +- .../apiserver/pkg/server/genericapiserver.go | 36 +- vendor/k8s.io/apiserver/pkg/server/mux/OWNERS | 4 - .../k8s.io/apiserver/pkg/server/options/BUILD | 2 + .../apiserver/pkg/server/options/OWNERS | 16 - .../apiserver/pkg/server/options/audit.go | 10 +- .../pkg/server/options/authentication.go | 43 +- .../pkg/server/options/authorization.go | 33 +- .../pkg/server/options/egress_selector.go | 3 +- .../server/options/encryptionconfig/OWNERS | 9 - .../apiserver/pkg/server/options/etcd.go | 3 + .../pkg/server/options/recommended.go | 2 +- .../k8s.io/apiserver/pkg/server/routes/OWNERS | 4 - .../apiserver/pkg/server/routes/openapi.go | 1 + .../pkg/server/storage/resource_config.go | 6 +- vendor/k8s.io/apiserver/pkg/storage/OWNERS | 28 - .../k8s.io/apiserver/pkg/storage/cacher/BUILD | 3 - .../apiserver/pkg/storage/cacher/cacher.go | 40 +- .../pkg/storage/cacher/time_budget.go | 17 +- .../pkg/storage/cacher/watch_cache.go | 31 +- .../k8s.io/apiserver/pkg/storage/etcd3/OWNERS | 7 - .../apiserver/pkg/storage/etcd3/event.go | 20 +- .../pkg/storage/etcd3/metrics/metrics.go | 14 + .../apiserver/pkg/storage/etcd3/store.go | 16 +- .../apiserver/pkg/storage/etcd3/watcher.go | 50 +- .../apiserver/pkg/storage/interfaces.go | 11 +- .../pkg/storage/storagebackend/OWNERS | 8 - .../pkg/storage/storagebackend/config.go | 4 + .../pkg/storage/storagebackend/factory/BUILD | 1 + .../storage/storagebackend/factory/etcd3.go | 11 +- .../storage/storagebackend/factory/factory.go | 5 +- .../pkg/storageversion}/BUILD | 29 +- .../apiserver/pkg/storageversion/manager.go | 277 + .../apiserver/pkg/storageversion/updater.go | 128 + .../apiserver/pkg/util/apihelpers/BUILD | 2 +- .../apiserver/pkg/util/apihelpers/helpers.go | 2 +- .../apiserver/pkg/util/flowcontrol/BUILD | 10 +- .../pkg/util/flowcontrol/apf_controller.go | 169 +- .../util/flowcontrol/apf_controller_debug.go | 22 - .../pkg/util/flowcontrol/apf_filter.go | 12 +- .../pkg/util/flowcontrol/debug/dump.go | 3 +- .../fairqueuing/queueset/queueset.go | 18 + .../pkg/util/flowcontrol/format/BUILD | 2 +- .../pkg/util/flowcontrol/format/formatting.go | 74 +- .../pkg/util/flowcontrol/metrics/metrics.go | 82 +- .../metrics/sample_and_watermark.go | 55 +- .../apiserver/pkg/util/flowcontrol/rule.go | 38 +- .../k8s.io/apiserver/pkg/util/webhook/BUILD | 1 + .../pkg/util/webhook/authentication.go | 2 +- .../apiserver/pkg/util/webhook/webhook.go | 72 +- .../apiserver/plugin/pkg/audit/webhook/BUILD | 2 + .../plugin/pkg/audit/webhook/webhook.go | 21 +- .../pkg/authenticator/token/oidc/OWNERS | 7 - .../pkg/authenticator/token/webhook/BUILD | 2 + .../authenticator/token/webhook/webhook.go | 31 +- .../plugin/pkg/authorizer/webhook/BUILD | 2 + .../plugin/pkg/authorizer/webhook/webhook.go | 28 +- .../cli-runtime/pkg/resource/builder.go | 21 + .../pkg/resource/metadata_decoder.go | 2 +- .../client-go/discovery/discovery_client.go | 2 +- vendor/k8s.io/client-go/informers/BUILD | 8 +- .../{settings => apiserverinternal}/BUILD | 17 +- .../interface.go | 4 +- .../apiserverinternal/v1alpha1/BUILD | 36 + .../v1alpha1/interface.go | 10 +- .../v1alpha1/storageversion.go | 89 + vendor/k8s.io/client-go/informers/factory.go | 12 +- .../client-go/informers/flowcontrol/BUILD | 2 + .../informers/flowcontrol/interface.go | 8 + .../informers/flowcontrol/v1beta1/BUILD | 37 + .../v1beta1/flowschema.go} | 45 +- .../flowcontrol/v1beta1/interface.go | 52 + .../v1beta1/prioritylevelconfiguration.go | 89 + vendor/k8s.io/client-go/informers/generic.go | 22 +- vendor/k8s.io/client-go/informers/node/BUILD | 2 + .../client-go/informers/node/interface.go | 8 + .../{settings/v1alpha1 => node/v1}/BUILD | 19 +- .../client-go/informers/node/v1/interface.go | 45 + .../informers/node/v1/runtimeclass.go | 89 + vendor/k8s.io/client-go/kubernetes/BUILD | 8 +- .../k8s.io/client-go/kubernetes/clientset.go | 56 +- vendor/k8s.io/client-go/kubernetes/fake/BUILD | 12 +- .../kubernetes/fake/clientset_generated.go | 28 +- .../client-go/kubernetes/fake/register.go | 8 +- .../k8s.io/client-go/kubernetes/scheme/BUILD | 4 +- .../client-go/kubernetes/scheme/register.go | 8 +- .../typed/apiserverinternal/v1alpha1/BUILD | 39 + .../v1alpha1/apiserverinternal_client.go} | 32 +- .../v1alpha1/doc.go | 0 .../apiserverinternal/v1alpha1/fake/BUILD | 38 + .../v1alpha1/fake/doc.go | 0 .../fake/fake_apiserverinternal_client.go} | 10 +- .../v1alpha1/fake/fake_storageversion.go | 133 + .../v1alpha1/generated_expansion.go | 2 +- .../v1alpha1/storageversion.go | 184 + .../typed/flowcontrol/v1beta1/BUILD | 40 + .../typed/flowcontrol/v1beta1/doc.go | 20 + .../typed/flowcontrol/v1beta1/fake/BUILD | 39 + .../typed/flowcontrol/v1beta1/fake/doc.go | 20 + .../v1beta1/fake/fake_flowcontrol_client.go | 44 + .../v1beta1/fake/fake_flowschema.go | 133 + .../fake/fake_prioritylevelconfiguration.go | 133 + .../flowcontrol/v1beta1/flowcontrol_client.go | 94 + .../typed/flowcontrol/v1beta1/flowschema.go | 184 + .../v1beta1/generated_expansion.go | 23 + .../v1beta1/prioritylevelconfiguration.go | 184 + .../{settings/v1alpha1 => node/v1}/BUILD | 21 +- .../client-go/kubernetes/typed/node/v1/doc.go | 20 + .../{settings/v1alpha1 => node/v1}/fake/BUILD | 21 +- .../kubernetes/typed/node/v1/fake/doc.go | 20 + .../typed/node/v1/fake/fake_node_client.go | 40 + .../typed/node/v1/fake/fake_runtimeclass.go | 122 + .../typed/node/v1/generated_expansion.go | 21 + .../kubernetes/typed/node/v1/node_client.go | 89 + .../kubernetes/typed/node/v1/runtimeclass.go | 168 + .../settings/v1alpha1/fake/fake_podpreset.go | 130 - .../typed/settings/v1alpha1/podpreset.go | 178 - .../listers/apiserverinternal/v1alpha1/BUILD | 32 + .../v1alpha1/expansion_generated.go | 10 +- .../v1alpha1/storageversion.go | 68 + .../listers/flowcontrol/v1beta1/BUILD | 33 + .../v1beta1/expansion_generated.go | 27 + .../listers/flowcontrol/v1beta1/flowschema.go | 68 + .../v1beta1/prioritylevelconfiguration.go | 68 + .../{settings/v1alpha1 => node/v1}/BUILD | 17 +- .../listers/node/v1/expansion_generated.go | 23 + .../client-go/listers/node/v1/runtimeclass.go | 68 + .../listers/settings/v1alpha1/podpreset.go | 99 - vendor/k8s.io/client-go/metadata/BUILD | 56 - vendor/k8s.io/client-go/metadata/interface.go | 49 - vendor/k8s.io/client-go/metadata/metadata.go | 307 - .../client-go/metadata/metadatainformer/BUILD | 52 - .../metadata/metadatainformer/informer.go | 157 - .../metadata/metadatainformer/interface.go | 34 - .../metadata/metadatalister/interface.go | 40 - .../metadata/metadatalister/lister.go | 91 - .../client-go/metadata/metadatalister/shim.go | 87 - .../pkg/apis/clientauthentication/OWNERS | 9 - .../pkg/apis/clientauthentication/types.go | 69 +- .../apis/clientauthentication/v1alpha1/BUILD | 1 + .../v1alpha1/conversion.go | 27 + .../clientauthentication/v1alpha1/types.go | 6 +- .../v1alpha1/zz_generated.conversion.go | 16 +- .../v1beta1/conversion.go | 8 +- .../clientauthentication/v1beta1/types.go | 74 +- .../v1beta1/zz_generated.conversion.go | 62 + .../v1beta1/zz_generated.deepcopy.go | 29 +- .../zz_generated.deepcopy.go | 29 + .../client-go/plugin/pkg/client/auth/OWNERS | 9 - .../plugin/pkg/client/auth/exec/exec.go | 58 +- .../plugin/pkg/client/auth/gcp/OWNERS | 8 - .../plugin/pkg/client/auth/gcp/gcp.go | 6 +- .../plugin/pkg/client/auth/oidc/OWNERS | 7 - vendor/k8s.io/client-go/rest/BUILD | 8 + vendor/k8s.io/client-go/rest/OWNERS | 25 - vendor/k8s.io/client-go/rest/config.go | 30 +- vendor/k8s.io/client-go/rest/exec.go | 85 + vendor/k8s.io/client-go/rest/request.go | 22 +- vendor/k8s.io/client-go/rest/transport.go | 11 +- vendor/k8s.io/client-go/rest/warnings.go | 7 +- .../restmapper/category_expansion.go | 2 +- .../k8s.io/client-go/restmapper/shortcut.go | 2 +- vendor/k8s.io/client-go/scale/client.go | 2 - vendor/k8s.io/client-go/scale/patch_dc.go | 28 - vendor/k8s.io/client-go/tools/auth/BUILD | 5 +- vendor/k8s.io/client-go/tools/auth/OWNERS | 9 - .../k8s.io/client-go/tools/auth/clientauth.go | 4 +- vendor/k8s.io/client-go/tools/cache/OWNERS | 43 - .../client-go/tools/cache/controller.go | 4 + .../client-go/tools/cache/delta_fifo.go | 34 +- .../k8s.io/client-go/tools/cache/reflector.go | 27 +- .../client-go/tools/cache/shared_informer.go | 4 +- .../client-go/tools/clientcmd/api/types.go | 42 +- .../client-go/tools/clientcmd/api/v1/types.go | 13 +- .../api/v1/zz_generated.conversion.go | 23 +- .../clientcmd/api/zz_generated.deepcopy.go | 3 + .../tools/clientcmd/client_config.go | 12 +- .../client-go/tools/clientcmd/config.go | 5 +- .../client-go/tools/clientcmd/loader.go | 4 + vendor/k8s.io/client-go/tools/events/OWNERS | 8 - .../tools/events/event_broadcaster.go | 16 +- .../client-go/tools/leaderelection/OWNERS | 13 - .../tools/leaderelection/leaderelection.go | 18 +- .../tools/leaderelection/resourcelock/BUILD | 2 + .../resourcelock/configmaplock.go | 15 +- .../resourcelock/endpointslock.go | 15 +- .../leaderelection/resourcelock/interface.go | 16 + .../leaderelection/resourcelock/leaselock.go | 11 +- vendor/k8s.io/client-go/tools/metrics/OWNERS | 6 - vendor/k8s.io/client-go/tools/record/OWNERS | 28 - vendor/k8s.io/client-go/tools/record/event.go | 2 +- vendor/k8s.io/client-go/tools/record/fake.go | 16 +- vendor/k8s.io/client-go/transport/OWNERS | 9 - vendor/k8s.io/client-go/transport/cache.go | 49 +- vendor/k8s.io/client-go/transport/config.go | 8 +- .../client-go/transport/round_trippers.go | 8 +- vendor/k8s.io/client-go/util/cert/OWNERS | 9 - .../k8s.io/client-go/util/certificate/OWNERS | 9 - .../util/certificate/certificate_manager.go | 2 +- .../client-go/util/jsonpath/jsonpath.go | 16 +- vendor/k8s.io/client-go/util/keyutil/OWNERS | 7 - vendor/k8s.io/client-go/util/retry/OWNERS | 4 - vendor/k8s.io/cloud-provider/BUILD | 4 + vendor/k8s.io/cloud-provider/OWNERS | 38 - vendor/k8s.io/cloud-provider/cloud.go | 30 +- vendor/k8s.io/cloud-provider/go.mod | 25 +- vendor/k8s.io/cloud-provider/go.sum | 325 +- .../cloud-provider/volume/helpers/zones.go | 8 +- vendor/k8s.io/component-base/config/types.go | 5 +- .../config/v1alpha1/defaults.go | 3 +- .../component-base/config/v1alpha1/types.go | 5 +- .../v1alpha1/zz_generated.conversion.go | 2 + .../component-base/logs/datapol/datapol.go | 99 + .../logs/datapol/externaltypes.go | 49 + vendor/k8s.io/component-base/logs/options.go | 9 +- .../logs/sanitization/sanitization.go | 69 + .../k8s.io/component-base/metrics/metric.go | 3 - .../metrics/processstarttime.go | 8 +- .../metrics/testutil/metrics.go | 24 +- .../metrics/testutil/promlint.go | 5 - .../component-helpers}/LICENSE | 0 .../apimachinery/lease}/controller.go | 85 +- .../reconciliation/clusterrole_interfaces.go | 3 +- .../clusterrolebinding_interfaces.go | 3 +- .../auth}/rbac/reconciliation/namespace.go | 0 .../rbac/reconciliation/reconcile_role.go | 2 +- .../reconciliation/reconcile_rolebindings.go | 0 .../rbac/reconciliation/role_interfaces.go | 3 +- .../reconciliation/rolebinding_interfaces.go | 3 +- .../reconciliation/zz_generated.deepcopy.go | 0 .../rbac/validation/policy_comparator.go | 0 .../scheduling/corev1/doc.go | 23 + .../scheduling/corev1/helpers.go | 45 + .../corev1/nodeaffinity/nodeaffinity.go | 262 + .../controller-manager}/LICENSE | 4 +- .../pkg/clientbuilder/BUILD | 41 + .../pkg/clientbuilder}/client_builder.go | 32 +- .../pkg/apis/runtime/v1alpha2/api.pb.go | 1733 +- .../pkg/apis/runtime/v1alpha2/api.proto | 64 +- vendor/k8s.io/csi-translation-lib/go.mod | 16 +- vendor/k8s.io/csi-translation-lib/go.sum | 269 +- .../csi-translation-lib/plugins/azure_file.go | 9 +- .../plugins/const.go} | 19 +- .../csi-translation-lib/plugins/gce_pd.go | 5 +- .../plugins/in_tree_volume.go | 11 +- vendor/k8s.io/klog/v2/README.md | 6 +- vendor/k8s.io/klog/v2/SECURITY.md | 22 + vendor/k8s.io/klog/v2/klog.go | 168 +- .../apis/apiregistration/v1/generated.proto | 2 +- .../apiregistration/v1beta1/generated.proto | 2 +- .../kube-aggregator/pkg/apiserver/BUILD | 1 + .../pkg/apiserver/apiserver.go | 63 +- .../openapi/aggregator/aggregator.go | 7 +- .../pkg/controllers/status/BUILD | 6 +- .../status/available_controller.go | 109 +- .../pkg/controllers/status/metrics.go | 132 +- .../pkg/registry/apiservice/etcd/etcd.go | 8 + .../kube-openapi/pkg/builder/openapi.go | 4 +- .../k8s.io/kube-openapi/pkg/common/common.go | 66 +- .../pkg/handler/default_pruning.go | 208 + .../k8s.io/kube-openapi/pkg/schemaconv/smd.go | 30 +- .../kube-openapi/pkg/util/proto/document.go | 62 +- .../kube-openapi/pkg/util/proto/openapi.go | 7 + .../pkg/validation}/errors/.gitignore | 0 .../pkg/validation}/errors/LICENSE | 0 .../pkg/validation/errors/api.go} | 47 +- .../pkg/validation}/errors/doc.go | 0 .../pkg/validation/errors/headers.go} | 43 +- .../pkg/validation}/errors/schema.go | 43 +- .../pkg/validation/spec}/.gitignore | 0 .../kube-openapi/pkg/validation/spec}/LICENSE | 0 .../pkg/validation/spec/external_docs.go} | 14 +- .../pkg/validation/spec/header.go} | 13 +- .../kube-openapi/pkg/validation/spec/info.go | 113 + .../kube-openapi/pkg/validation/spec/ref.go | 167 + .../pkg/validation/spec/schema.go | 532 + .../pkg/validation/spec/swagger.go | 244 + .../pkg/validation/strfmt}/.gitignore | 3 - .../pkg/validation/strfmt}/LICENSE | 0 .../pkg/validation}/strfmt/bson.go | 64 +- .../pkg/validation/strfmt/bson}/objectid.go | 79 +- .../pkg/validation}/strfmt/date.go | 50 - .../pkg/validation}/strfmt/default.go | 487 - .../pkg/validation}/strfmt/doc.go | 0 .../pkg/validation}/strfmt/duration.go | 33 +- .../pkg/validation}/strfmt/format.go | 2 +- .../pkg/validation}/strfmt/time.go | 31 - .../pkg/validation/validate}/.gitignore | 0 .../pkg/validation/validate}/LICENSE | 0 .../pkg/validation}/validate/debug.go | 0 .../pkg/validation/validate}/doc.go | 9 +- .../pkg/validation}/validate/formats.go | 10 +- .../pkg/validation/validate/helpers.go | 150 + .../validation}/validate/object_validator.go | 99 +- .../pkg/validation}/validate/options.go | 0 .../pkg/validation/validate/result.go | 207 + .../pkg/validation}/validate/rexp.go | 0 .../pkg/validation}/validate/schema.go | 26 +- .../validation}/validate/schema_messages.go | 8 +- .../pkg/validation/validate/schema_option.go} | 22 +- .../pkg/validation}/validate/schema_props.go | 10 +- .../validation}/validate/slice_validator.go | 10 +- .../pkg/validation}/validate/type.go | 13 +- .../pkg/validation/validate/validator.go | 240 + .../pkg/validation}/validate/values.go | 52 +- .../kube-proxy/config/v1alpha1/types.go | 4 +- vendor/k8s.io/kubectl/pkg/cmd/util/helpers.go | 4 +- .../k8s.io/kubectl/pkg/describe/describe.go | 81 +- .../kubectl/pkg/polymorphichelpers/history.go | 57 +- vendor/k8s.io/kubectl/pkg/scheme/install.go | 2 - .../kubectl/pkg/util/deployment/deployment.go | 4 +- .../kubectl/pkg/util/resource/resource.go | 22 +- .../config/v1alpha1}/doc.go | 6 +- .../kubelet/config/v1alpha1/register.go | 43 + .../k8s.io/kubelet/config/v1alpha1/types.go | 97 + .../config/v1alpha1/zz_generated.deepcopy.go | 110 + vendor/k8s.io/kubelet/config/v1beta1/types.go | 28 +- .../config/v1beta1/zz_generated.deepcopy.go | 2 + .../pkg/apis/credentialprovider/OWNERS | 10 + .../pkg/apis/credentialprovider/doc.go | 20 + .../credentialprovider/install/install.go | 31 + .../pkg/apis/credentialprovider/register.go | 41 + .../pkg/apis/credentialprovider/types.go | 117 + .../apis/credentialprovider/v1alpha1/doc.go | 22 + .../credentialprovider/v1alpha1/register.go | 46 + .../apis/credentialprovider/v1alpha1/types.go | 117 + .../v1alpha1/zz_generated.conversion.go | 136 + .../v1alpha1}/zz_generated.deepcopy.go | 93 +- .../v1alpha1/zz_generated.defaults.go | 32 + .../zz_generated.deepcopy.go | 104 + .../pkg/apis/deviceplugin/v1beta1/api.proto | 2 +- .../apis/deviceplugin/v1beta1/constants.go | 7 +- .../pkg/apis/pluginregistration/v1/api.proto | 2 +- .../pkg/apis/podresources/v1/api.pb.go | 1947 + .../pkg/apis/podresources/v1/api.proto | 60 + .../pkg}/apis/podresources/v1alpha1/api.pb.go | 0 .../pkg}/apis/podresources/v1alpha1/api.proto | 2 +- .../pkg}/apis/stats/v1alpha1/types.go | 0 .../kubernetes/cmd/kube-apiserver/app/BUILD | 11 +- .../cmd/kube-apiserver/app/aggregator.go | 19 +- .../cmd/kube-apiserver/app/options/BUILD | 6 +- .../cmd/kube-apiserver/app/options/options.go | 58 +- .../kube-apiserver/app/options/validation.go | 50 +- .../cmd/kube-apiserver/app/server.go | 110 +- .../kubernetes/cmd/kube-proxy/app/BUILD | 4 +- .../cmd/kube-proxy/app/conntrack.go | 2 +- .../kubernetes/cmd/kube-proxy/app/server.go | 21 +- .../cmd/kube-proxy/app/server_others.go | 45 +- .../k8s.io/kubernetes/cmd/kubelet/app/BUILD | 8 +- .../k8s.io/kubernetes/cmd/kubelet/app/OWNERS | 4 - .../k8s.io/kubernetes/cmd/kubelet/app/auth.go | 3 + .../kubernetes/cmd/kubelet/app/init_others.go | 2 +- .../cmd/kubelet/app/init_windows.go | 32 +- .../kubernetes/cmd/kubelet/app/options/BUILD | 2 +- .../kubelet/app/options/container_runtime.go | 14 +- .../kubelet/app/options/globalflags_linux.go | 1 + .../cmd/kubelet/app/options/options.go | 14 +- .../kubelet/app/options/osflags_windows.go | 6 + .../cmd/kubelet/app/plugins_providers.go | 4 +- .../kubernetes/cmd/kubelet/app/server.go | 77 +- .../openshift-hack/e2e/annotate/rules.go | 25 +- .../kubernetes/openshift-hack/e2e/include.go | 1 - .../admission/admissionenablement/register.go | 2 +- .../openshiftkubeapiserver/patch.go | 2 +- .../k8s.io/kubernetes/pkg/api/endpoints/BUILD | 42 - .../kubernetes/pkg/api/endpoints/OWNERS | 8 - .../kubernetes/pkg/api/endpoints/util.go | 235 - .../pkg/api/persistentvolume/OWNERS | 5 - .../pkg/api/persistentvolumeclaim/OWNERS | 5 - .../pkg/api/persistentvolumeclaim/util.go | 4 +- vendor/k8s.io/kubernetes/pkg/api/pod/BUILD | 4 + vendor/k8s.io/kubernetes/pkg/api/pod/OWNERS | 5 - vendor/k8s.io/kubernetes/pkg/api/pod/util.go | 163 +- .../pkg/api/podsecuritypolicy/BUILD | 1 - .../pkg/api/podsecuritypolicy/OWNERS | 5 - .../pkg/api/podsecuritypolicy/util.go | 6 +- .../k8s.io/kubernetes/pkg/api/service/OWNERS | 5 - .../k8s.io/kubernetes/pkg/api/v1/pod/util.go | 11 - .../kubernetes/pkg/api/v1/resource/helpers.go | 108 +- vendor/k8s.io/kubernetes/pkg/apis/abac/OWNERS | 8 - .../apis/admissionregistration/v1/defaults.go | 3 + .../apis/admissionregistration/v1/register.go | 4 +- .../admissionregistration/v1beta1/defaults.go | 3 + .../admissionregistration/v1beta1/register.go | 4 +- .../validation/validation.go | 2 + .../{settings => apiserverinternal}/BUILD | 20 +- .../pkg/apis/apiserverinternal/doc.go | 22 + .../pkg/apis/apiserverinternal/install/BUILD | 39 + .../install/install.go | 10 +- .../register.go | 25 +- .../pkg/apis/apiserverinternal/types.go | 125 + .../pkg/apis/apiserverinternal/v1alpha1/BUILD | 34 + .../apis/apiserverinternal/v1alpha1/doc.go | 26 + .../v1alpha1/register.go | 10 +- .../v1alpha1/zz_generated.conversion.go | 250 + .../v1alpha1/zz_generated.defaults.go | 32 + .../validation/BUILD | 35 +- .../validation/validation.go | 203 + .../zz_generated.deepcopy.go | 175 + vendor/k8s.io/kubernetes/pkg/apis/apps/OWNERS | 21 - .../pkg/apis/apps/v1/zz_generated.defaults.go | 54 +- .../apps/v1beta1/zz_generated.defaults.go | 28 +- .../apps/v1beta2/zz_generated.defaults.go | 54 +- .../kubernetes/pkg/apis/apps/validation/BUILD | 1 + .../pkg/apis/apps/validation/validation.go | 40 +- .../kubernetes/pkg/apis/authentication/OWNERS | 9 - .../pkg/apis/authentication/types.go | 4 +- .../kubernetes/pkg/apis/authorization/OWNERS | 9 - .../kubernetes/pkg/apis/autoscaling/OWNERS | 19 - .../kubernetes/pkg/apis/autoscaling/types.go | 48 + .../pkg/apis/autoscaling/v1/conversion.go | 49 + .../autoscaling/v1/zz_generated.conversion.go | 86 + .../apis/autoscaling/v2beta1/conversion.go | 48 + .../v2beta1/zz_generated.conversion.go | 86 + .../v2beta2/zz_generated.conversion.go | 160 +- .../pkg/apis/autoscaling/validation/BUILD | 1 + .../apis/autoscaling/validation/validation.go | 79 +- .../apis/autoscaling/zz_generated.deepcopy.go | 44 + .../k8s.io/kubernetes/pkg/apis/batch/OWNERS | 21 - .../k8s.io/kubernetes/pkg/apis/batch/types.go | 2 + .../apis/batch/v1/zz_generated.defaults.go | 15 +- .../batch/v1beta1/zz_generated.defaults.go | 28 +- .../batch/v2alpha1/zz_generated.defaults.go | 28 +- .../pkg/apis/batch/validation/BUILD | 1 + .../pkg/apis/batch/validation/validation.go | 52 +- .../kubernetes/pkg/apis/certificates/OWNERS | 9 - vendor/k8s.io/kubernetes/pkg/apis/core/OWNERS | 42 - .../pkg/apis/core/helper/helpers.go | 40 +- .../kubernetes/pkg/apis/core/install/OWNERS | 10 - .../kubernetes/pkg/apis/core/resource.go | 29 +- .../k8s.io/kubernetes/pkg/apis/core/types.go | 169 +- .../k8s.io/kubernetes/pkg/apis/core/v1/BUILD | 1 - .../k8s.io/kubernetes/pkg/apis/core/v1/OWNERS | 36 - .../kubernetes/pkg/apis/core/v1/defaults.go | 66 +- .../kubernetes/pkg/apis/core/v1/helper/BUILD | 3 - .../pkg/apis/core/v1/helper/helpers.go | 106 - .../pkg/apis/core/v1/validation/validation.go | 7 +- .../apis/core/v1/zz_generated.conversion.go | 48 +- .../pkg/apis/core/v1/zz_generated.defaults.go | 46 +- .../kubernetes/pkg/apis/core/validation/BUILD | 3 +- .../pkg/apis/core/validation/OWNERS | 34 - .../core/validation/conditional_validation.go | 207 +- .../pkg/apis/core/validation/validation.go | 560 +- .../pkg/apis/core/zz_generated.deepcopy.go | 64 +- .../kubernetes/pkg/apis/discovery/types.go | 30 +- .../v1alpha1/zz_generated.conversion.go | 6 + .../v1beta1/zz_generated.conversion.go | 6 + .../apis/discovery/validation/validation.go | 28 +- .../apis/discovery/zz_generated.deepcopy.go | 15 + .../pkg/apis/events/install/install.go | 2 +- .../kubernetes/pkg/apis/extensions/OWNERS | 39 - .../v1beta1/zz_generated.defaults.go | 41 +- .../kubernetes/pkg/apis/flowcontrol/BUILD | 1 + .../pkg/apis/flowcontrol/install/BUILD | 1 + .../pkg/apis/flowcontrol/install/install.go | 4 +- .../apis/flowcontrol/internalbootstrap/BUILD | 5 +- .../internalbootstrap/default-internal.go | 17 +- .../pkg/apis/flowcontrol/v1beta1/BUILD | 35 + .../pkg/apis/flowcontrol/v1beta1/defaults.go | 60 + .../v1alpha1 => flowcontrol/v1beta1}/doc.go | 12 +- .../pkg/apis/flowcontrol/v1beta1/register.go | 46 + .../v1beta1/zz_generated.conversion.go | 790 + .../v1beta1/zz_generated.defaults.go | 68 + .../kubernetes/pkg/apis/imagepolicy/OWNERS | 9 - .../kubernetes/pkg/apis/networking/OWNERS | 8 - .../pkg/apis/networking/validation/BUILD | 16 +- .../validation/conditional_validation.go | 59 - vendor/k8s.io/kubernetes/pkg/apis/node/BUILD | 1 + .../kubernetes/pkg/apis/node/install/BUILD | 1 + .../pkg/apis/node/install/install.go | 11 +- .../k8s.io/kubernetes/pkg/apis/node/types.go | 2 +- .../apis/{settings/v1alpha1 => node/v1}/BUILD | 17 +- .../k8s.io/kubernetes/pkg/apis/node/v1/doc.go | 22 + .../kubernetes/pkg/apis/node/v1/register.go | 39 + .../apis/node/v1/zz_generated.conversion.go | 172 + .../k8s.io/kubernetes/pkg/apis/policy/OWNERS | 10 - vendor/k8s.io/kubernetes/pkg/apis/rbac/OWNERS | 9 - .../pkg/apis/settings/install/BUILD | 32 - .../kubernetes/pkg/apis/settings/types.go | 65 - .../v1alpha1/zz_generated.conversion.go | 189 - .../v1alpha1/zz_generated.defaults.go | 112 - .../apis/settings/validation/validation.go | 69 - .../k8s.io/kubernetes/pkg/apis/storage/OWNERS | 8 - .../kubernetes/pkg/apis/storage/types.go | 51 + .../kubernetes/pkg/apis/storage/v1/BUILD | 1 + .../pkg/apis/storage/v1/defaults.go | 4 + .../storage/v1/zz_generated.conversion.go | 36 + .../kubernetes/pkg/apis/storage/v1beta1/BUILD | 1 + .../pkg/apis/storage/v1beta1/defaults.go | 4 + .../v1beta1/zz_generated.conversion.go | 36 + .../pkg/apis/storage/validation/validation.go | 40 +- .../pkg/apis/storage/zz_generated.deepcopy.go | 33 + .../pkg/{master => cluster}/ports/BUILD | 2 +- .../pkg/{master => cluster}/ports/doc.go | 2 +- .../pkg/{master => cluster}/ports/ports.go | 0 vendor/k8s.io/kubernetes/pkg/controller/BUILD | 14 +- .../k8s.io/kubernetes/pkg/controller/OWNERS | 15 - .../pkg/controller/client_builder_dynamic.go | 6 +- .../kubernetes/pkg/controller/daemon/OWNERS | 8 - .../pkg/controller/daemon/update.go | 2 +- .../deployment/util/deployment_util.go | 6 +- .../pkg/controller/informer_factory.go | 56 - .../kubernetes/pkg/controller/job/OWNERS | 8 - .../pkg/controller/job/job_controller.go | 5 +- .../pkg/controller/nodelifecycle/OWNERS | 12 - .../pkg/controller/replicaset/OWNERS | 8 - .../pkg/controller/replication/OWNERS | 8 - .../pkg/controller/serviceaccount/BUILD | 1 + .../pkg/controller/serviceaccount/OWNERS | 9 - .../serviceaccount/tokens_controller.go | 3 +- .../pkg/controller/volume/scheduling/OWNERS | 9 - .../scheduling/scheduler_assume_cache.go | 3 +- .../volume/scheduling/scheduler_binder.go | 41 +- .../pkg/{master => controlplane}/BUILD | 51 +- .../{master => controlplane}/client_util.go | 2 +- .../{master => controlplane}/controller.go | 6 +- .../controller/apiserverleasegc}/BUILD | 22 +- .../apiserverleasegc/gc_controller.go | 143 + .../clusterauthenticationtrust/BUILD | 2 +- ...cluster_authentication_trust_controller.go | 0 .../controller/crdregistration/BUILD | 2 +- .../crdregistration_controller.go | 0 .../controller/crdregistration/patch.go | 0 .../pkg/controlplane/deleted_kinds.go | 167 + .../k8s.io/kubernetes/pkg/controlplane/doc.go | 19 + .../import_known_versions.go | 4 +- .../master.go => controlplane/instance.go} | 114 +- .../reconcilers/BUILD | 6 +- .../reconcilers/doc.go | 0 .../reconcilers/endpointsadapter.go | 21 +- .../reconcilers/instancecount.go} | 0 .../reconcilers/lease.go | 2 +- .../reconcilers/none.go | 0 .../reconcilers/reconcilers.go | 0 .../pkg/{master => controlplane}/services.go | 2 +- .../{master => controlplane}/tunneler/BUILD | 2 +- .../{master => controlplane}/tunneler/ssh.go | 0 .../kubernetes/pkg/credentialprovider/BUILD | 1 + .../kubernetes/pkg/credentialprovider/OWNERS | 25 - .../pkg/credentialprovider/aws/OWNERS | 6 - .../pkg/credentialprovider/azure/BUILD | 2 + .../pkg/credentialprovider/azure/OWNERS | 14 - .../azure/azure_credentials.go | 108 +- .../pkg/credentialprovider/gcp/OWNERS | 12 - .../pkg/credentialprovider/keyring.go | 27 +- .../pkg/credentialprovider/plugin/BUILD | 58 + .../pkg/credentialprovider/plugin/config.go | 128 + .../pkg/credentialprovider/plugin/plugin.go | 420 + .../pkg/credentialprovider/secrets/BUILD | 12 +- vendor/k8s.io/kubernetes/pkg/features/OWNERS | 4 - .../kubernetes/pkg/features/kube_features.go | 192 +- .../kubernetes/pkg/generated/openapi/BUILD | 1 + .../kubernetes/pkg/generated/openapi/OWNERS | 11 - .../generated/openapi/zz_generated.openapi.go | 9690 ++- .../kubernetes/pkg/kubeapiserver/OWNERS | 17 - .../pkg/kubeapiserver/admission/BUILD | 3 +- .../kubeapiserver/admission/initializer.go | 11 +- .../pkg/kubeapiserver/authenticator/BUILD | 3 +- .../pkg/kubeapiserver/authenticator/OWNERS | 9 - .../pkg/kubeapiserver/authenticator/config.go | 16 +- .../pkg/kubeapiserver/authorizer/BUILD | 1 + .../pkg/kubeapiserver/authorizer/OWNERS | 9 - .../pkg/kubeapiserver/authorizer/config.go | 11 + .../default_storage_factory_builder.go | 12 + .../pkg/kubeapiserver/options/BUILD | 4 +- .../kubeapiserver/options/authentication.go | 291 +- .../kubeapiserver/options/authorization.go | 71 +- .../kubeapiserver/options/cloudprovider.go | 4 + .../pkg/kubeapiserver/options/options.go | 3 +- .../pkg/kubeapiserver/options/plugins.go | 7 +- .../kubernetes/pkg/kubeapiserver/server/BUILD | 30 - .../kubeapiserver/server/insecure_handler.go | 50 - vendor/k8s.io/kubernetes/pkg/kubelet/BUILD | 38 +- vendor/k8s.io/kubernetes/pkg/kubelet/OWNERS | 16 - .../k8s.io/kubernetes/pkg/kubelet/apis/BUILD | 3 +- .../kubernetes/pkg/kubelet/apis/config/BUILD | 1 + .../kubernetes/pkg/kubelet/apis/config/OWNERS | 6 - .../pkg/kubelet/apis/config/register.go | 1 + .../pkg/kubelet/apis/config/types.go | 101 +- .../pkg/kubelet/apis/config/v1alpha1/BUILD | 36 + .../pkg/kubelet/apis/config/v1alpha1/doc.go | 24 + .../kubelet/apis/config/v1alpha1/register.go | 36 + .../v1alpha1/zz_generated.conversion.go | 143 + .../config/v1alpha1/zz_generated.deepcopy.go | 21 + .../config/v1alpha1/zz_generated.defaults.go | 32 + .../pkg/kubelet/apis/config/v1beta1/BUILD | 2 +- .../kubelet/apis/config/v1beta1/defaults.go | 5 +- .../config/v1beta1/zz_generated.conversion.go | 6 + .../pkg/kubelet/apis/config/validation/BUILD | 1 + .../apis/config/validation/validation.go | 102 +- .../apis/config/zz_generated.deepcopy.go | 87 + .../pkg/kubelet/apis/podresources/BUILD | 21 +- .../pkg/kubelet/apis/podresources/client.go | 29 +- .../kubelet/apis/podresources/server_v1.go | 72 + .../{server.go => server_v1alpha1.go} | 45 +- .../pkg/kubelet/apis/podresources/types.go | 38 + .../kubelet/apis/podresources/v1alpha1/BUILD | 29 - .../apis/resourcemetrics/v1alpha1/BUILD | 22 - .../pkg/kubelet/apis/stats/v1alpha1/BUILD | 26 - .../apis/well_known_annotations_windows.go | 3 + .../pkg/kubelet/apis/well_known_labels.go | 10 +- .../kubernetes/pkg/kubelet/certificate/BUILD | 1 + .../kubernetes/pkg/kubelet/certificate/OWNERS | 9 - vendor/k8s.io/kubernetes/pkg/kubelet/cm/BUILD | 40 +- .../k8s.io/kubernetes/pkg/kubelet/cm/OWNERS | 12 - .../pkg/kubelet/cm/cgroup_manager_linux.go | 52 +- .../pkg/kubelet/cm/container_manager.go | 8 +- .../pkg/kubelet/cm/container_manager_linux.go | 50 +- .../pkg/kubelet/cm/container_manager_stub.go | 8 +- .../cm/container_manager_unsupported.go | 2 +- .../kubelet/cm/container_manager_windows.go | 10 +- .../pkg/kubelet/cm/cpumanager/BUILD | 1 + .../pkg/kubelet/cm/cpumanager/OWNERS | 9 - .../pkg/kubelet/cm/cpumanager/cpu_manager.go | 29 +- .../kubelet/cm/cpumanager/fake_cpu_manager.go | 12 +- .../pkg/kubelet/cm/cpumanager/policy.go | 4 + .../pkg/kubelet/cm/cpumanager/policy_none.go | 4 + .../kubelet/cm/cpumanager/policy_static.go | 142 +- .../pkg/kubelet/cm/cpumanager/topology/BUILD | 5 +- .../cm/cpumanager/topology/topology.go | 68 +- .../kubernetes/pkg/kubelet/cm/cpuset/OWNERS | 6 - .../pkg/kubelet/cm/devicemanager/BUILD | 12 +- .../pkg/kubelet/cm/devicemanager/OWNERS | 10 - .../kubelet/cm/devicemanager/checkpoint/BUILD | 1 + .../cm/devicemanager/checkpoint/checkpoint.go | 22 +- .../cm/devicemanager/device_plugin_stub.go | 19 +- .../pkg/kubelet/cm/devicemanager/manager.go | 72 +- .../kubelet/cm/devicemanager/manager_stub.go | 9 +- .../kubelet/cm/devicemanager/pod_devices.go | 150 +- .../cm/devicemanager/topology_hints.go | 122 +- .../pkg/kubelet/cm/devicemanager/types.go | 8 +- .../kubelet/cm/pod_container_manager_linux.go | 4 +- .../pkg/kubelet/cm/topologymanager/BUILD | 9 +- .../pkg/kubelet/cm/topologymanager/OWNERS | 10 - .../topologymanager/fake_topology_manager.go | 5 +- .../policy_single_numa_node.go | 4 +- .../pkg/kubelet/cm/topologymanager/scope.go | 148 + .../cm/topologymanager/scope_container.go | 90 + .../kubelet/cm/topologymanager/scope_pod.go | 91 + .../cm/topologymanager/topology_manager.go | 160 +- .../kubernetes/pkg/kubelet/config/common.go | 4 +- .../kubernetes/pkg/kubelet/config/flags.go | 41 +- .../pkg/kubelet/container/helpers.go | 23 +- .../pkg/kubelet/container/runtime.go | 9 +- .../kubelet/container/testing/fake_runtime.go | 8 + .../kubelet/container/testing/runtime_mock.go | 5 + .../kubernetes/pkg/kubelet/cri/remote/BUILD | 3 + .../kubernetes/pkg/kubelet/cri/remote/OWNERS | 4 - .../pkg/kubelet/cri/remote/remote_image.go | 16 +- .../pkg/kubelet/cri/remote/remote_runtime.go | 61 +- .../kubelet/cri/remote/util/util_windows.go | 2 +- .../pkg/kubelet/cri/remote/utils.go | 20 +- .../cri/streaming/.import-restrictions | 5 + .../kubernetes/pkg/kubelet/dockershim/BUILD | 5 + .../pkg/kubelet/dockershim/convert.go | 2 +- .../kubernetes/pkg/kubelet/dockershim/doc.go | 1 + .../kubelet/dockershim/docker_checkpoint.go | 12 +- .../kubelet/dockershim/docker_image_linux.go | 2 +- .../dockershim/docker_legacy_service.go | 4 +- .../pkg/kubelet/dockershim/docker_service.go | 28 +- .../dockershim/docker_stats_windows.go | 6 +- .../kubelet/dockershim/docker_streaming.go | 23 +- .../dockershim/docker_streaming_windows.go | 3 +- .../kubernetes/pkg/kubelet/dockershim/exec.go | 58 +- .../pkg/kubelet/dockershim/helpers.go | 14 +- .../pkg/kubelet/dockershim/helpers_linux.go | 1 + .../kubelet/dockershim/helpers_unsupported.go | 1 + .../pkg/kubelet/dockershim/helpers_windows.go | 1 + .../pkg/kubelet/dockershim/libdocker/BUILD | 5 +- .../dockershim/libdocker/fake_client.go | 7 +- .../pkg/kubelet/dockershim/network/BUILD | 13 +- .../pkg/kubelet/dockershim/network/OWNERS | 10 - .../kubelet/dockershim/network/hostport/BUILD | 7 +- .../dockershim/network/hostport/hostport.go | 1 - .../network/hostport/hostport_manager.go | 15 + .../network/hostport/hostport_syncer.go | 328 - .../kubelet/dockershim/network/kubenet/BUILD | 6 +- .../network/kubenet/kubenet_linux.go | 50 +- .../dockershim/network/metrics/metrics.go | 28 +- .../pkg/kubelet/dockershim/network/plugins.go | 18 +- .../kubernetes/pkg/kubelet/eviction/BUILD | 6 +- .../pkg/kubelet/eviction/eviction_manager.go | 2 +- .../pkg/kubelet/eviction/helpers.go | 12 +- .../eviction/memory_threshold_notifier.go | 2 +- .../kubernetes/pkg/kubelet/eviction/types.go | 2 +- .../kubernetes/pkg/kubelet/images/BUILD | 4 +- .../pkg/kubelet/images/image_gc_manager.go | 2 +- .../k8s.io/kubernetes/pkg/kubelet/kubelet.go | 189 +- .../pkg/kubelet/kubelet_dockershim.go | 5 +- .../kubernetes/pkg/kubelet/kubelet_getters.go | 14 +- .../pkg/kubelet/kubelet_network_linux.go | 119 +- .../pkg/kubelet/kubelet_node_status.go | 41 +- .../kubernetes/pkg/kubelet/kubelet_pods.go | 29 +- .../pkg/kubelet/kubeletconfig/OWNERS | 7 - .../kubernetes/pkg/kubelet/kuberuntime/BUILD | 6 +- .../pkg/kubelet/kuberuntime/helpers.go | 44 +- .../kuberuntime/kuberuntime_container.go | 14 + .../kuberuntime_container_windows.go | 25 - .../pkg/kubelet/kuberuntime/kuberuntime_gc.go | 19 +- .../kuberuntime/kuberuntime_manager.go | 45 +- .../kuberuntime/kuberuntime_sandbox.go | 19 +- .../kubelet/kuberuntime/security_context.go | 32 +- .../kuberuntime/security_context_others.go | 52 + .../kuberuntime/security_context_windows.go | 66 + .../kubernetes/pkg/kubelet/lifecycle/BUILD | 4 +- .../pkg/kubelet/lifecycle/predicate.go | 4 +- .../kubernetes/pkg/kubelet/metrics/BUILD | 1 - .../pkg/kubelet/metrics/collectors/BUILD | 4 +- .../kubelet/metrics/collectors/log_metrics.go | 2 +- .../metrics/collectors/resource_metrics.go | 46 +- .../metrics/collectors/volume_stats.go | 2 +- .../kubernetes/pkg/kubelet/metrics/metrics.go | 17 +- .../kubernetes/pkg/kubelet/network/dns/BUILD | 1 + .../kubernetes/pkg/kubelet/network/dns/OWNERS | 6 - .../kubernetes/pkg/kubelet/network/dns/dns.go | 21 +- .../kubernetes/pkg/kubelet/nodelease/BUILD | 55 - .../kubernetes/pkg/kubelet/nodeshutdown/BUILD | 127 + .../nodeshutdown_manager_linux.go | 255 + .../nodeshutdown_manager_others.go | 43 + .../pkg/kubelet/nodeshutdown/systemd/BUILD | 54 + .../pkg/kubelet/nodeshutdown/systemd/doc.go | 18 + .../nodeshutdown/systemd/inhibit_linux.go | 186 + .../nodeshutdown/systemd/inhibit_others.go} | 6 +- .../pkg/kubelet/nodestatus/setters.go | 26 +- .../pkg/kubelet/pluginmanager/OWNERS | 5 - .../example_plugin_apis/v1beta1/api.proto | 2 +- .../example_plugin_apis/v1beta2/api.proto | 2 +- .../pluginmanager/reconciler/reconciler.go | 12 +- .../pkg/kubelet/pod_sandbox_deleter.go | 82 + .../kubernetes/pkg/kubelet/prober/BUILD | 5 - .../kubernetes/pkg/kubelet/prober/OWNERS | 5 - .../pkg/kubelet/prober/prober_manager.go | 7 +- .../kubernetes/pkg/kubelet/qos/policy.go | 2 +- .../kubernetes/pkg/kubelet/runtimeclass/BUILD | 2 +- .../runtimeclass/runtimeclass_manager.go | 6 +- .../pkg/kubelet/runtimeclass/testing/BUILD | 2 +- .../runtimeclass/testing/fake_manager.go | 6 +- .../kubernetes/pkg/kubelet/server/BUILD | 7 +- .../kubernetes/pkg/kubelet/server/OWNERS | 5 - .../kubernetes/pkg/kubelet/server/server.go | 80 +- .../kubernetes/pkg/kubelet/server/stats/BUILD | 9 +- .../pkg/kubelet/server/stats/handler.go | 2 +- .../stats/prometheus_resource_metrics.go | 219 - .../pkg/kubelet/server/stats/summary.go | 2 +- .../server/stats/summary_sys_containers.go | 2 +- .../stats/summary_sys_containers_windows.go | 2 +- .../server/stats/volume_stat_calculator.go | 2 +- .../k8s.io/kubernetes/pkg/kubelet/stats/BUILD | 8 +- .../kubelet/stats/cadvisor_stats_provider.go | 2 +- .../pkg/kubelet/stats/cri_stats_provider.go | 4 +- .../stats/cri_stats_provider_others.go | 2 +- .../stats/cri_stats_provider_windows.go | 2 +- .../kubernetes/pkg/kubelet/stats/helper.go | 2 +- .../pkg/kubelet/stats/pidlimit/BUILD | 30 +- .../kubelet/stats/pidlimit/pidlimit_linux.go | 2 +- .../stats/pidlimit/pidlimit_unsupported.go | 2 +- .../stats/{stats_provider.go => provider.go} | 32 +- .../kubernetes/pkg/kubelet/token/OWNERS | 9 - .../pkg/kubelet/token/token_manager.go | 13 +- .../k8s.io/kubernetes/pkg/kubelet/types/BUILD | 2 +- .../pkg/kubelet/types/pod_status.go | 3 +- .../k8s.io/kubernetes/pkg/kubelet/util/BUILD | 11 +- .../kubernetes/pkg/kubelet/util/nodelease.go | 55 + .../kubernetes/pkg/kubelet/util/util.go | 4 +- .../kubernetes/pkg/kubelet/volume_host.go | 14 +- .../pkg/kubelet/volumemanager/BUILD | 4 +- .../pkg/kubelet/volumemanager/OWNERS | 14 - .../cache/actual_state_of_world.go | 2 +- .../cache/desired_state_of_world.go | 43 +- .../pkg/kubelet/volumemanager/populator/BUILD | 1 + .../desired_state_of_world_populator.go | 19 +- .../kubelet/volumemanager/reconciler/BUILD | 4 +- .../volumemanager/reconciler/reconciler.go | 4 +- .../kubelet/volumemanager/volume_manager.go | 15 +- vendor/k8s.io/kubernetes/pkg/kubemark/BUILD | 3 +- vendor/k8s.io/kubernetes/pkg/kubemark/OWNERS | 12 - .../kubernetes/pkg/kubemark/controller.go | 3 +- .../kubernetes/pkg/kubemark/hollow_kubelet.go | 5 +- vendor/k8s.io/kubernetes/pkg/master/OWNERS | 42 - vendor/k8s.io/kubernetes/pkg/printers/OWNERS | 8 - .../pkg/printers/internalversion/BUILD | 6 +- .../internalversion/import_known_versions.go | 1 - .../pkg/printers/internalversion/printers.go | 116 +- vendor/k8s.io/kubernetes/pkg/probe/OWNERS | 11 - vendor/k8s.io/kubernetes/pkg/probe/exec/BUILD | 7 +- .../kubernetes/pkg/probe/exec/errors.go | 47 + .../k8s.io/kubernetes/pkg/probe/exec/exec.go | 12 + .../k8s.io/kubernetes/pkg/probe/http/http.go | 12 +- vendor/k8s.io/kubernetes/pkg/proxy/BUILD | 2 + vendor/k8s.io/kubernetes/pkg/proxy/OWNERS | 8 - .../kubernetes/pkg/proxy/apis/config/OWNERS | 8 - .../kubernetes/pkg/proxy/apis/config/types.go | 7 +- .../pkg/proxy/apis/config/v1alpha1/BUILD | 15 +- .../proxy/apis/config/v1alpha1/defaults.go | 2 +- .../apis/config/validation/validation.go | 17 +- .../k8s.io/kubernetes/pkg/proxy/config/OWNERS | 9 - .../k8s.io/kubernetes/pkg/proxy/endpoints.go | 29 +- .../pkg/proxy/endpointslicecache.go | 29 +- .../kubernetes/pkg/proxy/iptables/BUILD | 3 - .../kubernetes/pkg/proxy/iptables/OWNERS | 8 - .../kubernetes/pkg/proxy/iptables/proxier.go | 61 +- vendor/k8s.io/kubernetes/pkg/proxy/ipvs/BUILD | 4 +- .../k8s.io/kubernetes/pkg/proxy/ipvs/OWNERS | 17 - .../kubernetes/pkg/proxy/ipvs/README.md | 19 +- .../kubernetes/pkg/proxy/ipvs/proxier.go | 68 +- .../kubernetes/pkg/proxy/metaproxier/BUILD | 1 - .../pkg/proxy/metaproxier/meta_proxier.go | 40 +- vendor/k8s.io/kubernetes/pkg/proxy/service.go | 92 +- .../kubernetes/pkg/proxy/userspace/OWNERS | 10 - .../kubernetes/pkg/proxy/userspace/proxier.go | 42 +- .../k8s.io/kubernetes/pkg/proxy/util/utils.go | 100 +- .../kubernetes/pkg/proxy/winkernel/OWNERS | 14 - .../kubernetes/pkg/proxy/winkernel/proxier.go | 66 +- vendor/k8s.io/kubernetes/pkg/quota/v1/OWNERS | 13 - .../pkg/quota/v1/evaluator/core/BUILD | 8 +- .../core/persistent_volume_claims.go | 13 +- .../pkg/quota/v1/evaluator/core/pods.go | 6 +- .../pkg/quota/v1/evaluator/core/registry.go | 4 +- .../pkg/quota/v1/evaluator/core/services.go | 4 +- .../kubernetes/pkg/quota/v1/generic/OWNERS | 5 - .../kubernetes/pkg/quota/v1/install/BUILD | 4 +- .../kubernetes/pkg/quota/v1/install/OWNERS | 4 - .../pkg/quota/v1/install/registry.go | 6 +- .../storage/BUILD | 1 + .../storage/storage.go | 13 +- .../mutatingwebhookconfiguration/strategy.go | 2 +- .../storage/BUILD | 1 + .../storage/storage.go | 13 +- .../strategy.go | 2 +- .../rest/BUILD | 19 +- .../apiserverinternal/rest/storage.go | 62 + .../storageversion}/BUILD | 18 +- .../apiserverinternal/storageversion/doc.go | 19 + .../storageversion/storage/BUILD | 34 + .../storageversion/storage/storage.go | 83 + .../storageversion/strategy.go | 103 + .../pkg/registry/apps/daemonset/BUILD | 1 - .../pkg/registry/apps/daemonset/strategy.go | 13 +- .../pkg/registry/apps/deployment/BUILD | 1 - .../apps/deployment/storage/storage.go | 2 +- .../pkg/registry/apps/deployment/strategy.go | 11 +- .../pkg/registry/apps/replicaset/BUILD | 1 - .../pkg/registry/apps/replicaset/strategy.go | 13 +- .../pkg/registry/apps/statefulset/BUILD | 1 - .../pkg/registry/apps/statefulset/strategy.go | 6 +- .../autoscaling/horizontalpodautoscaler/BUILD | 17 + .../horizontalpodautoscaler/strategy.go | 26 + .../pkg/registry/batch/cronjob/BUILD | 1 - .../pkg/registry/batch/cronjob/strategy.go | 15 +- .../kubernetes/pkg/registry/batch/job/BUILD | 1 - .../pkg/registry/batch/job/strategy.go | 13 +- .../certificates/certificates/strategy.go | 2 +- .../pkg/registry/core/endpoint/BUILD | 1 - .../pkg/registry/core/endpoint/strategy.go | 11 +- .../core/namespace/storage/storage.go | 1 + .../pkg/registry/core/pod/storage/BUILD | 1 + .../pkg/registry/core/pod/storage/eviction.go | 71 +- .../pkg/registry/core/pod/storage/storage.go | 17 +- .../pkg/registry/core/pod/strategy.go | 38 +- .../pkg/registry/core/podtemplate/strategy.go | 12 +- .../core/replicationcontroller/doc.go | 2 +- .../core/replicationcontroller/strategy.go | 14 +- .../kubernetes/pkg/registry/core/rest/BUILD | 2 +- .../pkg/registry/core/rest/storage_core.go | 5 +- .../pkg/registry/core/service/BUILD | 2 + .../core/service/allocator/storage/storage.go | 4 +- .../core/service/ipallocator/controller/BUILD | 2 - .../service/ipallocator/controller/repair.go | 261 +- .../pkg/registry/core/service/storage/BUILD | 5 +- .../pkg/registry/core/service/storage/rest.go | 615 +- .../registry/core/service/storage/storage.go | 147 +- .../pkg/registry/core/service/strategy.go | 343 +- .../pkg/registry/core/serviceaccount/OWNERS | 8 - .../registry/discovery/endpointslice/BUILD | 18 +- .../discovery/endpointslice/strategy.go | 60 + .../pkg/registry/flowcontrol/rest/BUILD | 9 +- .../flowcontrol/rest/storage_flowcontrol.go | 45 +- .../networking/networkpolicy/strategy.go | 5 +- .../kubernetes/pkg/registry/node/rest/BUILD | 1 + .../pkg/registry/node/rest/runtime_class.go | 20 + .../k8s.io/kubernetes/pkg/registry/rbac/BUILD | 1 - .../kubernetes/pkg/registry/rbac/OWNERS | 9 - .../pkg/registry/rbac/reconciliation/BUILD | 63 - .../kubernetes/pkg/registry/rbac/rest/BUILD | 2 +- .../pkg/registry/rbac/rest/storage_rbac.go | 32 +- .../pkg/registry/rbac/validation/BUILD | 4 +- .../pkg/registry/rbac/validation/rule.go | 12 +- .../pkg/registry/registrytest/OWNERS | 24 - .../scheduling/rest/storage_scheduling.go | 11 +- .../registry/settings/podpreset/storage/BUILD | 53 - .../settings/podpreset/storage/storage.go | 53 - .../registry/settings/podpreset/strategy.go | 83 - .../settings/rest/storage_settings.go | 62 - .../registry/storage/csidriver/strategy.go | 18 +- vendor/k8s.io/kubernetes/pkg/routes/OWNERS | 11 - .../pkg/scheduler/apis/config/OWNERS | 13 - .../pkg/scheduler/apis/config/register.go | 2 + .../pkg/scheduler/apis/config/types.go | 5 +- .../scheduler/apis/config/types_pluginargs.go | 70 +- .../scheduler/apis/config/validation/BUILD | 4 + .../apis/config/validation/validation.go | 10 +- .../validation/validation_pluginargs.go | 72 + .../apis/config/zz_generated.deepcopy.go | 55 + .../scheduler/framework/{v1alpha1 => }/BUILD | 6 +- .../framework/{v1alpha1 => }/cycle_state.go | 2 +- .../framework/{v1alpha1 => }/extender.go | 2 +- .../framework/{v1alpha1 => }/interface.go | 108 +- .../framework/{v1alpha1 => }/listers.go | 4 +- .../scheduler/framework/plugins/helper/BUILD | 7 +- .../framework/plugins/helper/node_affinity.go | 57 +- .../plugins/helper/normalize_score.go | 2 +- .../framework/plugins/nodeaffinity/BUILD | 11 +- .../plugins/nodeaffinity/node_affinity.go | 92 +- .../framework/plugins/nodename/BUILD | 4 +- .../framework/plugins/nodename/node_name.go | 4 +- .../framework/plugins/nodeports/BUILD | 4 +- .../framework/plugins/nodeports/node_ports.go | 8 +- .../framework/plugins/noderesources/BUILD | 5 +- .../noderesources/balanced_allocation.go | 8 +- .../framework/plugins/noderesources/fit.go | 4 +- .../plugins/noderesources/least_allocated.go | 6 +- .../plugins/noderesources/most_allocated.go | 6 +- .../requested_to_capacity_ratio.go | 6 +- .../noderesources/resource_allocation.go | 9 +- .../framework/{v1alpha1 => }/types.go | 74 +- .../kubernetes/pkg/scheduler/util/BUILD | 2 +- .../kubernetes/pkg/scheduler/util/non_zero.go | 3 +- .../kubernetes/pkg/scheduler/util/utils.go | 31 +- .../pkg/security/podsecuritypolicy/OWNERS | 9 - .../security/podsecuritypolicy/seccomp/BUILD | 1 + .../podsecuritypolicy/seccomp/strategy.go | 10 + .../kubernetes/pkg/serviceaccount/BUILD | 3 - .../kubernetes/pkg/serviceaccount/OWNERS | 9 - .../kubernetes/pkg/serviceaccount/claims.go | 4 +- .../kubernetes/pkg/serviceaccount/jwt.go | 3 +- .../kubernetes/pkg/serviceaccount/legacy.go | 4 +- .../kubernetes/pkg/serviceaccount/util.go | 81 - .../kubernetes/pkg/util/bandwidth/OWNERS | 8 - .../kubernetes/pkg/util/conntrack/BUILD | 1 + .../pkg/util/conntrack/conntrack.go | 3 + .../k8s.io/kubernetes/pkg/util/ebtables/BUILD | 37 - .../kubernetes/pkg/util/ebtables/OWNERS | 8 - .../kubernetes/pkg/util/goroutinemap/OWNERS | 6 - .../k8s.io/kubernetes/pkg/util/ipset/OWNERS | 13 - .../kubernetes/pkg/util/iptables/OWNERS | 14 - .../kubernetes/pkg/util/iptables/iptables.go | 24 +- .../pkg/util/iptables/iptables_linux.go | 8 +- .../pkg/util/iptables/iptables_unsupported.go | 2 +- vendor/k8s.io/kubernetes/pkg/util/ipvs/OWNERS | 15 - .../k8s.io/kubernetes/pkg/util/ipvs/ipvs.go | 2 - .../k8s.io/kubernetes/pkg/util/netsh/OWNERS | 8 - vendor/k8s.io/kubernetes/pkg/util/node/BUILD | 6 + .../k8s.io/kubernetes/pkg/util/node/node.go | 78 +- .../kubernetes/pkg/util/removeall/BUILD | 4 +- .../pkg/util/removeall/removeall.go | 2 +- .../k8s.io/kubernetes/pkg/util/resizefs/BUILD | 30 +- .../pkg/util/resizefs/resizefs_linux.go | 2 +- .../pkg/util/resizefs/resizefs_unsupported.go | 2 +- vendor/k8s.io/kubernetes/pkg/volume/BUILD | 5 +- vendor/k8s.io/kubernetes/pkg/volume/OWNERS | 8 - .../k8s.io/kubernetes/pkg/volume/awsebs/BUILD | 4 +- .../kubernetes/pkg/volume/awsebs/OWNERS | 15 - .../kubernetes/pkg/volume/awsebs/attacher.go | 2 +- .../kubernetes/pkg/volume/awsebs/aws_ebs.go | 8 +- .../pkg/volume/awsebs/aws_ebs_block.go | 2 +- .../kubernetes/pkg/volume/awsebs/aws_util.go | 4 +- .../kubernetes/pkg/volume/azure_dd/OWNERS | 22 - .../kubernetes/pkg/volume/azure_file/BUILD | 4 +- .../kubernetes/pkg/volume/azure_file/OWNERS | 20 - .../pkg/volume/azure_file/azure_file.go | 9 +- .../pkg/volume/{azure_dd => azuredd}/BUILD | 4 +- .../volume/{azure_dd => azuredd}/attacher.go | 13 +- .../{azure_dd => azuredd}/azure_common.go | 2 +- .../azure_common_linux.go | 2 +- .../azure_common_unsupported.go | 2 +- .../azure_common_windows.go | 4 +- .../volume/{azure_dd => azuredd}/azure_dd.go | 13 +- .../{azure_dd => azuredd}/azure_dd_block.go | 4 +- .../azure_dd_max_disk_count.go | 60 +- .../{azure_dd => azuredd}/azure_mounter.go | 10 +- .../{azure_dd => azuredd}/azure_provision.go | 6 +- .../pkg/volume/{azure_dd => azuredd}/doc.go | 2 +- .../k8s.io/kubernetes/pkg/volume/cephfs/BUILD | 4 +- .../kubernetes/pkg/volume/cephfs/OWNERS | 13 - .../kubernetes/pkg/volume/cephfs/cephfs.go | 6 +- .../k8s.io/kubernetes/pkg/volume/cinder/BUILD | 4 +- .../kubernetes/pkg/volume/cinder/OWNERS | 15 - .../kubernetes/pkg/volume/cinder/attacher.go | 2 +- .../kubernetes/pkg/volume/cinder/cinder.go | 8 +- .../pkg/volume/cinder/cinder_block.go | 2 +- .../pkg/volume/cinder/cinder_util.go | 6 +- .../kubernetes/pkg/volume/configmap/BUILD | 2 +- .../kubernetes/pkg/volume/configmap/OWNERS | 17 - .../pkg/volume/configmap/configmap.go | 6 +- vendor/k8s.io/kubernetes/pkg/volume/csi/BUILD | 9 +- .../k8s.io/kubernetes/pkg/volume/csi/OWNERS | 7 - .../kubernetes/pkg/volume/csi/csi_attacher.go | 19 +- .../kubernetes/pkg/volume/csi/csi_mounter.go | 107 +- .../kubernetes/pkg/volume/csi/csi_plugin.go | 34 +- .../kubernetes/pkg/volume/csi/csi_util.go | 17 + .../csi/nodeinfomanager/nodeinfomanager.go | 6 + .../kubernetes/pkg/volume/downwardapi/OWNERS | 17 - .../pkg/volume/downwardapi/downwardapi.go | 4 +- .../kubernetes/pkg/volume/emptydir/BUILD | 9 +- .../kubernetes/pkg/volume/emptydir/OWNERS | 17 - .../pkg/volume/emptydir/empty_dir.go | 85 +- .../pkg/volume/emptydir/empty_dir_linux.go | 2 +- .../volume/emptydir/empty_dir_unsupported.go | 2 +- vendor/k8s.io/kubernetes/pkg/volume/fc/BUILD | 4 +- vendor/k8s.io/kubernetes/pkg/volume/fc/OWNERS | 12 - .../kubernetes/pkg/volume/fc/attacher.go | 7 +- .../kubernetes/pkg/volume/fc/disk_manager.go | 8 +- vendor/k8s.io/kubernetes/pkg/volume/fc/fc.go | 6 +- .../kubernetes/pkg/volume/fc/fc_util.go | 2 +- .../kubernetes/pkg/volume/flexvolume/BUILD | 4 +- .../kubernetes/pkg/volume/flexvolume/OWNERS | 17 - .../volume/flexvolume/attacher-defaults.go | 2 +- .../volume/flexvolume/detacher-defaults.go | 2 +- .../pkg/volume/flexvolume/detacher.go | 2 +- .../pkg/volume/flexvolume/mounter.go | 4 +- .../pkg/volume/flexvolume/plugin.go | 4 +- .../volume/flexvolume/unmounter-defaults.go | 2 +- .../pkg/volume/flexvolume/unmounter.go | 2 +- .../kubernetes/pkg/volume/flexvolume/util.go | 4 +- .../pkg/volume/flexvolume/volume.go | 2 +- .../kubernetes/pkg/volume/flocker/BUILD | 4 +- .../kubernetes/pkg/volume/flocker/OWNERS | 12 - .../kubernetes/pkg/volume/flocker/flocker.go | 9 +- .../k8s.io/kubernetes/pkg/volume/gcepd/BUILD | 4 +- .../k8s.io/kubernetes/pkg/volume/gcepd/OWNERS | 14 - .../kubernetes/pkg/volume/gcepd/attacher.go | 4 +- .../kubernetes/pkg/volume/gcepd/gce_pd.go | 16 +- .../pkg/volume/gcepd/gce_pd_block.go | 2 +- .../kubernetes/pkg/volume/gcepd/gce_util.go | 8 +- .../kubernetes/pkg/volume/git_repo/OWNERS | 11 - .../pkg/volume/git_repo/git_repo.go | 4 +- .../kubernetes/pkg/volume/glusterfs/BUILD | 4 +- .../kubernetes/pkg/volume/glusterfs/OWNERS | 14 - .../pkg/volume/glusterfs/glusterfs.go | 6 +- .../kubernetes/pkg/volume/hostpath/BUILD | 2 +- .../kubernetes/pkg/volume/hostpath/OWNERS | 13 - .../pkg/volume/hostpath/host_path.go | 8 +- .../k8s.io/kubernetes/pkg/volume/iscsi/BUILD | 4 +- .../k8s.io/kubernetes/pkg/volume/iscsi/OWNERS | 15 - .../kubernetes/pkg/volume/iscsi/attacher.go | 2 +- .../pkg/volume/iscsi/disk_manager.go | 8 +- .../kubernetes/pkg/volume/iscsi/iscsi.go | 8 +- .../kubernetes/pkg/volume/iscsi/iscsi_util.go | 2 +- .../k8s.io/kubernetes/pkg/volume/local/BUILD | 12 +- .../k8s.io/kubernetes/pkg/volume/local/OWNERS | 18 - .../kubernetes/pkg/volume/local/local.go | 8 +- vendor/k8s.io/kubernetes/pkg/volume/nfs/BUILD | 4 +- .../k8s.io/kubernetes/pkg/volume/nfs/OWNERS | 13 - .../k8s.io/kubernetes/pkg/volume/nfs/nfs.go | 6 +- .../pkg/volume/noop_expandable_plugin.go | 4 +- .../k8s.io/kubernetes/pkg/volume/plugins.go | 9 +- .../kubernetes/pkg/volume/portworx/BUILD | 4 +- .../kubernetes/pkg/volume/portworx/OWNERS | 10 - .../pkg/volume/portworx/portworx.go | 6 +- .../kubernetes/pkg/volume/projected/BUILD | 2 - .../pkg/volume/projected/projected.go | 10 +- .../kubernetes/pkg/volume/quobyte/BUILD | 5 +- .../kubernetes/pkg/volume/quobyte/OWNERS | 12 - .../kubernetes/pkg/volume/quobyte/quobyte.go | 36 +- .../pkg/volume/quobyte/quobyte_util.go | 15 +- vendor/k8s.io/kubernetes/pkg/volume/rbd/BUILD | 4 +- .../k8s.io/kubernetes/pkg/volume/rbd/OWNERS | 13 - .../kubernetes/pkg/volume/rbd/attacher.go | 2 +- .../kubernetes/pkg/volume/rbd/disk_manager.go | 6 +- .../k8s.io/kubernetes/pkg/volume/rbd/rbd.go | 10 +- .../kubernetes/pkg/volume/rbd/rbd_util.go | 4 +- .../kubernetes/pkg/volume/scaleio/BUILD | 3 +- .../pkg/volume/scaleio/sio_client.go | 61 +- .../kubernetes/pkg/volume/scaleio/sio_mgr.go | 8 +- .../pkg/volume/scaleio/sio_plugin.go | 2 +- .../pkg/volume/scaleio/sio_volume.go | 15 +- .../k8s.io/kubernetes/pkg/volume/secret/BUILD | 2 +- .../kubernetes/pkg/volume/secret/OWNERS | 17 - .../kubernetes/pkg/volume/secret/secret.go | 6 +- .../kubernetes/pkg/volume/storageos/BUILD | 5 +- .../pkg/volume/storageos/storageos.go | 16 +- .../pkg/volume/storageos/storageos_util.go | 11 +- .../k8s.io/kubernetes/pkg/volume/util/BUILD | 7 +- .../k8s.io/kubernetes/pkg/volume/util/OWNERS | 8 - .../kubernetes/pkg/volume/util/fsquota/BUILD | 6 +- .../fsquota/common/quota_linux_common_impl.go | 24 +- .../pkg/volume/util/fsquota/project.go | 14 +- .../pkg/volume/util/fsquota/quota.go | 2 +- .../pkg/volume/util/fsquota/quota_linux.go | 28 +- .../volume/util/fsquota/quota_unsupported.go | 2 +- .../kubernetes/pkg/volume/util/hostutil/BUILD | 2 +- .../pkg/volume/util/hostutil/fake_hostutil.go | 2 +- .../pkg/volume/util/hostutil/hostutil.go | 2 +- .../volume/util/hostutil/hostutil_linux.go | 2 +- .../util/hostutil/hostutil_unsupported.go | 2 +- .../volume/util/hostutil/hostutil_windows.go | 2 +- .../kubernetes/pkg/volume/util/metrics.go | 16 +- .../pkg/volume/util/nested_volumes.go | 9 +- .../util/nestedpendingoperations/OWNERS | 4 - .../nestedpendingoperations.go | 2 +- .../pkg/volume/util/operationexecutor/BUILD | 2 +- .../pkg/volume/util/operationexecutor/OWNERS | 5 - .../operationexecutor/operation_executor.go | 17 +- .../operationexecutor/operation_generator.go | 75 +- .../util/recyclerclient/recycler_client.go | 2 +- .../kubernetes/pkg/volume/util/resize_util.go | 2 +- .../kubernetes/pkg/volume/util/subpath/BUILD | 34 +- .../kubernetes/pkg/volume/util/subpath/OWNERS | 13 - .../pkg/volume/util/subpath/subpath_linux.go | 8 +- .../util/subpath/subpath_unsupported.go | 2 +- .../volume/util/subpath/subpath_windows.go | 2 +- .../kubernetes/pkg/volume/util/types/BUILD | 4 +- .../kubernetes/pkg/volume/util/types/types.go | 2 +- .../k8s.io/kubernetes/pkg/volume/util/util.go | 52 +- .../pkg/volume/util/volumepathhandler/BUILD | 2 +- .../volumepathhandler/volume_path_handler.go | 4 +- .../kubernetes/pkg/volume/volume_linux.go | 15 +- .../pkg/volume/volume_unsupported.go | 2 +- .../pkg/volume/vsphere_volume/BUILD | 4 +- .../pkg/volume/vsphere_volume/OWNERS | 23 - .../pkg/volume/vsphere_volume/attacher.go | 3 +- .../volume/vsphere_volume/vsphere_volume.go | 10 +- .../vsphere_volume/vsphere_volume_block.go | 2 +- .../vsphere_volume/vsphere_volume_util.go | 8 +- .../vsphere_volume_util_linux.go | 2 +- .../plugin/pkg/admission/certificates/OWNERS | 8 - .../eventratelimit/apis/eventratelimit/OWNERS | 9 - .../pkg/admission/imagepolicy/admission.go | 3 +- .../pkg/admission/noderestriction/OWNERS | 9 - .../admission/noderestriction/admission.go | 18 +- .../admission/podnodeselector/admission.go | 19 +- .../plugin/pkg/admission/podpreset/BUILD | 65 - .../pkg/admission/podpreset/admission.go | 455 - .../apis/podtolerationrestriction/OWNERS | 4 - .../resourcequota/apis/resourcequota/OWNERS | 9 - .../apis/resourcequota/install/BUILD | 33 - .../plugin/pkg/admission/runtimeclass/BUILD | 10 +- .../plugin/pkg/admission/runtimeclass/OWNERS | 7 - .../pkg/admission/runtimeclass/admission.go | 52 +- .../security/podsecuritypolicy/BUILD | 2 +- .../security/podsecuritypolicy/OWNERS | 9 - .../security/podsecuritypolicy/admission.go | 2 +- .../plugin/pkg/admission/serviceaccount/BUILD | 1 + .../pkg/admission/serviceaccount/OWNERS | 9 - .../pkg/admission/serviceaccount/admission.go | 3 +- .../storage/persistentvolume/label/OWNERS | 10 - .../persistentvolume/label/admission.go | 10 +- .../plugin/pkg/auth/authorizer/node/BUILD | 4 + .../plugin/pkg/auth/authorizer/node/OWNERS | 9 - .../plugin/pkg/auth/authorizer/node/graph.go | 29 + .../auth/authorizer/node/graph_populator.go | 10 + .../pkg/auth/authorizer/node/metrics.go | 49 + .../auth/authorizer/node/node_authorizer.go | 5 +- .../authorizer/rbac/bootstrappolicy/BUILD | 2 +- .../rbac/bootstrappolicy/controller_policy.go | 2 +- .../authorizer/rbac/bootstrappolicy/policy.go | 33 +- vendor/k8s.io/kubernetes/test/e2e/BUILD | 2 - vendor/k8s.io/kubernetes/test/e2e/README.md | 2 - .../kubernetes/test/e2e/apimachinery/BUILD | 6 + .../kubernetes/test/e2e/apimachinery/OWNERS | 26 - .../test/e2e/apimachinery/aggregator.go | 2 +- .../apimachinery/crd_conversion_webhook.go | 12 +- .../e2e/apimachinery/crd_publish_openapi.go | 12 +- .../test/e2e/apimachinery/etcd_failure.go | 2 +- .../test/e2e/apimachinery/events.go | 4 +- .../test/e2e/apimachinery/flowcontrol.go | 406 + .../test/e2e/apimachinery/resource_quota.go | 9 +- .../test/e2e/apimachinery/table_conversion.go | 29 +- .../test/e2e/apimachinery/webhook.go | 7 +- vendor/k8s.io/kubernetes/test/e2e/apps/BUILD | 2 +- vendor/k8s.io/kubernetes/test/e2e/apps/OWNERS | 8 - .../kubernetes/test/e2e/apps/cronjob.go | 26 + .../test/e2e/apps/daemon_restart.go | 25 +- .../kubernetes/test/e2e/apps/deployment.go | 321 +- vendor/k8s.io/kubernetes/test/e2e/apps/job.go | 8 +- .../test/e2e/apps/network_partition.go | 28 +- vendor/k8s.io/kubernetes/test/e2e/apps/rc.go | 88 +- vendor/k8s.io/kubernetes/test/e2e/auth/BUILD | 2 +- vendor/k8s.io/kubernetes/test/e2e/auth/OWNERS | 16 - .../kubernetes/test/e2e/auth/node_authn.go | 20 +- .../test/e2e/auth/service_accounts.go | 208 +- .../kubernetes/test/e2e/autoscaling/OWNERS | 11 - .../custom_metrics_stackdriver_autoscaling.go | 4 +- .../k8s.io/kubernetes/test/e2e/common/BUILD | 5 + .../k8s.io/kubernetes/test/e2e/common/OWNERS | 12 - .../test/e2e/common/configmap_volume.go | 317 +- .../test/e2e/common/container_probe.go | 223 +- .../test/e2e/common/docker_containers.go | 43 +- .../test/e2e/common/downwardapi_volume.go | 7 +- .../kubernetes/test/e2e/common/empty_dir.go | 74 +- .../kubernetes/test/e2e/common/expansion.go | 11 +- .../test/e2e/common/init_container.go | 8 +- .../test/e2e/common/kubelet_etc_hosts.go | 108 +- .../kubernetes/test/e2e/common/lease.go | 8 + .../test/e2e/common/lifecycle_hook.go | 24 +- .../kubernetes/test/e2e/common/networking.go | 77 +- .../kubernetes/test/e2e/common/node_lease.go | 4 +- .../k8s.io/kubernetes/test/e2e/common/pods.go | 168 +- .../test/e2e/common/projected_configmap.go | 181 +- .../test/e2e/common/projected_downwardapi.go | 6 +- .../test/e2e/common/runtimeclass.go | 176 +- .../k8s.io/kubernetes/test/e2e/common/util.go | 13 +- .../test/e2e/framework/.import-restrictions | 6 +- .../kubernetes/test/e2e/framework/BUILD | 2 +- .../kubernetes/test/e2e/framework/OWNERS | 23 - .../test/e2e/framework/exec_util.go | 6 +- .../test/e2e/framework/framework.go | 36 +- .../e2e/framework/ingress/ingress_utils.go | 4 +- .../test/e2e/framework/kubelet/BUILD | 2 +- .../test/e2e/framework/kubelet/config.go | 8 +- .../test/e2e/framework/kubelet/stats.go | 2 +- .../e2e/framework/kubesystem/kubesystem.go | 6 +- .../kubernetes/test/e2e/framework/log.go | 11 +- .../test/e2e/framework/log_size_monitoring.go | 6 +- .../test/e2e/framework/network/BUILD | 1 + .../test/e2e/framework/network/utils.go | 226 +- .../kubernetes/test/e2e/framework/node/BUILD | 4 +- .../test/e2e/framework/node/resource.go | 62 +- .../test/e2e/framework/node/wait.go | 52 +- .../test/e2e/framework/nodes_util.go | 38 - .../test/e2e/framework/pod/create.go | 29 +- .../test/e2e/framework/pod/resource.go | 116 +- .../kubernetes/test/e2e/framework/pod/wait.go | 7 + .../kubernetes/test/e2e/framework/ports.go | 5 +- .../test/e2e/framework/providers/gce/util.go | 4 +- .../e2e/framework/providers/vsphere/OWNERS | 31 - .../kubernetes/test/e2e/framework/pv/BUILD | 1 + .../kubernetes/test/e2e/framework/pv/pv.go | 57 +- .../e2e/framework/resource_usage_gatherer.go | 4 +- .../test/e2e/framework/skipper/BUILD | 1 + .../test/e2e/framework/skipper/skipper.go | 23 + .../kubernetes/test/e2e/framework/ssh/ssh.go | 4 +- .../test/e2e/framework/test_context.go | 32 +- .../kubernetes/test/e2e/framework/util.go | 92 +- .../test/e2e/framework/volume/OWNERS | 20 - .../test/e2e/framework/volume/fixtures.go | 48 +- .../kubernetes/test/e2e/generated/bindata.go | 901 +- .../test/e2e/instrumentation/OWNERS | 14 - .../test/e2e/instrumentation/logging/BUILD | 2 - .../test/e2e/instrumentation/logging/OWNERS | 10 - .../e2e/instrumentation/logging/imports.go | 1 - .../instrumentation/logging/stackdriver/BUILD | 44 - .../logging/stackdriver/basic.go | 195 - .../logging/stackdriver/soak.go | 101 - .../logging/stackdriver/utils.go | 444 - .../monitoring/custom_metrics_deployments.go | 20 +- .../monitoring/custom_metrics_stackdriver.go | 8 +- .../monitoring/metrics_grabber.go | 14 +- .../k8s.io/kubernetes/test/e2e/kubectl/OWNERS | 8 - .../kubernetes/test/e2e/kubectl/kubectl.go | 83 +- .../kubernetes/test/e2e/lifecycle/OWNERS | 24 - .../k8s.io/kubernetes/test/e2e/network/BUILD | 2 +- .../k8s.io/kubernetes/test/e2e/network/OWNERS | 8 - .../kubernetes/test/e2e/network/conntrack.go | 27 +- .../k8s.io/kubernetes/test/e2e/network/dns.go | 10 +- .../kubernetes/test/e2e/network/dns_common.go | 205 +- .../test/e2e/network/dns_configmap.go | 169 - .../kubernetes/test/e2e/network/dual_stack.go | 355 +- .../test/e2e/network/endpointslice.go | 7 +- .../e2e/network/endpointslicemirroring.go | 46 +- .../kubernetes/test/e2e/network/firewall.go | 24 +- .../kubernetes/test/e2e/network/ingress.go | 73 +- .../kubernetes/test/e2e/network/kube_proxy.go | 19 +- .../test/e2e/network/network_policy.go | 507 +- .../kubernetes/test/e2e/network/networking.go | 386 +- .../test/e2e/network/networking_perf.go | 21 +- .../kubernetes/test/e2e/network/service.go | 539 +- .../kubernetes/test/e2e/network/util.go | 67 +- vendor/k8s.io/kubernetes/test/e2e/node/BUILD | 8 +- vendor/k8s.io/kubernetes/test/e2e/node/OWNERS | 16 - .../kubernetes/test/e2e/node/kubelet_perf.go | 2 +- .../test/e2e/node/pod_hostnamefqdn.go | 143 - .../k8s.io/kubernetes/test/e2e/node/pods.go | 103 +- .../kubernetes/test/e2e/node/pre_stop.go | 27 +- .../kubernetes/test/e2e/node/runtimeclass.go | 75 +- .../test/e2e/node/security_context.go | 20 +- .../kubernetes/test/e2e/scheduling/BUILD | 4 +- .../kubernetes/test/e2e/scheduling/OWNERS | 8 - .../test/e2e/scheduling/predicates.go | 167 +- .../test/e2e/scheduling/preemption.go | 115 +- .../test/e2e/scheduling/ubernetes_lite.go | 15 +- .../e2e/scheduling/ubernetes_lite_volumes.go | 2 +- .../test/e2e/servicecatalog/podpreset.go | 294 - .../k8s.io/kubernetes/test/e2e/storage/BUILD | 3 + .../k8s.io/kubernetes/test/e2e/storage/OWNERS | 23 - .../test/e2e/storage/csi_mock_volume.go | 541 +- .../test/e2e/storage/drivers/csi.go | 75 +- .../test/e2e/storage/drivers/in_tree.go | 73 +- .../test/e2e/storage/empty_dir_wrapper.go | 21 +- .../test/e2e/storage/external/external.go | 2 +- .../kubernetes/test/e2e/storage/flexvolume.go | 8 +- .../test/e2e/storage/in_tree_volumes.go | 1 + .../nfs_persistent_volume-disruptive.go | 2 +- .../test/e2e/storage/regional_pd.go | 34 +- .../e2e/storage/testpatterns/testpattern.go | 15 + .../test/e2e/storage/testsuites/BUILD | 7 +- .../test/e2e/storage/testsuites/base.go | 64 +- .../test/e2e/storage/testsuites/disruptive.go | 4 +- .../storage/testsuites/driveroperations.go | 6 +- .../test/e2e/storage/testsuites/ephemeral.go | 7 +- .../storage/testsuites/fsgroupchangepolicy.go | 275 + .../e2e/storage/testsuites/multivolume.go | 21 +- .../e2e/storage/testsuites/provisioning.go | 32 +- .../e2e/storage/testsuites/snapshottable.go | 266 +- .../testsuites/snapshottable_stress.go | 289 + .../test/e2e/storage/testsuites/subpath.go | 131 +- .../test/e2e/storage/testsuites/testdriver.go | 12 + .../test/e2e/storage/testsuites/topology.go | 4 +- .../e2e/storage/testsuites/volume_expand.go | 16 +- .../test/e2e/storage/testsuites/volume_io.go | 6 +- .../{stress.go => volume_stress.go} | 113 +- .../e2e/storage/testsuites/volumelimits.go | 4 +- .../test/e2e/storage/testsuites/volumemode.go | 13 +- .../test/e2e/storage/testsuites/volumes.go | 2 +- .../kubernetes/test/e2e/storage/utils/BUILD | 1 + .../test/e2e/storage/utils/deployment.go | 21 + .../test/e2e/storage/utils/utils.go | 110 +- .../test/e2e/storage/volume_metrics.go | 19 +- .../kubernetes/test/e2e/storage/vsphere/BUILD | 2 +- .../storage/vsphere/vsphere_statefulsets.go | 5 +- .../test/e2e/storage/vsphere/vsphere_utils.go | 2 +- .../storage/vsphere/vsphere_volume_fstype.go | 6 +- .../vsphere/vsphere_volume_master_restart.go | 14 +- .../vsphere/vsphere_volume_vsan_policy.go | 35 +- .../storage/vsphere/vsphere_zone_support.go | 2 +- .../k8s.io/kubernetes/test/e2e/system/BUILD | 32 - .../test/e2e/system/system_utils.go | 39 - .../k8s.io/kubernetes/test/e2e/upgrades/BUILD | 3 + .../kubernetes/test/e2e/upgrades/apps/OWNERS | 8 - ...eaccount_admission_controller_migration.go | 140 + .../k8s.io/kubernetes/test/integration/BUILD | 3 + .../kubernetes/test/integration/etcd/BUILD | 2 +- .../kubernetes/test/integration/etcd/OWNERS | 8 - .../kubernetes/test/integration/etcd/data.go | 40 +- .../test/integration/etcd/server.go | 3 +- .../test/integration/framework/BUILD | 2 +- .../test/integration/framework/etcd.go | 47 +- .../integration/framework/master_utils.go | 39 +- .../test/integration/framework/perf_utils.go | 14 +- .../test/integration/framework/test_server.go | 7 +- .../test/integration/framework/util.go | 1 + .../k8s.io/kubernetes/test/utils/image/OWNERS | 12 - .../kubernetes/test/utils/image/manifest.go | 4 +- .../k8s.io/kubernetes/test/utils/runners.go | 2 +- .../k8s.io/legacy-cloud-providers/aws/OWNERS | 19 - .../k8s.io/legacy-cloud-providers/aws/aws.go | 154 +- .../aws/aws_loadbalancer.go | 139 +- .../k8s.io/legacy-cloud-providers/azure/BUILD | 1 + .../legacy-cloud-providers/azure/OWNERS | 19 - .../azure/auth/azure_auth.go | 6 +- .../legacy-cloud-providers/azure/azure.go | 59 +- .../azure/azure_backoff.go | 69 +- .../azure/azure_blobDiskController.go | 10 +- .../azure/azure_controller_common.go | 79 +- .../azure/azure_controller_standard.go | 8 +- .../azure/azure_controller_vmss.go | 14 +- .../azure/azure_fakes.go | 2 +- .../azure/azure_instance_metadata.go | 2 +- .../azure/azure_instances.go | 26 +- .../azure/azure_loadbalancer.go | 1091 +- .../azure/azure_managedDiskController.go | 16 +- .../azure/azure_ratelimit.go | 2 +- .../azure/azure_routes.go | 99 +- .../azure/azure_standard.go | 308 +- .../azure/azure_storageaccount.go | 71 +- .../azure/azure_utils.go | 27 +- .../azure/azure_vmsets.go | 3 + .../azure/azure_vmss.go | 80 +- .../azure/azure_vmss_cache.go | 2 +- .../azure/azure_wrap.go | 2 +- .../azure/azure_zones.go | 6 +- .../azure/cache/azure_cache.go | 9 + .../clients/armclient/azure_armclient.go | 14 +- .../azure/clients/armclient/interface.go | 2 +- .../azure/clients/azure_client_config.go | 1 + .../azure_containerserviceclient.go | 10 +- .../azure_deploymentclient.go | 10 +- .../azure/clients/diskclient/BUILD | 1 + .../clients/diskclient/azure_diskclient.go | 206 +- .../azure/clients/diskclient/interface.go | 10 + .../diskclient/mockdiskclient/interface.go | 29 + .../azure_loadbalancerclient.go | 10 +- .../publicipclient/azure_publicipclient.go | 10 +- .../azure_securitygroupclient.go | 10 +- .../snapshotclient/azure_snapshotclient.go | 10 +- .../azure_storageaccountclient.go | 17 +- .../clients/storageaccountclient/interface.go | 4 + .../subnetclient/azure_subnetclient.go | 10 +- .../azure/clients/vmclient/azure_vmclient.go | 10 +- .../clients/vmssclient/azure_vmssclient.go | 139 +- .../azure/clients/vmssclient/interface.go | 18 + .../vmssclient/mockvmssclient/interface.go | 90 + .../vmssvmclient/azure_vmssvmclient.go | 10 +- .../azure/metrics/azure_metrics.go | 87 +- .../azure/retry/azure_error.go | 28 +- .../azure/retry/azure_retry.go | 2 +- .../k8s.io/legacy-cloud-providers/gce/BUILD | 1 + .../k8s.io/legacy-cloud-providers/gce/OWNERS | 9 - .../k8s.io/legacy-cloud-providers/gce/gce.go | 62 +- .../legacy-cloud-providers/gce/gce_disks.go | 10 +- .../gce/gce_healthchecks.go | 4 +- .../gce/gce_instances.go | 71 +- .../gce/gce_loadbalancer_internal.go | 29 +- .../legacy-cloud-providers/gce/gce_tpu.go | 18 +- .../gce/token_source.go | 4 +- .../legacy-cloud-providers/openstack/OWNERS | 12 - .../openstack/openstack.go | 2 +- .../openstack/openstack_volumes.go | 4 +- .../legacy-cloud-providers/vsphere/BUILD | 4 + .../legacy-cloud-providers/vsphere/OWNERS | 18 - .../vsphere/credentialmanager.go | 2 +- .../vsphere/nodemanager.go | 4 +- .../vsphere/vclib/connection.go | 2 +- .../vsphere/vclib/utils.go | 9 - .../vsphere/vclib/virtualmachine.go | 23 + .../legacy-cloud-providers/vsphere/vsphere.go | 49 +- .../vsphere/vsphere_util.go | 6 +- .../vsphere/vsphere_volume_map.go | 96 + .../custom_metrics/v1beta1/generated.proto | 2 +- .../custom_metrics/v1beta2/generated.proto | 2 +- .../external_metrics/v1beta1/generated.proto | 2 +- .../pkg/client/custom_metrics/converter.go | 2 +- .../pkg/client/custom_metrics/multi_client.go | 2 +- .../client/custom_metrics/versioned_client.go | 6 +- vendor/k8s.io/mount-utils/BUILD | 107 + .../validate => k8s.io/mount-utils}/LICENSE | 5 +- vendor/k8s.io/mount-utils/README.md | 30 + vendor/k8s.io/mount-utils/SECURITY_CONTACTS | 18 + vendor/k8s.io/mount-utils/code-of-conduct.md | 3 + .../pkg/master => mount-utils}/doc.go | 5 +- vendor/k8s.io/mount-utils/fake_mounter.go | 220 + vendor/k8s.io/mount-utils/go.mod | 15 + vendor/k8s.io/mount-utils/go.sum | 32 + vendor/k8s.io/mount-utils/mount.go | 368 + .../k8s.io/mount-utils/mount_helper_common.go | 103 + .../k8s.io/mount-utils/mount_helper_unix.go | 158 + .../mount-utils/mount_helper_windows.go | 101 + vendor/k8s.io/mount-utils/mount_linux.go | 575 + .../k8s.io/mount-utils/mount_unsupported.go | 82 + vendor/k8s.io/mount-utils/mount_windows.go | 330 + .../sample-apiserver/pkg/apis/wardle/doc.go | 2 +- .../pkg/apis/wardle/register.go | 5 +- .../sample-apiserver/pkg/apis/wardle/types.go | 7 + .../pkg/apis/wardle/v1alpha1/defaults.go | 1 + .../pkg/apis/wardle/v1alpha1/register.go | 5 +- vendor/k8s.io/utils/clock/README.md | 4 + vendor/k8s.io/utils/clock/clock.go | 11 +- vendor/k8s.io/utils/exec/README.md | 5 + vendor/k8s.io/utils/io/README.md | 4 + vendor/k8s.io/utils/mount/OWNERS | 1 + vendor/k8s.io/utils/mount/fake_mounter.go | 2 +- vendor/k8s.io/utils/mount/mount.go | 14 +- .../k8s.io/utils/mount/mount_helper_common.go | 2 +- .../k8s.io/utils/mount/mount_helper_unix.go | 2 +- .../utils/mount/mount_helper_windows.go | 2 +- vendor/k8s.io/utils/mount/mount_linux.go | 6 +- vendor/k8s.io/utils/mount/mount_windows.go | 100 +- .../util => utils/net}/ebtables/ebtables.go | 15 +- vendor/k8s.io/utils/net/net.go | 24 + vendor/k8s.io/utils/nsenter/README.md | 4 + vendor/k8s.io/utils/nsenter/nsenter.go | 2 +- vendor/k8s.io/utils/path/file.go | 2 +- vendor/k8s.io/utils/pointer/README.md | 3 + vendor/k8s.io/utils/pointer/pointer.go | 49 +- vendor/k8s.io/utils/trace/README.md | 67 + vendor/k8s.io/utils/trace/trace.go | 237 +- vendor/modules.txt | 372 +- .../structured-merge-diff/v4/merge/update.go | 47 +- .../v4/schema/elements.go | 2 + .../structured-merge-diff/v4/schema/equals.go | 5 + .../v4/schema/schemaschema.go | 13 + .../structured-merge-diff/v4/typed/helpers.go | 28 +- .../structured-merge-diff/v4/typed/merge.go | 4 +- .../v4/typed/reconcile_schema.go | 295 + .../structured-merge-diff/v4/typed/remove.go | 2 +- .../v4/typed/tofieldset.go | 2 +- .../structured-merge-diff/v4/typed/typed.go | 5 + .../v4/typed/validate.go | 2 +- 2545 files changed, 168576 insertions(+), 105580 deletions(-) create mode 100644 vendor/github.com/Azure/go-autorest/.gitignore create mode 100644 vendor/github.com/Azure/go-autorest/CHANGELOG.md create mode 100644 vendor/github.com/Azure/go-autorest/GNUmakefile create mode 100644 vendor/github.com/Azure/go-autorest/Gopkg.lock create mode 100644 vendor/github.com/Azure/go-autorest/Gopkg.toml create mode 100644 vendor/github.com/Azure/go-autorest/LICENSE create mode 100644 vendor/github.com/Azure/go-autorest/README.md create mode 100644 vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go create mode 100644 vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go create mode 100644 vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go create mode 100644 vendor/github.com/Azure/go-autorest/azure-pipelines.yml create mode 100644 vendor/github.com/Azure/go-autorest/doc.go create mode 100644 vendor/github.com/Azure/go-autorest/logger/go.sum create mode 100644 vendor/github.com/Azure/go-autorest/logger/go_mod_tidy_hack.go create mode 100644 vendor/github.com/Azure/go-autorest/tracing/go.sum create mode 100644 vendor/github.com/Azure/go-autorest/tracing/go_mod_tidy_hack.go create mode 100644 vendor/github.com/Microsoft/hcsshim/osversion/osversion_windows.go create mode 100644 vendor/github.com/Microsoft/hcsshim/osversion/windowsbuilds.go create mode 100644 vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go create mode 100644 vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go create mode 100644 vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go create mode 100644 vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go create mode 100644 vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go create mode 100644 vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go create mode 100644 vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go create mode 100644 vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE create mode 100644 vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go delete mode 100644 vendor/github.com/docker/docker/client/session.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/.gitignore create mode 100644 vendor/github.com/form3tech-oss/jwt-go/.travis.yml create mode 100644 vendor/github.com/form3tech-oss/jwt-go/LICENSE create mode 100644 vendor/github.com/form3tech-oss/jwt-go/MIGRATION_GUIDE.md create mode 100644 vendor/github.com/form3tech-oss/jwt-go/README.md create mode 100644 vendor/github.com/form3tech-oss/jwt-go/VERSION_HISTORY.md create mode 100644 vendor/github.com/form3tech-oss/jwt-go/claims.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/doc.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/ecdsa.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/ecdsa_utils.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/errors.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/hmac.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/map_claims.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/none.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/parser.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/rsa.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/rsa_pss.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/rsa_utils.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/signing_method.go create mode 100644 vendor/github.com/form3tech-oss/jwt-go/token.go delete mode 100644 vendor/github.com/go-openapi/analysis/.codecov.yml delete mode 100644 vendor/github.com/go-openapi/analysis/.gitignore delete mode 100644 vendor/github.com/go-openapi/analysis/.golangci.yml delete mode 100644 vendor/github.com/go-openapi/analysis/.travis.yml delete mode 100644 vendor/github.com/go-openapi/analysis/CODE_OF_CONDUCT.md delete mode 100644 vendor/github.com/go-openapi/analysis/README.md delete mode 100644 vendor/github.com/go-openapi/analysis/analyzer.go delete mode 100644 vendor/github.com/go-openapi/analysis/appveyor.yml delete mode 100644 vendor/github.com/go-openapi/analysis/debug.go delete mode 100644 vendor/github.com/go-openapi/analysis/doc.go delete mode 100644 vendor/github.com/go-openapi/analysis/fixer.go delete mode 100644 vendor/github.com/go-openapi/analysis/flatten.go delete mode 100644 vendor/github.com/go-openapi/analysis/go.mod delete mode 100644 vendor/github.com/go-openapi/analysis/go.sum delete mode 100644 vendor/github.com/go-openapi/analysis/internal/post_go18.go delete mode 100644 vendor/github.com/go-openapi/analysis/internal/pre_go18.go delete mode 100644 vendor/github.com/go-openapi/analysis/mixin.go delete mode 100644 vendor/github.com/go-openapi/analysis/schema.go delete mode 100644 vendor/github.com/go-openapi/errors/.golangci.yml delete mode 100644 vendor/github.com/go-openapi/errors/.travis.yml delete mode 100644 vendor/github.com/go-openapi/errors/CODE_OF_CONDUCT.md delete mode 100644 vendor/github.com/go-openapi/errors/README.md delete mode 100644 vendor/github.com/go-openapi/errors/api.go delete mode 100644 vendor/github.com/go-openapi/errors/go.mod delete mode 100644 vendor/github.com/go-openapi/errors/go.sum delete mode 100644 vendor/github.com/go-openapi/errors/headers.go delete mode 100644 vendor/github.com/go-openapi/errors/middleware.go delete mode 100644 vendor/github.com/go-openapi/errors/parsing.go delete mode 100644 vendor/github.com/go-openapi/loads/.editorconfig delete mode 100644 vendor/github.com/go-openapi/loads/.gitignore delete mode 100644 vendor/github.com/go-openapi/loads/.golangci.yml delete mode 100644 vendor/github.com/go-openapi/loads/.travis.yml delete mode 100644 vendor/github.com/go-openapi/loads/CODE_OF_CONDUCT.md delete mode 100644 vendor/github.com/go-openapi/loads/README.md delete mode 100644 vendor/github.com/go-openapi/loads/go.mod delete mode 100644 vendor/github.com/go-openapi/loads/go.sum delete mode 100644 vendor/github.com/go-openapi/loads/spec.go delete mode 100644 vendor/github.com/go-openapi/runtime/.editorconfig delete mode 100644 vendor/github.com/go-openapi/runtime/.travis.yml delete mode 100644 vendor/github.com/go-openapi/runtime/CODE_OF_CONDUCT.md delete mode 100644 vendor/github.com/go-openapi/runtime/README.md delete mode 100644 vendor/github.com/go-openapi/runtime/bytestream.go delete mode 100644 vendor/github.com/go-openapi/runtime/client_auth_info.go delete mode 100644 vendor/github.com/go-openapi/runtime/client_operation.go delete mode 100644 vendor/github.com/go-openapi/runtime/client_request.go delete mode 100644 vendor/github.com/go-openapi/runtime/client_response.go delete mode 100644 vendor/github.com/go-openapi/runtime/constants.go delete mode 100644 vendor/github.com/go-openapi/runtime/csv.go delete mode 100644 vendor/github.com/go-openapi/runtime/discard.go delete mode 100644 vendor/github.com/go-openapi/runtime/go.mod delete mode 100644 vendor/github.com/go-openapi/runtime/go.sum delete mode 100644 vendor/github.com/go-openapi/runtime/interfaces.go delete mode 100644 vendor/github.com/go-openapi/runtime/request.go delete mode 100644 vendor/github.com/go-openapi/runtime/statuses.go delete mode 100644 vendor/github.com/go-openapi/runtime/text.go delete mode 100644 vendor/github.com/go-openapi/runtime/values.go delete mode 100644 vendor/github.com/go-openapi/runtime/xml.go delete mode 100644 vendor/github.com/go-openapi/strfmt/.editorconfig delete mode 100644 vendor/github.com/go-openapi/strfmt/.golangci.yml delete mode 100644 vendor/github.com/go-openapi/strfmt/.travis.yml delete mode 100644 vendor/github.com/go-openapi/strfmt/CODE_OF_CONDUCT.md delete mode 100644 vendor/github.com/go-openapi/strfmt/README.md delete mode 100644 vendor/github.com/go-openapi/strfmt/go.mod delete mode 100644 vendor/github.com/go-openapi/strfmt/go.sum delete mode 100644 vendor/github.com/go-openapi/validate/.editorconfig delete mode 100644 vendor/github.com/go-openapi/validate/.golangci.yml delete mode 100644 vendor/github.com/go-openapi/validate/.travis.yml delete mode 100644 vendor/github.com/go-openapi/validate/CODE_OF_CONDUCT.md delete mode 100644 vendor/github.com/go-openapi/validate/README.md delete mode 100644 vendor/github.com/go-openapi/validate/default_validator.go delete mode 100644 vendor/github.com/go-openapi/validate/doc.go delete mode 100644 vendor/github.com/go-openapi/validate/example_validator.go delete mode 100644 vendor/github.com/go-openapi/validate/go.mod delete mode 100644 vendor/github.com/go-openapi/validate/go.sum delete mode 100644 vendor/github.com/go-openapi/validate/helpers.go delete mode 100644 vendor/github.com/go-openapi/validate/result.go delete mode 100644 vendor/github.com/go-openapi/validate/schema_option.go delete mode 100644 vendor/github.com/go-openapi/validate/spec.go delete mode 100644 vendor/github.com/go-openapi/validate/spec_messages.go delete mode 100644 vendor/github.com/go-openapi/validate/update-fixtures.sh delete mode 100644 vendor/github.com/go-openapi/validate/validator.go delete mode 100644 vendor/github.com/go-stack/stack/.travis.yml delete mode 100644 vendor/github.com/go-stack/stack/LICENSE.md delete mode 100644 vendor/github.com/go-stack/stack/README.md delete mode 100644 vendor/github.com/go-stack/stack/go.mod delete mode 100644 vendor/github.com/go-stack/stack/stack.go rename vendor/github.com/opencontainers/go-digest/{LICENSE.code => LICENSE} (99%) create mode 100644 vendor/github.com/opencontainers/go-digest/go.mod create mode 100644 vendor/github.com/opencontainers/runc/libcontainer/configs/device_unix.go create mode 100644 vendor/github.com/opencontainers/runc/libcontainer/configs/device_windows.go create mode 100644 vendor/github.com/opencontainers/selinux/go-selinux/doc.go create mode 100644 vendor/github.com/opencontainers/selinux/go-selinux/selinux.go create mode 100644 vendor/github.com/openshift/api/console/v1/0000_10_consolequickstart.crd.yaml create mode 100644 vendor/github.com/openshift/api/console/v1/types_console_quick_start.go create mode 100644 vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/useroauthaccesstoken.go create mode 100644 vendor/github.com/openshift/client-go/oauth/informers/externalversions/oauth/v1/useroauthaccesstoken.go create mode 100644 vendor/github.com/openshift/client-go/oauth/listers/oauth/v1/useroauthaccesstoken.go create mode 100644 vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissionregistration.go delete mode 100644 vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissions.go create mode 100644 vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/admissionregistration.go create mode 100644 vendor/github.com/prometheus/procfs/CODE_OF_CONDUCT.md rename vendor/github.com/prometheus/procfs/{cpuinfo_arm.go => cpuinfo_armx.go} (97%) delete mode 100644 vendor/github.com/prometheus/procfs/cpuinfo_mips64.go delete mode 100644 vendor/github.com/prometheus/procfs/cpuinfo_mips64le.go delete mode 100644 vendor/github.com/prometheus/procfs/cpuinfo_mipsle.go rename vendor/github.com/prometheus/procfs/{cpuinfo_mips.go => cpuinfo_mipsx.go} (94%) rename vendor/github.com/prometheus/procfs/{cpuinfo_arm64.go => cpuinfo_others.go} (82%) rename vendor/github.com/prometheus/procfs/{cpuinfo_ppc64.go => cpuinfo_ppcx.go} (96%) rename vendor/github.com/prometheus/procfs/{cpuinfo_default.go => cpuinfo_x86.go} (100%) create mode 100644 vendor/github.com/storageos/go-api/cluster.go create mode 100644 vendor/github.com/storageos/go-api/licence.go create mode 100644 vendor/github.com/storageos/go-api/types/cluster.go create mode 100644 vendor/github.com/storageos/go-api/types/licence.go create mode 100644 vendor/github.com/willf/bitset/.gitignore create mode 100644 vendor/github.com/willf/bitset/.travis.yml create mode 100644 vendor/github.com/willf/bitset/LICENSE create mode 100644 vendor/github.com/willf/bitset/Makefile create mode 100644 vendor/github.com/willf/bitset/README.md create mode 100644 vendor/github.com/willf/bitset/azure-pipelines.yml create mode 100644 vendor/github.com/willf/bitset/bitset.go create mode 100644 vendor/github.com/willf/bitset/popcnt.go create mode 100644 vendor/github.com/willf/bitset/popcnt_19.go create mode 100644 vendor/github.com/willf/bitset/popcnt_amd64.go create mode 100644 vendor/github.com/willf/bitset/popcnt_amd64.s create mode 100644 vendor/github.com/willf/bitset/popcnt_generic.go create mode 100644 vendor/github.com/willf/bitset/trailing_zeros_18.go create mode 100644 vendor/github.com/willf/bitset/trailing_zeros_19.go create mode 100644 vendor/go.etcd.io/etcd/auth/metrics.go create mode 100644 vendor/go.etcd.io/etcd/clientv3/ctx.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bson.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bson_1_8.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/bsoncodec.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/default_value_decoders.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/default_value_encoders.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/doc.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/mode.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/pointer_codec.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/proxy.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/registry.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/struct_codec.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/struct_tag_parser.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/types.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/copier.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/doc.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_parser.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_reader.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_tables.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_wrappers.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_writer.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/json_scanner.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/mode.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/reader.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/value_reader.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/value_writer.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsonrw/writer.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/bsontype/bsontype.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/decoder.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/doc.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/encoder.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/marshal.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/primitive/decimal.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/primitive/primitive.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/primitive_codecs.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/raw.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/raw_element.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/raw_value.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/registry.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/types.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/bson/unmarshal.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/x/bsonx/bsoncore/bsoncore.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/x/bsonx/bsoncore/document.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/x/bsonx/bsoncore/document_sequence.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/x/bsonx/bsoncore/element.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/x/bsonx/bsoncore/tables.go delete mode 100644 vendor/go.mongodb.org/mongo-driver/x/bsonx/bsoncore/value.go create mode 100644 vendor/golang.org/x/net/idna/tables12.0.0.go create mode 100644 vendor/golang.org/x/net/idna/tables13.0.0.go create mode 100644 vendor/golang.org/x/net/internal/socket/cmsghdr_unix.go create mode 100644 vendor/golang.org/x/net/internal/socket/cmsghdr_zos_s390x.go create mode 100644 vendor/golang.org/x/net/internal/socket/msghdr_zos_s390x.go create mode 100644 vendor/golang.org/x/net/internal/socket/norace.go create mode 100644 vendor/golang.org/x/net/internal/socket/race.go delete mode 100644 vendor/golang.org/x/net/internal/socket/sys_bsdvar.go create mode 100644 vendor/golang.org/x/net/internal/socket/sys_const_zos.go delete mode 100644 vendor/golang.org/x/net/internal/socket/sys_darwin.go delete mode 100644 vendor/golang.org/x/net/internal/socket/sys_dragonfly.go rename vendor/golang.org/x/net/internal/socket/{sys_go1_11_darwin.go => sys_zos_s390x.go} (52%) create mode 100644 vendor/golang.org/x/net/internal/socket/sys_zos_s390x.s create mode 100644 vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go create mode 100644 vendor/golang.org/x/net/ipv4/control_zos.go create mode 100644 vendor/golang.org/x/net/ipv4/sys_zos.go create mode 100644 vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go create mode 100644 vendor/golang.org/x/net/ipv4/zsys_zos_s390x.go create mode 100644 vendor/golang.org/x/net/ipv6/icmp_zos.go create mode 100644 vendor/golang.org/x/net/ipv6/sys_zos.go create mode 100644 vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go create mode 100644 vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go create mode 100644 vendor/google.golang.org/api/internal/conn_pool.go create mode 100644 vendor/google.golang.org/api/internal/gensupport/version.go delete mode 100644 vendor/google.golang.org/api/internal/pool.go delete mode 100644 vendor/google.golang.org/api/logging/v2beta1/logging-api.json delete mode 100644 vendor/google.golang.org/api/logging/v2beta1/logging-gen.go create mode 100644 vendor/google.golang.org/api/option/internaloption/internaloption.go delete mode 100644 vendor/google.golang.org/api/pubsub/v1/pubsub-api.json delete mode 100644 vendor/google.golang.org/api/pubsub/v1/pubsub-gen.go create mode 100644 vendor/google.golang.org/api/transport/cert/default_cert.go create mode 100644 vendor/k8s.io/api/apiserverinternal/v1alpha1/doc.go create mode 100644 vendor/k8s.io/api/apiserverinternal/v1alpha1/generated.pb.go create mode 100644 vendor/k8s.io/api/apiserverinternal/v1alpha1/generated.proto rename vendor/k8s.io/api/{settings => apiserverinternal}/v1alpha1/register.go (73%) create mode 100644 vendor/k8s.io/api/apiserverinternal/v1alpha1/types.go create mode 100644 vendor/k8s.io/api/apiserverinternal/v1alpha1/types_swagger_doc_generated.go create mode 100644 vendor/k8s.io/api/apiserverinternal/v1alpha1/zz_generated.deepcopy.go create mode 100644 vendor/k8s.io/api/flowcontrol/v1alpha1/zz_generated.prerelease-lifecycle.go rename vendor/k8s.io/{kubernetes/pkg/kubelet/apis/resourcemetrics/v1alpha1/config.go => api/flowcontrol/v1beta1/doc.go} (63%) create mode 100644 vendor/k8s.io/api/flowcontrol/v1beta1/generated.pb.go create mode 100644 vendor/k8s.io/api/flowcontrol/v1beta1/generated.proto create mode 100644 vendor/k8s.io/api/flowcontrol/v1beta1/register.go create mode 100644 vendor/k8s.io/api/flowcontrol/v1beta1/types.go create mode 100644 vendor/k8s.io/api/flowcontrol/v1beta1/types_swagger_doc_generated.go create mode 100644 vendor/k8s.io/api/flowcontrol/v1beta1/zz_generated.deepcopy.go create mode 100644 vendor/k8s.io/api/flowcontrol/v1beta1/zz_generated.prerelease-lifecycle.go rename vendor/k8s.io/api/{settings/v1alpha1 => node/v1}/doc.go (82%) create mode 100644 vendor/k8s.io/api/node/v1/generated.pb.go create mode 100644 vendor/k8s.io/api/node/v1/generated.proto create mode 100644 vendor/k8s.io/api/node/v1/register.go create mode 100644 vendor/k8s.io/api/node/v1/types.go create mode 100644 vendor/k8s.io/api/node/v1/types_swagger_doc_generated.go rename vendor/k8s.io/api/{settings/v1alpha1 => node/v1}/zz_generated.deepcopy.go (54%) delete mode 100644 vendor/k8s.io/api/settings/v1alpha1/generated.pb.go delete mode 100644 vendor/k8s.io/api/settings/v1alpha1/generated.proto delete mode 100644 vendor/k8s.io/api/settings/v1alpha1/types.go delete mode 100644 vendor/k8s.io/api/settings/v1alpha1/types_swagger_doc_generated.go create mode 100644 vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/schema/defaulting/prunenulls.go create mode 100644 vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/schema/kubeopenapi.go create mode 100644 vendor/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time_fuzz.go create mode 100644 vendor/k8s.io/apimachinery/pkg/apis/meta/v1/time_fuzz.go rename vendor/k8s.io/{kubernetes/test/e2e/servicecatalog/framework.go => apimachinery/pkg/util/intstr/instr_fuzz.go} (52%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/BUILD (66%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/admission.go (85%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/BUILD (52%) rename vendor/k8s.io/{kubernetes/pkg/apis/settings => apiserver/pkg/admission/plugin/resourcequota/apis/resourcequota}/doc.go (85%) create mode 100644 vendor/k8s.io/apiserver/pkg/admission/plugin/resourcequota/apis/resourcequota/install/BUILD rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/install/install.go (78%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/register.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/types.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1beta1 => apiserver/pkg/admission/plugin/resourcequota/apis/resourcequota/v1}/BUILD (75%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1/defaults.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1/doc.go (78%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1/register.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1/types.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1/zz_generated.conversion.go (98%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1/zz_generated.deepcopy.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1/zz_generated.defaults.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1alpha1/BUILD (74%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1alpha1/defaults.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1alpha1/doc.go (78%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1alpha1/register.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1alpha1/types.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1alpha1/zz_generated.conversion.go (98%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1alpha1/zz_generated.deepcopy.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1alpha1/zz_generated.defaults.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1 => apiserver/pkg/admission/plugin/resourcequota/apis/resourcequota/v1beta1}/BUILD (75%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1beta1/defaults.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1beta1/doc.go (78%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1beta1/register.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1beta1/types.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1beta1/zz_generated.conversion.go (98%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1beta1/zz_generated.deepcopy.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/v1beta1/zz_generated.defaults.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/validation/BUILD (59%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/validation/validation.go (92%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/apis/resourcequota/zz_generated.deepcopy.go (100%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/config.go (86%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/controller.go (99%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/doc.go (88%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission => apiserver/pkg/admission/plugin}/resourcequota/resource_access.go (100%) delete mode 100644 vendor/k8s.io/apiserver/pkg/apis/audit/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/audit/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/authentication/request/x509/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/OWNERS create mode 100644 vendor/k8s.io/apiserver/pkg/endpoints/filterlatency/BUILD create mode 100644 vendor/k8s.io/apiserver/pkg/endpoints/filterlatency/filterlatency.go delete mode 100644 vendor/k8s.io/apiserver/pkg/endpoints/filters/OWNERS create mode 100644 vendor/k8s.io/apiserver/pkg/endpoints/filters/storageversion.go delete mode 100644 vendor/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/OWNERS rename vendor/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/{internal => }/typeconverter.go (95%) rename vendor/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/{internal => }/versionconverter.go (95%) delete mode 100644 vendor/k8s.io/apiserver/pkg/endpoints/metrics/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/endpoints/openapi/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/endpoints/request/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/features/OWNERS rename vendor/k8s.io/{kubernetes => apiserver}/pkg/quota/v1/BUILD (87%) rename vendor/k8s.io/{kubernetes => apiserver}/pkg/quota/v1/generic/BUILD (87%) rename vendor/k8s.io/{kubernetes => apiserver}/pkg/quota/v1/generic/configuration.go (96%) rename vendor/k8s.io/{kubernetes => apiserver}/pkg/quota/v1/generic/evaluator.go (99%) rename vendor/k8s.io/{kubernetes => apiserver}/pkg/quota/v1/generic/registry.go (98%) rename vendor/k8s.io/{kubernetes => apiserver}/pkg/quota/v1/interfaces.go (99%) rename vendor/k8s.io/{kubernetes => apiserver}/pkg/quota/v1/resources.go (99%) delete mode 100644 vendor/k8s.io/apiserver/pkg/registry/generic/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/registry/rest/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/server/filters/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/server/mux/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/server/options/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/server/routes/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/storage/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/storage/etcd3/OWNERS delete mode 100644 vendor/k8s.io/apiserver/pkg/storage/storagebackend/OWNERS rename vendor/k8s.io/{client-go/metadata/metadatalister => apiserver/pkg/storageversion}/BUILD (54%) create mode 100644 vendor/k8s.io/apiserver/pkg/storageversion/manager.go create mode 100644 vendor/k8s.io/apiserver/pkg/storageversion/updater.go delete mode 100644 vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/OWNERS rename vendor/k8s.io/client-go/informers/{settings => apiserverinternal}/BUILD (54%) rename vendor/k8s.io/client-go/informers/{settings => apiserverinternal}/interface.go (94%) create mode 100644 vendor/k8s.io/client-go/informers/apiserverinternal/v1alpha1/BUILD rename vendor/k8s.io/client-go/informers/{settings => apiserverinternal}/v1alpha1/interface.go (80%) create mode 100644 vendor/k8s.io/client-go/informers/apiserverinternal/v1alpha1/storageversion.go create mode 100644 vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/BUILD rename vendor/k8s.io/client-go/informers/{settings/v1alpha1/podpreset.go => flowcontrol/v1beta1/flowschema.go} (51%) create mode 100644 vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/interface.go create mode 100644 vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/prioritylevelconfiguration.go rename vendor/k8s.io/client-go/informers/{settings/v1alpha1 => node/v1}/BUILD (68%) create mode 100644 vendor/k8s.io/client-go/informers/node/v1/interface.go create mode 100644 vendor/k8s.io/client-go/informers/node/v1/runtimeclass.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1/BUILD rename vendor/k8s.io/client-go/kubernetes/typed/{settings/v1alpha1/settings_client.go => apiserverinternal/v1alpha1/apiserverinternal_client.go} (64%) rename vendor/k8s.io/client-go/kubernetes/typed/{settings => apiserverinternal}/v1alpha1/doc.go (100%) create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1/fake/BUILD rename vendor/k8s.io/client-go/kubernetes/typed/{settings => apiserverinternal}/v1alpha1/fake/doc.go (100%) rename vendor/k8s.io/client-go/kubernetes/typed/{settings/v1alpha1/fake/fake_settings_client.go => apiserverinternal/v1alpha1/fake/fake_apiserverinternal_client.go} (75%) create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1/fake/fake_storageversion.go rename vendor/k8s.io/client-go/kubernetes/typed/{settings => apiserverinternal}/v1alpha1/generated_expansion.go (93%) create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1/storageversion.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/BUILD create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/doc.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/fake/BUILD create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/fake/doc.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/fake/fake_flowcontrol_client.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/fake/fake_flowschema.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/fake/fake_prioritylevelconfiguration.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/flowcontrol_client.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/flowschema.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/generated_expansion.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/prioritylevelconfiguration.go rename vendor/k8s.io/client-go/kubernetes/typed/{settings/v1alpha1 => node/v1}/BUILD (65%) create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/node/v1/doc.go rename vendor/k8s.io/client-go/kubernetes/typed/{settings/v1alpha1 => node/v1}/fake/BUILD (66%) create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/node/v1/fake/doc.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/node/v1/fake/fake_node_client.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/node/v1/fake/fake_runtimeclass.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/node/v1/generated_expansion.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/node/v1/node_client.go create mode 100644 vendor/k8s.io/client-go/kubernetes/typed/node/v1/runtimeclass.go delete mode 100644 vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/fake/fake_podpreset.go delete mode 100644 vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/podpreset.go create mode 100644 vendor/k8s.io/client-go/listers/apiserverinternal/v1alpha1/BUILD rename vendor/k8s.io/client-go/listers/{settings => apiserverinternal}/v1alpha1/expansion_generated.go (69%) create mode 100644 vendor/k8s.io/client-go/listers/apiserverinternal/v1alpha1/storageversion.go create mode 100644 vendor/k8s.io/client-go/listers/flowcontrol/v1beta1/BUILD create mode 100644 vendor/k8s.io/client-go/listers/flowcontrol/v1beta1/expansion_generated.go create mode 100644 vendor/k8s.io/client-go/listers/flowcontrol/v1beta1/flowschema.go create mode 100644 vendor/k8s.io/client-go/listers/flowcontrol/v1beta1/prioritylevelconfiguration.go rename vendor/k8s.io/client-go/listers/{settings/v1alpha1 => node/v1}/BUILD (68%) create mode 100644 vendor/k8s.io/client-go/listers/node/v1/expansion_generated.go create mode 100644 vendor/k8s.io/client-go/listers/node/v1/runtimeclass.go delete mode 100644 vendor/k8s.io/client-go/listers/settings/v1alpha1/podpreset.go delete mode 100644 vendor/k8s.io/client-go/metadata/BUILD delete mode 100644 vendor/k8s.io/client-go/metadata/interface.go delete mode 100644 vendor/k8s.io/client-go/metadata/metadata.go delete mode 100644 vendor/k8s.io/client-go/metadata/metadatainformer/BUILD delete mode 100644 vendor/k8s.io/client-go/metadata/metadatainformer/informer.go delete mode 100644 vendor/k8s.io/client-go/metadata/metadatainformer/interface.go delete mode 100644 vendor/k8s.io/client-go/metadata/metadatalister/interface.go delete mode 100644 vendor/k8s.io/client-go/metadata/metadatalister/lister.go delete mode 100644 vendor/k8s.io/client-go/metadata/metadatalister/shim.go delete mode 100644 vendor/k8s.io/client-go/pkg/apis/clientauthentication/OWNERS create mode 100644 vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/conversion.go delete mode 100644 vendor/k8s.io/client-go/plugin/pkg/client/auth/OWNERS delete mode 100644 vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp/OWNERS delete mode 100644 vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc/OWNERS delete mode 100644 vendor/k8s.io/client-go/rest/OWNERS create mode 100644 vendor/k8s.io/client-go/rest/exec.go delete mode 100644 vendor/k8s.io/client-go/scale/patch_dc.go delete mode 100644 vendor/k8s.io/client-go/tools/auth/OWNERS delete mode 100644 vendor/k8s.io/client-go/tools/cache/OWNERS delete mode 100644 vendor/k8s.io/client-go/tools/events/OWNERS delete mode 100644 vendor/k8s.io/client-go/tools/leaderelection/OWNERS delete mode 100644 vendor/k8s.io/client-go/tools/metrics/OWNERS delete mode 100644 vendor/k8s.io/client-go/tools/record/OWNERS delete mode 100644 vendor/k8s.io/client-go/transport/OWNERS delete mode 100644 vendor/k8s.io/client-go/util/cert/OWNERS delete mode 100644 vendor/k8s.io/client-go/util/certificate/OWNERS delete mode 100644 vendor/k8s.io/client-go/util/keyutil/OWNERS delete mode 100644 vendor/k8s.io/client-go/util/retry/OWNERS delete mode 100644 vendor/k8s.io/cloud-provider/OWNERS create mode 100644 vendor/k8s.io/component-base/logs/datapol/datapol.go create mode 100644 vendor/k8s.io/component-base/logs/datapol/externaltypes.go create mode 100644 vendor/k8s.io/component-base/logs/sanitization/sanitization.go rename vendor/{github.com/go-openapi/analysis => k8s.io/component-helpers}/LICENSE (100%) rename vendor/k8s.io/{kubernetes/pkg/kubelet/nodelease => component-helpers/apimachinery/lease}/controller.go (70%) rename vendor/k8s.io/{kubernetes/pkg/registry => component-helpers/auth}/rbac/reconciliation/clusterrole_interfaces.go (96%) rename vendor/k8s.io/{kubernetes/pkg/registry => component-helpers/auth}/rbac/reconciliation/clusterrolebinding_interfaces.go (97%) rename vendor/k8s.io/{kubernetes/pkg/registry => component-helpers/auth}/rbac/reconciliation/namespace.go (100%) rename vendor/k8s.io/{kubernetes/pkg/registry => component-helpers/auth}/rbac/reconciliation/reconcile_role.go (99%) rename vendor/k8s.io/{kubernetes/pkg/registry => component-helpers/auth}/rbac/reconciliation/reconcile_rolebindings.go (100%) rename vendor/k8s.io/{kubernetes/pkg/registry => component-helpers/auth}/rbac/reconciliation/role_interfaces.go (96%) rename vendor/k8s.io/{kubernetes/pkg/registry => component-helpers/auth}/rbac/reconciliation/rolebinding_interfaces.go (97%) rename vendor/k8s.io/{kubernetes/pkg/registry => component-helpers/auth}/rbac/reconciliation/zz_generated.deepcopy.go (100%) rename vendor/k8s.io/{kubernetes/pkg/registry => component-helpers/auth}/rbac/validation/policy_comparator.go (100%) create mode 100644 vendor/k8s.io/component-helpers/scheduling/corev1/doc.go create mode 100644 vendor/k8s.io/component-helpers/scheduling/corev1/helpers.go create mode 100644 vendor/k8s.io/component-helpers/scheduling/corev1/nodeaffinity/nodeaffinity.go rename vendor/{go.mongodb.org/mongo-driver => k8s.io/controller-manager}/LICENSE (99%) create mode 100644 vendor/k8s.io/controller-manager/pkg/clientbuilder/BUILD rename vendor/k8s.io/{kubernetes/pkg/controller => controller-manager/pkg/clientbuilder}/client_builder.go (85%) rename vendor/k8s.io/{kubernetes/pkg/kubelet/util.go => csi-translation-lib/plugins/const.go} (65%) create mode 100644 vendor/k8s.io/klog/v2/SECURITY.md create mode 100644 vendor/k8s.io/kube-openapi/pkg/handler/default_pruning.go rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/errors/.gitignore (100%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/errors/LICENSE (100%) rename vendor/{github.com/go-openapi/runtime/headers.go => k8s.io/kube-openapi/pkg/validation/errors/api.go} (53%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/errors/doc.go (100%) rename vendor/{github.com/go-openapi/runtime/json.go => k8s.io/kube-openapi/pkg/validation/errors/headers.go} (51%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/errors/schema.go (94%) rename vendor/{github.com/go-openapi/strfmt => k8s.io/kube-openapi/pkg/validation/spec}/.gitignore (100%) rename vendor/{github.com/go-openapi/loads => k8s.io/kube-openapi/pkg/validation/spec}/LICENSE (100%) rename vendor/{github.com/go-openapi/errors/auth.go => k8s.io/kube-openapi/pkg/validation/spec/external_docs.go} (65%) rename vendor/{github.com/prometheus/procfs/cpuinfo_ppc64le.go => k8s.io/kube-openapi/pkg/validation/spec/header.go} (76%) create mode 100644 vendor/k8s.io/kube-openapi/pkg/validation/spec/info.go create mode 100644 vendor/k8s.io/kube-openapi/pkg/validation/spec/ref.go create mode 100644 vendor/k8s.io/kube-openapi/pkg/validation/spec/schema.go create mode 100644 vendor/k8s.io/kube-openapi/pkg/validation/spec/swagger.go rename vendor/{github.com/go-openapi/validate => k8s.io/kube-openapi/pkg/validation/strfmt}/.gitignore (52%) rename vendor/{github.com/go-openapi/runtime => k8s.io/kube-openapi/pkg/validation/strfmt}/LICENSE (100%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/strfmt/bson.go (58%) rename vendor/{go.mongodb.org/mongo-driver/bson/primitive => k8s.io/kube-openapi/pkg/validation/strfmt/bson}/objectid.go (62%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/strfmt/date.go (69%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/strfmt/default.go (74%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/strfmt/doc.go (100%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/strfmt/duration.go (85%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/strfmt/format.go (99%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/strfmt/time.go (87%) rename vendor/{github.com/go-openapi/runtime => k8s.io/kube-openapi/pkg/validation/validate}/.gitignore (100%) rename vendor/{github.com/go-openapi/strfmt => k8s.io/kube-openapi/pkg/validation/validate}/LICENSE (100%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/debug.go (100%) rename vendor/{github.com/go-openapi/loads => k8s.io/kube-openapi/pkg/validation/validate}/doc.go (70%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/formats.go (81%) create mode 100644 vendor/k8s.io/kube-openapi/pkg/validation/validate/helpers.go rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/object_validator.go (61%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/options.go (100%) create mode 100644 vendor/k8s.io/kube-openapi/pkg/validation/validate/result.go rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/rexp.go (100%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/schema.go (92%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/schema_messages.go (90%) rename vendor/{github.com/go-openapi/runtime/file.go => k8s.io/kube-openapi/pkg/validation/validate/schema_option.go} (64%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/schema_props.go (96%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/slice_validator.go (90%) rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/type.go (94%) create mode 100644 vendor/k8s.io/kube-openapi/pkg/validation/validate/validator.go rename vendor/{github.com/go-openapi => k8s.io/kube-openapi/pkg/validation}/validate/values.go (90%) rename vendor/k8s.io/{kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota => kubelet/config/v1alpha1}/doc.go (77%) create mode 100644 vendor/k8s.io/kubelet/config/v1alpha1/register.go create mode 100644 vendor/k8s.io/kubelet/config/v1alpha1/types.go create mode 100644 vendor/k8s.io/kubelet/config/v1alpha1/zz_generated.deepcopy.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/OWNERS create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/doc.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/install/install.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/register.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/types.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1/doc.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1/register.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1/types.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1/zz_generated.conversion.go rename vendor/k8s.io/{kubernetes/pkg/apis/settings => kubelet/pkg/apis/credentialprovider/v1alpha1}/zz_generated.deepcopy.go (53%) create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1/zz_generated.defaults.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/credentialprovider/zz_generated.deepcopy.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/podresources/v1/api.pb.go create mode 100644 vendor/k8s.io/kubelet/pkg/apis/podresources/v1/api.proto rename vendor/k8s.io/{kubernetes/pkg/kubelet => kubelet/pkg}/apis/podresources/v1alpha1/api.pb.go (100%) rename vendor/k8s.io/{kubernetes/pkg/kubelet => kubelet/pkg}/apis/podresources/v1alpha1/api.proto (98%) rename vendor/k8s.io/{kubernetes/pkg/kubelet => kubelet/pkg}/apis/stats/v1alpha1/types.go (100%) delete mode 100644 vendor/k8s.io/kubernetes/cmd/kubelet/app/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/api/endpoints/BUILD delete mode 100644 vendor/k8s.io/kubernetes/pkg/api/endpoints/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/api/endpoints/util.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/api/persistentvolume/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/api/persistentvolumeclaim/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/api/pod/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/api/podsecuritypolicy/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/api/service/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/abac/OWNERS rename vendor/k8s.io/kubernetes/pkg/apis/{settings => apiserverinternal}/BUILD (60%) create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apiserverinternal/doc.go create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apiserverinternal/install/BUILD rename vendor/k8s.io/kubernetes/pkg/apis/{settings => apiserverinternal}/install/install.go (78%) rename vendor/k8s.io/kubernetes/pkg/apis/{settings => apiserverinternal}/register.go (80%) create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apiserverinternal/types.go create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apiserverinternal/v1alpha1/BUILD create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apiserverinternal/v1alpha1/doc.go rename vendor/k8s.io/kubernetes/pkg/apis/{settings => apiserverinternal}/v1alpha1/register.go (82%) create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apiserverinternal/v1alpha1/zz_generated.conversion.go create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apiserverinternal/v1alpha1/zz_generated.defaults.go rename vendor/k8s.io/kubernetes/pkg/apis/{settings => apiserverinternal}/validation/BUILD (57%) create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apiserverinternal/validation/validation.go create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apiserverinternal/zz_generated.deepcopy.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/apps/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/authentication/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/authorization/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/autoscaling/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/batch/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/certificates/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/core/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/core/install/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/core/v1/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/core/validation/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/extensions/OWNERS create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/flowcontrol/v1beta1/BUILD create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/flowcontrol/v1beta1/defaults.go rename vendor/k8s.io/kubernetes/pkg/apis/{settings/v1alpha1 => flowcontrol/v1beta1}/doc.go (60%) create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/flowcontrol/v1beta1/register.go create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/flowcontrol/v1beta1/zz_generated.conversion.go create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/flowcontrol/v1beta1/zz_generated.defaults.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/networking/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/networking/validation/conditional_validation.go rename vendor/k8s.io/kubernetes/pkg/apis/{settings/v1alpha1 => node/v1}/BUILD (65%) create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/node/v1/doc.go create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/node/v1/register.go create mode 100644 vendor/k8s.io/kubernetes/pkg/apis/node/v1/zz_generated.conversion.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/policy/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/rbac/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/settings/install/BUILD delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/settings/types.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.conversion.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.defaults.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/settings/validation/validation.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/apis/storage/OWNERS rename vendor/k8s.io/kubernetes/pkg/{master => cluster}/ports/BUILD (90%) rename vendor/k8s.io/kubernetes/pkg/{master => cluster}/ports/doc.go (91%) rename vendor/k8s.io/kubernetes/pkg/{master => cluster}/ports/ports.go (100%) delete mode 100644 vendor/k8s.io/kubernetes/pkg/controller/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/controller/daemon/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/controller/informer_factory.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/controller/job/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/controller/replicaset/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/controller/replication/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/controller/volume/scheduling/OWNERS rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/BUILD (83%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/client_util.go (98%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/controller.go (98%) rename vendor/k8s.io/kubernetes/{test/e2e/servicecatalog => pkg/controlplane/controller/apiserverleasegc}/BUILD (54%) create mode 100644 vendor/k8s.io/kubernetes/pkg/controlplane/controller/apiserverleasegc/gc_controller.go rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/controller/clusterauthenticationtrust/BUILD (97%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/controller/clusterauthenticationtrust/cluster_authentication_trust_controller.go (100%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/controller/crdregistration/BUILD (96%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/controller/crdregistration/crdregistration_controller.go (100%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/controller/crdregistration/patch.go (100%) create mode 100644 vendor/k8s.io/kubernetes/pkg/controlplane/deleted_kinds.go create mode 100644 vendor/k8s.io/kubernetes/pkg/controlplane/doc.go rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/import_known_versions.go (95%) rename vendor/k8s.io/kubernetes/pkg/{master/master.go => controlplane/instance.go} (85%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/reconcilers/BUILD (91%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/reconcilers/doc.go (100%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/reconcilers/endpointsadapter.go (96%) rename vendor/k8s.io/kubernetes/pkg/{master/reconcilers/mastercount.go => controlplane/reconcilers/instancecount.go} (100%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/reconcilers/lease.go (99%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/reconcilers/none.go (100%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/reconcilers/reconcilers.go (100%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/services.go (99%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/tunneler/BUILD (94%) rename vendor/k8s.io/kubernetes/pkg/{master => controlplane}/tunneler/ssh.go (100%) delete mode 100644 vendor/k8s.io/kubernetes/pkg/credentialprovider/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/credentialprovider/aws/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/OWNERS create mode 100644 vendor/k8s.io/kubernetes/pkg/credentialprovider/plugin/BUILD create mode 100644 vendor/k8s.io/kubernetes/pkg/credentialprovider/plugin/config.go create mode 100644 vendor/k8s.io/kubernetes/pkg/credentialprovider/plugin/plugin.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/features/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/generated/openapi/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubeapiserver/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubeapiserver/authenticator/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubeapiserver/server/BUILD delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubeapiserver/server/insecure_handler.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/config/OWNERS create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/config/v1alpha1/BUILD create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/config/v1alpha1/doc.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/config/v1alpha1/register.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/config/v1alpha1/zz_generated.conversion.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/config/v1alpha1/zz_generated.deepcopy.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/config/v1alpha1/zz_generated.defaults.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/podresources/server_v1.go rename vendor/k8s.io/kubernetes/pkg/kubelet/apis/podresources/{server.go => server_v1alpha1.go} (55%) create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/podresources/types.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/podresources/v1alpha1/BUILD delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/resourcemetrics/v1alpha1/BUILD delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1/BUILD delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/certificate/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cm/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpuset/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cm/topologymanager/OWNERS create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cm/topologymanager/scope.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cm/topologymanager/scope_container.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cm/topologymanager/scope_pod.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cri/remote/OWNERS create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/cri/streaming/.import-restrictions delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/network/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport/hostport_syncer.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/OWNERS create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/security_context_others.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/security_context_windows.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/network/dns/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/nodelease/BUILD create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/nodeshutdown/BUILD create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/nodeshutdown/nodeshutdown_manager_linux.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/nodeshutdown/nodeshutdown_manager_others.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/nodeshutdown/systemd/BUILD create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/nodeshutdown/systemd/doc.go create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/nodeshutdown/systemd/inhibit_linux.go rename vendor/k8s.io/kubernetes/pkg/{registry/settings/podpreset/doc.go => kubelet/nodeshutdown/systemd/inhibit_others.go} (81%) delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/pluginmanager/OWNERS create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/pod_sandbox_deleter.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/prober/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/server/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/prometheus_resource_metrics.go rename vendor/k8s.io/kubernetes/pkg/kubelet/stats/{stats_provider.go => provider.go} (84%) delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/token/OWNERS create mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/util/nodelease.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/kubemark/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/master/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/printers/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/probe/OWNERS create mode 100644 vendor/k8s.io/kubernetes/pkg/probe/exec/errors.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/proxy/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/proxy/apis/config/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/proxy/config/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/proxy/iptables/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/proxy/ipvs/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/proxy/userspace/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/proxy/winkernel/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/quota/v1/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/quota/v1/generic/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/quota/v1/install/OWNERS rename vendor/k8s.io/kubernetes/pkg/registry/{settings => apiserverinternal}/rest/BUILD (58%) create mode 100644 vendor/k8s.io/kubernetes/pkg/registry/apiserverinternal/rest/storage.go rename vendor/k8s.io/kubernetes/pkg/registry/{settings/podpreset => apiserverinternal/storageversion}/BUILD (57%) create mode 100644 vendor/k8s.io/kubernetes/pkg/registry/apiserverinternal/storageversion/doc.go create mode 100644 vendor/k8s.io/kubernetes/pkg/registry/apiserverinternal/storageversion/storage/BUILD create mode 100644 vendor/k8s.io/kubernetes/pkg/registry/apiserverinternal/storageversion/storage/storage.go create mode 100644 vendor/k8s.io/kubernetes/pkg/registry/apiserverinternal/storageversion/strategy.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/registry/rbac/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/registry/rbac/reconciliation/BUILD delete mode 100644 vendor/k8s.io/kubernetes/pkg/registry/registrytest/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/registry/settings/podpreset/storage/BUILD delete mode 100644 vendor/k8s.io/kubernetes/pkg/registry/settings/podpreset/storage/storage.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/registry/settings/podpreset/strategy.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/registry/settings/rest/storage_settings.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/routes/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/scheduler/apis/config/OWNERS rename vendor/k8s.io/kubernetes/pkg/scheduler/framework/{v1alpha1 => }/BUILD (90%) rename vendor/k8s.io/kubernetes/pkg/scheduler/framework/{v1alpha1 => }/cycle_state.go (99%) rename vendor/k8s.io/kubernetes/pkg/scheduler/framework/{v1alpha1 => }/extender.go (99%) rename vendor/k8s.io/kubernetes/pkg/scheduler/framework/{v1alpha1 => }/interface.go (88%) rename vendor/k8s.io/kubernetes/pkg/scheduler/framework/{v1alpha1 => }/listers.go (86%) rename vendor/k8s.io/kubernetes/pkg/scheduler/framework/{v1alpha1 => }/types.go (93%) delete mode 100644 vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/serviceaccount/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/serviceaccount/util.go delete mode 100644 vendor/k8s.io/kubernetes/pkg/util/bandwidth/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/util/ebtables/BUILD delete mode 100644 vendor/k8s.io/kubernetes/pkg/util/ebtables/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/util/goroutinemap/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/util/ipset/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/util/iptables/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/util/ipvs/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/util/netsh/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/awsebs/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/azure_dd/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/azure_file/OWNERS rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/BUILD (97%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/attacher.go (96%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/azure_common.go (99%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/azure_common_linux.go (99%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/azure_common_unsupported.go (97%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/azure_common_windows.go (99%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/azure_dd.go (96%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/azure_dd_block.go (99%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/azure_dd_max_disk_count.go (86%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/azure_mounter.go (96%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/azure_provision.go (99%) rename vendor/k8s.io/kubernetes/pkg/volume/{azure_dd => azuredd}/doc.go (97%) delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/cephfs/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/cinder/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/configmap/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/csi/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/downwardapi/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/emptydir/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/fc/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/flexvolume/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/flocker/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/gcepd/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/git_repo/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/glusterfs/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/hostpath/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/iscsi/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/local/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/nfs/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/portworx/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/quobyte/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/rbd/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/secret/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/util/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/util/subpath/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/certificates/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/BUILD delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/admission.go delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/install/BUILD delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/runtimeclass/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/persistentvolume/label/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/OWNERS create mode 100644 vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/metrics.go delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/apimachinery/OWNERS create mode 100644 vendor/k8s.io/kubernetes/test/e2e/apimachinery/flowcontrol.go delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/apps/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/auth/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/autoscaling/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/common/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/framework/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/framework/providers/vsphere/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/framework/volume/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/instrumentation/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/instrumentation/logging/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/instrumentation/logging/stackdriver/BUILD delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/instrumentation/logging/stackdriver/basic.go delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/instrumentation/logging/stackdriver/soak.go delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/instrumentation/logging/stackdriver/utils.go delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/kubectl/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/lifecycle/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/network/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/node/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/node/pod_hostnamefqdn.go delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/scheduling/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/servicecatalog/podpreset.go delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/storage/OWNERS create mode 100644 vendor/k8s.io/kubernetes/test/e2e/storage/testsuites/fsgroupchangepolicy.go create mode 100644 vendor/k8s.io/kubernetes/test/e2e/storage/testsuites/snapshottable_stress.go rename vendor/k8s.io/kubernetes/test/e2e/storage/testsuites/{stress.go => volume_stress.go} (67%) delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/system/BUILD delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/system/system_utils.go delete mode 100644 vendor/k8s.io/kubernetes/test/e2e/upgrades/apps/OWNERS create mode 100644 vendor/k8s.io/kubernetes/test/e2e/upgrades/serviceaccount_admission_controller_migration.go delete mode 100644 vendor/k8s.io/kubernetes/test/integration/etcd/OWNERS delete mode 100644 vendor/k8s.io/kubernetes/test/utils/image/OWNERS delete mode 100644 vendor/k8s.io/legacy-cloud-providers/aws/OWNERS delete mode 100644 vendor/k8s.io/legacy-cloud-providers/azure/OWNERS delete mode 100644 vendor/k8s.io/legacy-cloud-providers/gce/OWNERS delete mode 100644 vendor/k8s.io/legacy-cloud-providers/openstack/OWNERS delete mode 100644 vendor/k8s.io/legacy-cloud-providers/vsphere/OWNERS create mode 100644 vendor/k8s.io/legacy-cloud-providers/vsphere/vsphere_volume_map.go create mode 100644 vendor/k8s.io/mount-utils/BUILD rename vendor/{github.com/go-openapi/validate => k8s.io/mount-utils}/LICENSE (99%) create mode 100644 vendor/k8s.io/mount-utils/README.md create mode 100644 vendor/k8s.io/mount-utils/SECURITY_CONTACTS create mode 100644 vendor/k8s.io/mount-utils/code-of-conduct.md rename vendor/k8s.io/{kubernetes/pkg/master => mount-utils}/doc.go (79%) create mode 100644 vendor/k8s.io/mount-utils/fake_mounter.go create mode 100644 vendor/k8s.io/mount-utils/go.mod create mode 100644 vendor/k8s.io/mount-utils/go.sum create mode 100644 vendor/k8s.io/mount-utils/mount.go create mode 100644 vendor/k8s.io/mount-utils/mount_helper_common.go create mode 100644 vendor/k8s.io/mount-utils/mount_helper_unix.go create mode 100644 vendor/k8s.io/mount-utils/mount_helper_windows.go create mode 100644 vendor/k8s.io/mount-utils/mount_linux.go create mode 100644 vendor/k8s.io/mount-utils/mount_unsupported.go create mode 100644 vendor/k8s.io/mount-utils/mount_windows.go create mode 100644 vendor/k8s.io/utils/clock/README.md create mode 100644 vendor/k8s.io/utils/exec/README.md create mode 100644 vendor/k8s.io/utils/io/README.md rename vendor/k8s.io/{kubernetes/pkg/util => utils/net}/ebtables/ebtables.go (92%) create mode 100644 vendor/k8s.io/utils/nsenter/README.md create mode 100644 vendor/k8s.io/utils/pointer/README.md create mode 100644 vendor/k8s.io/utils/trace/README.md create mode 100644 vendor/sigs.k8s.io/structured-merge-diff/v4/typed/reconcile_schema.go diff --git a/go.mod b/go.mod index b1e30de25643..3dff3accda71 100644 --- a/go.mod +++ b/go.mod @@ -15,11 +15,11 @@ require ( github.com/ghodss/yaml v1.0.0 github.com/go-bindata/go-bindata v3.1.2+incompatible github.com/go-ozzo/ozzo-validation v0.0.0-00010101000000-000000000000 // indirect - github.com/golang/protobuf v1.4.2 - github.com/google/go-cmp v0.4.0 + github.com/golang/protobuf v1.4.3 + github.com/google/go-cmp v0.5.2 github.com/google/go-github v17.0.0+incompatible github.com/google/go-querystring v0.0.0-00010101000000-000000000000 // indirect - github.com/google/uuid v1.1.1 + github.com/google/uuid v1.1.2 github.com/gorilla/context v0.0.0-00010101000000-000000000000 // indirect github.com/heketi/tests v0.0.0-00010101000000-000000000000 // indirect github.com/lestrrat-go/jspointer v0.0.0-20181205001929-82fadba7561c // indirect @@ -33,44 +33,47 @@ require ( github.com/mohae/deepcopy v0.0.0-00010101000000-000000000000 // indirect github.com/onsi/ginkgo v4.5.0-origin.1+incompatible github.com/onsi/gomega v1.7.0 - github.com/opencontainers/go-digest v1.0.0-rc1 - github.com/openshift/api v0.0.0-20201102162614-9252afb032e1 - github.com/openshift/apiserver-library-go v0.0.0-20201113074933-3e1a513af676 + github.com/opencontainers/go-digest v1.0.0 + github.com/openshift/api v0.0.0-20201214114959-164a2fb63b5f + github.com/openshift/apiserver-library-go v0.0.0-20201214145556-6f1013f42f98 github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab - github.com/openshift/client-go v0.0.0-20201020082437-7737f16e53fc - github.com/openshift/library-go v0.0.0-20201102091359-c4fa0f5b3a08 + github.com/openshift/client-go v0.0.0-20201214125552-e615e336eb49 + github.com/openshift/library-go v0.0.0-20201214135256-d265f469e75b github.com/pborman/uuid v1.2.0 github.com/pquerna/cachecontrol v0.0.0-00010101000000-000000000000 // indirect github.com/prometheus/client_golang v1.7.1 github.com/prometheus/client_model v0.2.0 github.com/prometheus/common v0.10.0 - github.com/spf13/cobra v1.0.0 + github.com/spf13/cobra v1.1.1 github.com/spf13/pflag v1.0.5 - github.com/spf13/viper v1.4.0 + github.com/spf13/viper v1.7.0 github.com/stretchr/objx v0.2.0 - github.com/stretchr/testify v1.4.0 + github.com/stretchr/testify v1.6.1 github.com/urfave/negroni v0.0.0-00010101000000-000000000000 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect - go.etcd.io/etcd v3.3.17+incompatible - golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 - golang.org/x/net v0.0.0-20200707034311-ab3426394381 - golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6 + go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489 + golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0 + golang.org/x/net v0.0.0-20201110031124-69a78807bb2b + golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d google.golang.org/grpc v1.27.1 gopkg.in/src-d/go-git.v4 v4.13.1 gopkg.in/yaml.v2 v2.3.0 - k8s.io/api v0.19.2 - k8s.io/apiextensions-apiserver v0.19.2 - k8s.io/apimachinery v0.19.2 - k8s.io/apiserver v0.19.2 - k8s.io/cli-runtime v0.19.2 - k8s.io/client-go v0.19.2 - k8s.io/component-base v0.19.2 + k8s.io/api v0.20.0 + k8s.io/apiextensions-apiserver v0.20.0 + k8s.io/apimachinery v0.20.0 + k8s.io/apiserver v0.20.0 + k8s.io/cli-runtime v0.20.0 + k8s.io/client-go v0.20.0 + k8s.io/component-base v0.20.0 + k8s.io/component-helpers v0.20.0 + k8s.io/controller-manager v0.20.0 // indirect k8s.io/klog v1.0.0 - k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6 - k8s.io/kubectl v0.19.2 - k8s.io/kubelet v0.19.2 - k8s.io/kubernetes v1.19.2 - k8s.io/legacy-cloud-providers v0.19.2 + k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd + k8s.io/kubectl v0.20.0 + k8s.io/kubelet v0.20.0 + k8s.io/kubernetes v1.20.0 + k8s.io/legacy-cloud-providers v0.20.0 + k8s.io/mount-utils v0.20.0 // indirect sigs.k8s.io/yaml v1.2.0 ) @@ -100,7 +103,6 @@ replace ( github.com/armon/consul-api => github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6 github.com/asaskevich/govalidator => github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a github.com/auth0/go-jwt-middleware => github.com/auth0/go-jwt-middleware v0.0.0-20170425171159-5493cabe49f7 - github.com/aws/aws-sdk-go => github.com/aws/aws-sdk-go v1.28.2 github.com/bazelbuild/bazel-gazelle => github.com/bazelbuild/bazel-gazelle v0.19.1-0.20191105222053-70208cbdc798 github.com/bazelbuild/buildtools => github.com/bazelbuild/buildtools v0.0.0-20190917191645-69366ca98f89 github.com/bazelbuild/rules_go => github.com/bazelbuild/rules_go v0.0.0-20190719190356-6dae44dc5cab @@ -138,11 +140,6 @@ replace ( github.com/daviddengcn/go-colortext => github.com/daviddengcn/go-colortext v0.0.0-20160507010035-511bcaf42ccd github.com/dgrijalva/jwt-go => github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/dnaeon/go-vcr => github.com/dnaeon/go-vcr v1.0.1 - github.com/docker/distribution => github.com/docker/distribution v2.7.1+incompatible - github.com/docker/docker => github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0 - github.com/docker/go-connections => github.com/docker/go-connections v0.3.0 - github.com/docker/go-units => github.com/docker/go-units v0.4.0 - github.com/docker/spdystream => github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96 github.com/dustin/go-humanize => github.com/dustin/go-humanize v1.0.0 github.com/elazarl/goproxy => github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 // 947c36da3153 is the SHA for git tag v1.11 github.com/emicklei/go-restful => github.com/emicklei/go-restful v2.9.5+incompatible @@ -318,7 +315,7 @@ replace ( github.com/pquerna/cachecontrol => github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021 github.com/pquerna/ffjson => github.com/pquerna/ffjson v0.0.0-20180717144149-af8b230fcd20 github.com/quasilyte/go-consistent => github.com/quasilyte/go-consistent v0.0.0-20190521200055-c6f3937de18c - github.com/quobyte/api => github.com/quobyte/api v0.1.2 + github.com/quobyte/api => github.com/quobyte/api v0.1.8 github.com/remyoudompheng/bigfft => github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446 github.com/robfig/cron => github.com/robfig/cron v1.1.0 github.com/rogpeppe/fastuuid => github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af @@ -344,7 +341,7 @@ replace ( github.com/spf13/jwalterweatherman => github.com/spf13/jwalterweatherman v1.1.0 github.com/spf13/pflag => github.com/spf13/pflag v1.0.5 github.com/spf13/viper => github.com/spf13/viper v1.3.2 - github.com/storageos/go-api => github.com/storageos/go-api v0.0.0-20180912212459-343b3eff91fc + github.com/storageos/go-api => github.com/storageos/go-api v2.2.0+incompatible github.com/stretchr/objx => github.com/stretchr/objx v0.2.0 github.com/stretchr/testify => github.com/stretchr/testify v1.4.0 github.com/syndtr/gocapability => github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2 @@ -368,7 +365,6 @@ replace ( github.com/xlab/handysort => github.com/xlab/handysort v0.0.0-20150421192137-fb3537ed64a1 github.com/xordataexchange/crypt => github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77 go.etcd.io/bbolt => go.etcd.io/bbolt v1.3.3 - go.etcd.io/etcd => go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738 // 3cf2f69b5738 is the SHA for git tag v3.4.3 go.mongodb.org/mongo-driver => go.mongodb.org/mongo-driver v1.1.2 go.opencensus.io => go.opencensus.io v0.21.0 go.uber.org/atomic => go.uber.org/atomic v1.3.2 @@ -382,7 +378,6 @@ replace ( golang.org/x/lint => golang.org/x/lint v0.0.0-20190409202823-959b441ac422 golang.org/x/mobile => golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6 golang.org/x/mod => golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e - golang.org/x/net => golang.org/x/net v0.0.0-20191004110552-13f9640d40b9 golang.org/x/oauth2 => golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 golang.org/x/perf => golang.org/x/perf v0.0.0-20180704124530-6e6d33e29852 golang.org/x/sync => golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e @@ -396,7 +391,7 @@ replace ( gonum.org/v1/plot => gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b google.golang.org/appengine => google.golang.org/appengine v1.5.0 google.golang.org/genproto => google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 - google.golang.org/grpc => google.golang.org/grpc v1.26.0 + google.golang.org/grpc => google.golang.org/grpc v1.27.1 gopkg.in/airbrake/gobrake.v2 => gopkg.in/airbrake/gobrake.v2 v2.0.9 gopkg.in/alecthomas/kingpin.v2 => gopkg.in/alecthomas/kingpin.v2 v2.2.6 gopkg.in/check.v1 => gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 @@ -417,36 +412,38 @@ replace ( gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 grpc.go4.org => grpc.go4.org v0.0.0-20170609214715-11d0a25b4919 honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 - k8s.io/api => k8s.io/api v0.19.2 - k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.19.2 - k8s.io/apimachinery => k8s.io/apimachinery v0.19.2 - k8s.io/apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20201119152602-89f5d4548df7 - k8s.io/cli-runtime => k8s.io/cli-runtime v0.19.2 - k8s.io/client-go => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20201119152602-89f5d4548df7 - k8s.io/cloud-provider => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20201119152602-89f5d4548df7 - k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.19.2 - k8s.io/code-generator => k8s.io/code-generator v0.19.2 - k8s.io/component-base => k8s.io/component-base v0.19.2 - k8s.io/cri-api => k8s.io/cri-api v0.19.2 - k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.19.2 + k8s.io/api => k8s.io/api v0.20.0 + k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.20.0 + k8s.io/apimachinery => k8s.io/apimachinery v0.20.0 + k8s.io/apiserver => github.com/marun/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20201215040514-b7c5d629b30f + k8s.io/cli-runtime => k8s.io/cli-runtime v0.20.0 + k8s.io/client-go => github.com/marun/kubernetes/staging/src/k8s.io/client-go v0.0.0-20201215040514-b7c5d629b30f + k8s.io/cloud-provider => github.com/marun/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20201215040514-b7c5d629b30f + k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.20.0 + k8s.io/code-generator => k8s.io/code-generator v0.20.0 + k8s.io/component-base => k8s.io/component-base v0.20.0 + k8s.io/component-helpers => k8s.io/component-helpers v0.20.0 + k8s.io/controller-manager => github.com/marun/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20201215040514-b7c5d629b30f + k8s.io/cri-api => k8s.io/cri-api v0.20.0 + k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.20.0 k8s.io/gengo => k8s.io/gengo v0.0.0-20200114144118-36b2048a9120 k8s.io/heapster => k8s.io/heapster v1.2.0-beta.1 k8s.io/klog => k8s.io/klog v1.0.0 - k8s.io/kube-aggregator => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20201119152602-89f5d4548df7 - k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.19.2 - k8s.io/kube-proxy => k8s.io/kube-proxy v0.19.2 - k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.19.2 - k8s.io/kubectl => k8s.io/kubectl v0.19.2 - k8s.io/kubelet => k8s.io/kubelet v0.19.2 - k8s.io/kubernetes => github.com/openshift/kubernetes v1.20.0-alpha.0.0.20201119152602-89f5d4548df7 - k8s.io/legacy-cloud-providers => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20201119152602-89f5d4548df7 - k8s.io/metrics => k8s.io/metrics v0.19.2 + k8s.io/kube-aggregator => github.com/marun/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20201215040514-b7c5d629b30f + k8s.io/kube-controller-manager => github.com/marun/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20201215040514-b7c5d629b30f + k8s.io/kube-proxy => k8s.io/kube-proxy v0.20.0 + k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.20.0 + k8s.io/kubectl => k8s.io/kubectl v0.20.0 + k8s.io/kubelet => k8s.io/kubelet v0.20.0 + k8s.io/kubernetes => github.com/marun/kubernetes v0.0.0-20201215040514-b7c5d629b30f + k8s.io/legacy-cloud-providers => github.com/marun/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20201215040514-b7c5d629b30f + k8s.io/metrics => k8s.io/metrics v0.20.0 + k8s.io/mount-utils => github.com/marun/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20201215040514-b7c5d629b30f k8s.io/repo-infra => k8s.io/repo-infra v0.0.1-alpha.1 - k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.19.2 - k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.19.2 - k8s.io/sample-controller => k8s.io/sample-controller v0.19.2 + k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.20.0 + k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.20.0 + k8s.io/sample-controller => k8s.io/sample-controller v0.20.0 k8s.io/system-validators => k8s.io/system-validators v1.0.4 - k8s.io/utils => k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89 modernc.org/cc => modernc.org/cc v1.0.0 modernc.org/golex => modernc.org/golex v1.0.0 modernc.org/mathutil => modernc.org/mathutil v1.0.0 @@ -460,6 +457,5 @@ replace ( sigs.k8s.io/kustomize => sigs.k8s.io/kustomize v2.0.3+incompatible sigs.k8s.io/structured-merge-diff/v3 => sigs.k8s.io/structured-merge-diff/v3 v3.0.0 sigs.k8s.io/yaml => sigs.k8s.io/yaml v1.2.0 - sourcegraph.com/sqs/pbtypes => sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4 vbom.ml/util => vbom.ml/util v0.0.0-20160121211510-db5cfe13f5cc ) diff --git a/go.sum b/go.sum index 15eaf7d8780c..38fe7624b36e 100644 --- a/go.sum +++ b/go.sum @@ -6,27 +6,26 @@ github.com/Azure/azure-sdk-for-go v43.0.0+incompatible h1:/wSNCu0e6EsHFR4Qa3vBEB github.com/Azure/azure-sdk-for-go v43.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest v0.9.6 h1:5YWtOnckcudzIw8lPPBcWOnmIFWMtHci1ZWAZulMSx0= -github.com/Azure/go-autorest/autorest v0.9.6/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630= -github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= -github.com/Azure/go-autorest/autorest/adal v0.8.2 h1:O1X4oexUxnZCaEUGsvMnr8ZGj8HI37tNezwY4npRqA0= -github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= -github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= -github.com/Azure/go-autorest/autorest/date v0.2.0 h1:yW+Zlqf26583pE43KhfnhFcdmSWlm5Ew6bxipnr/tbM= -github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g= -github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.3.0 h1:qJumjCaCudz+OcqE9/XtEPfvtOjOmKaui4EOpFI6zZc= -github.com/Azure/go-autorest/autorest/mocks v0.3.0/go.mod h1:a8FDP3DYzQ4RYfVAxAN3SVSiiO77gL2j2ronKKP0syM= +github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest/autorest v0.11.1 h1:eVvIXUKiTgv++6YnWb42DUA1YL7qDugnKP0HljexdnQ= +github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= +github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= +github.com/Azure/go-autorest/autorest/adal v0.9.5 h1:Y3bBUV4rTuxenJJs41HU3qmqsb+auo+a3Lz+PlJPpL0= +github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= +github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= +github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= +github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= +github.com/Azure/go-autorest/autorest/mocks v0.4.1 h1:K0laFcLE6VLTOwNgSxaGbUcLPuGXlNkbVvq4cW4nIHk= +github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/to v0.2.0 h1:nQOZzFCudTh+TvquAtCRjM01VEYx85e9qbwt5ncW4L8= github.com/Azure/go-autorest/autorest/to v0.2.0/go.mod h1:GunWKJp1AEqgMaGLV+iocmRAJWqST1wQYhyyjXJ3SJc= github.com/Azure/go-autorest/autorest/validation v0.1.0 h1:ISSNzGUh+ZSzizJWOWzs8bwpXIePbGLW4z/AmUFGH5A= github.com/Azure/go-autorest/autorest/validation v0.1.0/go.mod h1:Ha3z/SqBeaalWQvokg3NZAlQTalVMtOIAs1aGK7G6u8= -github.com/Azure/go-autorest/logger v0.1.0 h1:ruG4BSDXONFRrZZJ2GUXDiUyVpayPmb1GnWeHDdaNKY= -github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= -github.com/Azure/go-autorest/tracing v0.5.0 h1:TRn4WjSnkcSy5AEG3pnbtFSwNtwzjr4VYyQflFE619k= -github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= +github.com/Azure/go-autorest/logger v0.2.0 h1:e4RVHVZKC5p6UANLJHkM4OfR1UKZPj8Wt8Pcx+3oqrE= +github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= +github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= +github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= @@ -68,8 +67,9 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4 github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/auth0/go-jwt-middleware v0.0.0-20170425171159-5493cabe49f7 h1:irR1cO6eek3n5uquIVaRAsQmZnlsfPuHNz31cXo4eyk= github.com/auth0/go-jwt-middleware v0.0.0-20170425171159-5493cabe49f7/go.mod h1:LWMyo4iOLWXHGdBki7NIht1kHru/0wM179h+d3g8ATM= -github.com/aws/aws-sdk-go v1.28.2 h1:j5IXG9CdyLfcVfICqo1PXVv+rua+QQHbkXuvuU/JF+8= -github.com/aws/aws-sdk-go v1.28.2/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.6.10/go.mod h1:ZRmQr0FajVIyZ4ZzBYKG5P3ZqPz9IHG41ZoMu1ADI3k= +github.com/aws/aws-sdk-go v1.35.24 h1:U3GNTg8+7xSM6OAJ8zksiSM4bRqxBWmVwwehvOSNG3A= +github.com/aws/aws-sdk-go v1.35.24/go.mod h1:tlPOdRjfxPBpNIwqDj61rmsnA85v9jc0Ps9+muhnW+k= github.com/beorn7/perks v1.0.0 h1:HWo1m869IqiPhD389kmkxeTalrjNbbJTC8LXupb+sl0= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= @@ -89,6 +89,8 @@ github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1qXHoty45bqomnu2LM+VVyAEdWN+vtSHGlQgyxbw= github.com/checkpoint-restore/go-criu/v4 v4.0.2 h1:jt+rnBIhFtPw0fhtpYGcUOilh4aO9Hj7r+YLEtf30uA= github.com/checkpoint-restore/go-criu/v4 v4.0.2/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= +github.com/checkpoint-restore/go-criu/v4 v4.1.0 h1:WW2B2uxx9KWF6bGlHqhm8Okiafwwx7Y2kcpn8lCpjgo= +github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/cheekybits/genny v0.0.0-20170328200008-9127e812e1e9/go.mod h1:+tQajlRqAUrPI7DOSpB0XAqZYtQakVtB7wXkRAgjxjQ= github.com/cilium/ebpf v0.0.0-20191025125908-95b36a581eed h1:/UgmF+cZTm9kp4uJ122y/9cVhczNJCgAgAeH2FfzPeg= github.com/cilium/ebpf v0.0.0-20191025125908-95b36a581eed/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= @@ -141,12 +143,19 @@ github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumC github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dnaeon/go-vcr v1.0.1 h1:r8L/HqC0Hje5AXMu1ooW8oyQyOFv4GxqpL0nRP7SLLY= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= +github.com/docker/distribution v0.0.0-20180920194744-16128bbac47f/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0 h1:w3NnFcKR5241cfmQU5ZZAsf0xcpId6mWOupTvJlUX2U= github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v1.4.2-0.20191101170500-ac7306503d23/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v17.12.0-ce-rc1.0.20200916142827-bd33bbf0497b+incompatible h1:SiUATuP//KecDjpOK2tvZJgeScYAklvyjfK8JZlU6fo= +github.com/docker/docker v17.12.0-ce-rc1.0.20200916142827-bd33bbf0497b+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/go-connections v0.3.0 h1:3lOnM9cSzgGwx8VfK/NGOW5fLQ0GjIlCkaktF+n1M6o= github.com/docker/go-connections v0.3.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= +github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= +github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= @@ -178,11 +187,14 @@ github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5Kwzbycv github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 h1:BHsljHzVlRcyQhjrss6TZTdY2VfCqZPbv5k3iBFa2ZQ= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= +github.com/form3tech-oss/jwt-go v3.2.2+incompatible h1:TcekIExNqud5crz4xD2pavyTgWiPvpYe4Xau31I0PRk= +github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsouza/go-dockerclient v0.0.0-20171004212419-da3951ba2e9e/go.mod h1:KpcjM623fQYE9MZiTGzKhjfxXAV9wbyX2C1cyRHfhl0= github.com/fsouza/go-dockerclient v1.6.5 h1:vuFDnPcds3LvTWGYb9h0Rty14FLgkjHZdwLDROCdgsw= github.com/fsouza/go-dockerclient v1.6.5/go.mod h1:GOdftxWLWIbIWKbIMDroKFJzPdg6Iw7r+jX1DDZdVsA= +github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= github.com/getsentry/raven-go v0.0.0-20190513200303-c977f96e1095 h1:F2m41rgyxoveZKD+Z6xwyAbtdNeVvhpi9BpQLvt5oRU= github.com/getsentry/raven-go v0.0.0-20190513200303-c977f96e1095/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= @@ -364,6 +376,23 @@ github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czP github.com/mailru/easyjson v0.7.0 h1:aizVhC/NAAcKWb+5QsU1iNOZb4Yws5UO2I+aIprQITM= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/marten-seemann/qtls v0.2.3/go.mod h1:xzjG7avBwGGbdZ8dTGxlBnLArsVKLvwmjgmPuiQEcYk= +github.com/marun/kubernetes v0.0.0-20201215040514-b7c5d629b30f h1:/YB2nQE7od2sZLngB+4QS4ZRb4eWQBDzGJS2IiF/DoE= +github.com/marun/kubernetes v0.0.0-20201215040514-b7c5d629b30f/go.mod h1:WYL8/qQDpjRt1Rh9DNGRWe3V2ovnZnRJMffzC0gC1uc= +github.com/marun/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20201215040514-b7c5d629b30f h1:M6pTfJ7QnbpkXbg1ZR2vnDBe8IsLpJ+RmBkSOqRX5iM= +github.com/marun/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20201215040514-b7c5d629b30f/go.mod h1:ED6HfkyjucTiWY56MfTsOW48qtYewvR5IODc4JRMc6k= +github.com/marun/kubernetes/staging/src/k8s.io/client-go v0.0.0-20201215040514-b7c5d629b30f h1:/wT2kuOUVL9G42zw5uUx3P5C1T0r8K4kpAkArf5Zjmc= +github.com/marun/kubernetes/staging/src/k8s.io/client-go v0.0.0-20201215040514-b7c5d629b30f/go.mod h1:MfFvfPRc3qZnRjJYRnD8KZGtlN0XC+zUZu5wu5yfUz0= +github.com/marun/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20201215040514-b7c5d629b30f h1:Hj1Emc4EIL79Gj+8SrPmSn7DwB01MVCWR1iRPcagHxE= +github.com/marun/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20201215040514-b7c5d629b30f/go.mod h1:UbIReMP6onJAgmEZQmjsi9PwQZnuy6mN6cA+NX63KtI= +github.com/marun/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20201215040514-b7c5d629b30f h1:goA0rgCBs86THf0WGv+vq8r21Bv72sGkJhpj4Pax/z4= +github.com/marun/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20201215040514-b7c5d629b30f/go.mod h1:C4aXxyoP3zkEJSMu98FCHF7lNDSNcBxMe13/JNk3WX8= +github.com/marun/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20201215040514-b7c5d629b30f h1:WUp1HqqrC3g22sIs+SlN00oR3/AkngFhfRZYLUeUjug= +github.com/marun/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20201215040514-b7c5d629b30f/go.mod h1:1q1yp9zAz75t3BOwP11lXWu9bKOEVr2D+Uuq/0tgaTc= +github.com/marun/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20201215040514-b7c5d629b30f/go.mod h1:G43SCvMMH8h7lJxYjXgy4Ik5i/xLkA5MQm1PHsuKQxc= +github.com/marun/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20201215040514-b7c5d629b30f h1:SYb3jdz+G43Oy1WoVUpsN8ceLsvjt3sC8d/9OlvalfA= +github.com/marun/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20201215040514-b7c5d629b30f/go.mod h1:SZzO0CnWBCwbiYLkYwThH9vvD4d0Q1plgf0r2WY1S+w= +github.com/marun/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20201215040514-b7c5d629b30f h1:4iQs1G1jG/kHYdN35nGTmNlF8mxn4urm/U7W212jKxM= +github.com/marun/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20201215040514-b7c5d629b30f/go.mod h1:mFeSjsWvLj55xUpwltalvolz49izW7J0N5RfoIHrKKY= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= github.com/mattn/go-runewidth v0.0.2 h1:UnlwIPBGaTZfPQ6T1IGzPI0EkYAQmT9fAEJ/poFC63o= @@ -413,45 +442,36 @@ github.com/onsi/gomega v1.7.0 h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ= github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= +github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= +github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v0.0.0-20191031171055-b133feaeeb2e/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc90.0.20200616040943-82d2fa4eb069/go.mod h1:3Sm6Dt7OT8z88EbdQqqcRN2oCT54jbi72tT/HqgflT8= -github.com/opencontainers/runc v1.0.0-rc91.0.20200707015106-819fcc687efb h1:LcPVE5u4oaqw8ffPbJew0lUxZC7faM5t52PgU4px1xY= -github.com/opencontainers/runc v1.0.0-rc91.0.20200707015106-819fcc687efb/go.mod h1:ZuXhqlr4EiRYgDrBDNfSbE4+n9JX4+V107NwAmF7sZA= +github.com/opencontainers/runc v1.0.0-rc92 h1:+IczUKCRzDzFDnw99O/PAqrcBBCoRp9xN3cB1SYSNS4= +github.com/opencontainers/runc v1.0.0-rc92/go.mod h1:X1zlU4p7wOlX4+WRCz+hvlRv8phdL7UqbYD+vQwNMmE= github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2 h1:9mv9SC7GWmRWE0J/+oD8w3GsN2KYGKtg6uwLN7hfP5E= github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6 h1:NhsM2gc769rVWDqJvapK37r+7+CBXI8xHhnfnt8uQsg= +github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/selinux v1.5.1/go.mod h1:yTcKuYAh6R95iDpefGLQaPaRwJFwyzAJufJyiTt7s0g= github.com/opencontainers/selinux v1.5.2 h1:F6DgIsjgBIcDksLW4D5RG9bXok6oqZ3nvMwj4ZoFu/Q= github.com/opencontainers/selinux v1.5.2/go.mod h1:yTcKuYAh6R95iDpefGLQaPaRwJFwyzAJufJyiTt7s0g= -github.com/openshift/api v0.0.0-20201019163320-c6a5ec25f267/go.mod h1:RDvBcRQMGLa3aNuDuejVBbTEQj/2i14NXdpOLqbNBvM= -github.com/openshift/api v0.0.0-20201102162614-9252afb032e1 h1:qzfwaYZFE2t+O+6K8+JiPoPkor0shm7FrQSkVNhzRjQ= -github.com/openshift/api v0.0.0-20201102162614-9252afb032e1/go.mod h1:RDvBcRQMGLa3aNuDuejVBbTEQj/2i14NXdpOLqbNBvM= -github.com/openshift/apiserver-library-go v0.0.0-20201113074933-3e1a513af676 h1:RgCGtnzLXmeFAnoCDDY+axGGHIzQYXYqZxH0mgnaX6U= -github.com/openshift/apiserver-library-go v0.0.0-20201113074933-3e1a513af676/go.mod h1:fGp6VNAiZ3Uzcyxgj5CahXv/+BrxyaAhXXRWWffgxwc= +github.com/opencontainers/selinux v1.6.0 h1:+bIAS/Za3q5FTwWym4fTB0vObnfCf3G/NC7K6Jx62mY= +github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= +github.com/openshift/api v0.0.0-20201214114959-164a2fb63b5f h1:MhuCP7+M9hmUnZaz6EwOh3+W6FQp+BezIXbL99Q4xq4= +github.com/openshift/api v0.0.0-20201214114959-164a2fb63b5f/go.mod h1:aqU5Cq+kqKKPbDMqxo9FojgDeSpNJI7iuskjXjtojDg= +github.com/openshift/apiserver-library-go v0.0.0-20201214145556-6f1013f42f98 h1:JUz5O4PiBoEFhf/ZvwRary38hejR6E0LDEtyNro01TM= +github.com/openshift/apiserver-library-go v0.0.0-20201214145556-6f1013f42f98/go.mod h1:bMWTKd7ZOYGyx1hVLipuA9LrIJw62V7Se99cZ/Volj8= github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab h1:lBrojddP6C9C2p67EMs2vcdpC8eF+H0DDom+fgI2IF0= github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= -github.com/openshift/client-go v0.0.0-20201020074620-f8fd44879f7c/go.mod h1:yZ3u8vgWC19I9gbDMRk8//9JwG/0Sth6v7C+m6R8HXs= -github.com/openshift/client-go v0.0.0-20201020082437-7737f16e53fc h1:aeVqf+NL5rNq1uM2jvIfSQiWodd5OJ5o90ayju+vdeM= -github.com/openshift/client-go v0.0.0-20201020082437-7737f16e53fc/go.mod h1:yZ3u8vgWC19I9gbDMRk8//9JwG/0Sth6v7C+m6R8HXs= +github.com/openshift/client-go v0.0.0-20201214125552-e615e336eb49 h1:7NmjUkJtGHpMTE/n8ia6itbCdZ7eYuTCXKc/zsA7OSM= +github.com/openshift/client-go v0.0.0-20201214125552-e615e336eb49/go.mod h1:9/jG4I6sh+5QublJpZZ4Zs/P4/QCXMsQQ/K/058bSB8= github.com/openshift/golang-glog v0.0.0-20160126235308-23def4e6c14b h1:oqIifWYYfTppdeF3mx7YnH6W5nvAMekv9P4kZI4iwYo= github.com/openshift/golang-glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:3sa6LKKRDnR1xy4Kn8htvPwqIOVwXh8fIU3LRY22q3U= -github.com/openshift/kubernetes v1.20.0-alpha.0.0.20201119152602-89f5d4548df7 h1:YxfmGc9Pr3mHCCogW44DP4TamlerloUIveXLK3Bb7hM= -github.com/openshift/kubernetes v1.20.0-alpha.0.0.20201119152602-89f5d4548df7/go.mod h1:bgJpBd7PMVOqxOeG/034vAbGMyldSnabFHoKHGzTe/M= -github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20201119152602-89f5d4548df7 h1:T0lC7kB6ug5cFaXJbL912u/yeFBiXMWXfBasj3f9Chs= -github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20201119152602-89f5d4548df7/go.mod h1:IBEy4XVIq1fv1YYiHNzUh0jp0L4FhdTz4p/ywMhe1ac= -github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20201119152602-89f5d4548df7 h1:5ELxduegCB3TX2PqTcwqaoPpvFEhH+NUEGuLlzYKmBQ= -github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20201119152602-89f5d4548df7/go.mod h1:W3EejS0WCW4yhUWmCF3dKHOoPvXS48jUte1rr0BZ5hk= -github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20201119152602-89f5d4548df7 h1:I+WaSSYTVRF11QBQR/iJYHWAE131cDHbzoLd1JHH6Q0= -github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20201119152602-89f5d4548df7/go.mod h1:tJXVBfmOkegQN9PNkU5S/KuFESUwYK/w2cINFSmuw1s= -github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20201119152602-89f5d4548df7 h1:GzvcBM1PoBC4C6x/mXJpVujGeJtQeQ0hkQtJQuYrH4o= -github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20201119152602-89f5d4548df7/go.mod h1:Sanb51xlsAx5eIBDLF18hx6zW499rELc68UZPkhSsVc= -github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20201119152602-89f5d4548df7 h1:cBWbuzjHsnRZFDi4fHU3Is+wIi5MNiYMrMHldvB4eHw= -github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20201119152602-89f5d4548df7/go.mod h1:dPm5A8LMYiCgYHHl7lvSYckvtMRo4eGPTyq91TX+/iw= -github.com/openshift/library-go v0.0.0-20201020083322-646ad9742a1e/go.mod h1:qbwvTwCy4btqEcqU3oI59CopNgcRgZUPXG4Y2jc+B4E= -github.com/openshift/library-go v0.0.0-20201102091359-c4fa0f5b3a08 h1:Z+8t3ooTH2T+J/GoCZbgaOk5WqNZgPuHlUAKMfG1FEk= -github.com/openshift/library-go v0.0.0-20201102091359-c4fa0f5b3a08/go.mod h1:1xYaYQcQsn+AyCRsvOU+Qn5z6GGiCmcblXkT/RZLVfo= +github.com/openshift/library-go v0.0.0-20201214135256-d265f469e75b h1:zKZCcZgL3jf02/jf/ldUg8TvudOFcPGIdf8kFkWh5MI= +github.com/openshift/library-go v0.0.0-20201214135256-d265f469e75b/go.mod h1:udseDnqxn5ON8i+NBjDp00fBTK0JRu1/6Y6tf6EivDE= github.com/openshift/onsi-ginkgo v4.5.0-origin.1+incompatible h1:GtzyDU5vBFU40hz4GWd1qU5FJByNljWdgkM2LtdelGk= github.com/openshift/onsi-ginkgo v4.5.0-origin.1+incompatible/go.mod h1:azqkkH4Vpp9A579CC26hicol/wViXag9rOwElif6v9E= github.com/pborman/uuid v1.2.0 h1:J7Q5mO4ysT1dv8hyrUGHb9+ooztCXu1D8MY8DZYsu3g= @@ -491,8 +511,10 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= github.com/prometheus/procfs v0.1.3 h1:F0+tqvhOksq22sc6iCHF5WGlWjdwj92p0udFh1VFBS8= github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/quobyte/api v0.1.2 h1:lPHLsuvtjFyk8WhC4uHoHRkScijIHcffTWBBP+YpzYo= -github.com/quobyte/api v0.1.2/go.mod h1:jL7lIHrmqQ7yh05OJ+eEEdHr0u/kmT1Ff9iHd+4H6VI= +github.com/prometheus/procfs v0.2.0 h1:wH4vA7pcjKuZzjF7lM8awk4fnuJO6idemZXoKnULUx4= +github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= +github.com/quobyte/api v0.1.8 h1:+sOX1gIlC/OaLipqVZWrHgly9Kh9Qo8OygeS0mWAg30= +github.com/quobyte/api v0.1.8/go.mod h1:jL7lIHrmqQ7yh05OJ+eEEdHr0u/kmT1Ff9iHd+4H6VI= github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= github.com/robfig/cron v1.1.0 h1:jk4/Hud3TTdcrJgUOBgsqrZBarcxl6ADIjSC2iniwLY= github.com/robfig/cron v1.1.0/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k= @@ -532,8 +554,8 @@ github.com/spf13/viper v1.3.2 h1:VUFqw5KcqRf7i70GOzW7N+Q7+gxVBkSSqiXB12+JQ4M= github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/src-d/gcfg v1.4.0 h1:xXbNR5AlLSA315x2UO+fTSSAXCDf+Ar38/6oyGbDKQ4= github.com/src-d/gcfg v1.4.0/go.mod h1:p/UMsR43ujA89BJY9duynAwIpvqEujIH/jFlfL7jWoI= -github.com/storageos/go-api v0.0.0-20180912212459-343b3eff91fc h1:n+WYaU0kQ6WIiuEyWSgbXqkBx16irO69kYCtwVYoO5s= -github.com/storageos/go-api v0.0.0-20180912212459-343b3eff91fc/go.mod h1:ZrLn+e0ZuF3Y65PNF6dIwbJPZqfmtCXxFm9ckv0agOY= +github.com/storageos/go-api v2.2.0+incompatible h1:U0SablXoZIg06gvSlg8BCdzq1C/SkHVygOVX95Z2MU0= +github.com/storageos/go-api v2.2.0+incompatible/go.mod h1:ZrLn+e0ZuF3Y65PNF6dIwbJPZqfmtCXxFm9ckv0agOY= github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= @@ -561,6 +583,8 @@ github.com/vishvananda/netns v0.0.0-20171111001504-be1fbeda1936 h1:J9gO8RJCAFlln github.com/vishvananda/netns v0.0.0-20171111001504-be1fbeda1936/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= github.com/vmware/govmomi v0.20.3 h1:gpw/0Ku+6RgF3jsi7fnCLmlcikBHfKBCUcu1qgc16OU= github.com/vmware/govmomi v0.20.3/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59bHWk6aFU= +github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243 h1:R43TdZy32XXSXjJn7M/HhALJ9imq6ztLnChfYJpVDnM= +github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= github.com/xanzy/ssh-agent v0.2.1 h1:TCbipTQL2JiiCprBWx9frJ2eJlCYT00NmctrHxVAr70= github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f h1:J9EGpcZtP0E/raorCMxlFGSTBrsSlaDGf3jU/qvAE2c= @@ -575,8 +599,8 @@ github.com/xlab/handysort v0.0.0-20150421192137-fb3537ed64a1/go.mod h1:QcJo0QPSf github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= go.etcd.io/bbolt v1.3.3 h1:MUGmc65QhB3pIlaQ5bB4LwqSj6GIonVJXpZiaKNyaKk= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738 h1:VcrIfasaLFkyjk6KNlXQSzO+B0fZcnECiDrKJsfxka0= -go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= +go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489 h1:1JFLBqwIgdyHN1ZtgjTBwO+blA6gVOmZurpiMEsETKo= +go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= go.mongodb.org/mongo-driver v1.1.2 h1:jxcFYjlkl8xaERsgLo+RNquI0epW6zuy/ZRQs6jnrFA= go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.opencensus.io v0.21.0 h1:mU6zScU4U1YAFPHEHYk+3JC4SY7JxgkqS10ZOSyksNg= @@ -594,8 +618,26 @@ golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMx golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9 h1:rjwSpXsdiK0dV8/Naq3kAw9ymfAeJIyd0upUIElB+lI= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190328230028-74de082e2cca/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY= @@ -613,15 +655,16 @@ gonum.org/v1/gonum v0.6.2/go.mod h1:9mxDZsDKxgMAuccQkewq682L+0eCu4dCN2yonUJTCLU= gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e/go.mod h1:kS+toOQn6AQKjmKJ7gzohV1XkqsFehRA2FbsbkopSuQ= gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZBvf6cAIx93T+c/OS2HFAYskSZc= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.15.1 h1:5mMS6mYvK5LVB8+ujVBC33Y8gltBo/kT6HBm6kU80G4= -google.golang.org/api v0.15.1/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.20.0 h1:jz2KixHX7EcCPiQrySzPdnYT7DbINAypCqKZ1Z7GM40= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= google.golang.org/appengine v1.5.0 h1:KxkO13IPW4Lslp2bz+KHP2E3gtFlrIGNThxkZQ3g+4c= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 h1:gSJIx1SDwno+2ElGhA4+qG2zF97qiUzTM+rQ0klBOcE= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/grpc v1.26.0 h1:2dTRdpdFEEhJYQD8EMLB61nnrzSCTbG38PhqdhvOltg= -google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1 h1:zvIju4sqAGvwKspUQOhwnpcqSbzi7/H6QomNNjTL4sk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d h1:TxyelI5cVkbREznMhfzycHdkp5cLA7DpE+GKjSslYhM= @@ -664,50 +707,50 @@ gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81 gotest.tools/v3 v3.0.2 h1:kG1BFyqVHuQoVQiR1bWGnfz/fmHvvuiSPIV7rvl360E= gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= honnef.co/go/tools v0.0.1-2019.2.2/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -k8s.io/api v0.19.2 h1:q+/krnHWKsL7OBZg/rxnycsl9569Pud76UJ77MvKXms= -k8s.io/api v0.19.2/go.mod h1:IQpK0zFQ1xc5iNIQPqzgoOwuFugaYHK4iCknlAQP9nI= -k8s.io/apiextensions-apiserver v0.19.2 h1:oG84UwiDsVDu7dlsGQs5GySmQHCzMhknfhFExJMz9tA= -k8s.io/apiextensions-apiserver v0.19.2/go.mod h1:EYNjpqIAvNZe+svXVx9j4uBaVhTB4C94HkY3w058qcg= -k8s.io/apimachinery v0.19.2 h1:5Gy9vQpAGTKHPVOh5c4plE274X8D/6cuEiTO2zve7tc= -k8s.io/apimachinery v0.19.2/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= -k8s.io/cli-runtime v0.19.2 h1:d4uOtKhy3ImdaKqZJ8yQgLrdtUwsJLfP4Dw7L/kVPOo= -k8s.io/cli-runtime v0.19.2/go.mod h1:CMynmJM4Yf02TlkbhKxoSzi4Zf518PukJ5xep/NaNeY= -k8s.io/cluster-bootstrap v0.19.2 h1:6/LI5EnKCcB0QiDKIsTxoCOdKZtsSwr8Xm/tEhiMv78= -k8s.io/cluster-bootstrap v0.19.2/go.mod h1:bzngsppPfdt9vAHUnDIEoMNsxD2b6XArVVH/W9PDDFk= -k8s.io/code-generator v0.19.2/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= -k8s.io/component-base v0.19.2 h1:jW5Y9RcZTb79liEhW3XDVTW7MuvEGP0tQZnfSX6/+gs= -k8s.io/component-base v0.19.2/go.mod h1:g5LrsiTiabMLZ40AR6Hl45f088DevyGY+cCE2agEIVo= -k8s.io/cri-api v0.19.2 h1:ob5dyrRsZgPhfZYmerau7zL1h8HsFzqlBUfi5UxaxLs= -k8s.io/cri-api v0.19.2/go.mod h1:UN/iU9Ua0iYdDREBXNE9vqCJ7MIh/FW3VIL0d8pw7Fw= -k8s.io/csi-translation-lib v0.19.2 h1:NBfsKyTnXj00wp6fo/WmW3SWTjYoksbOiht6gzFv2bo= -k8s.io/csi-translation-lib v0.19.2/go.mod h1:9V3DYlJ6reyKD+/S/JrFyk/j0N1i8FCQYukch0JbNew= +k8s.io/api v0.20.0 h1:WwrYoZNM1W1aQEbyl8HNG+oWGzLpZQBlcerS9BQw9yI= +k8s.io/api v0.20.0/go.mod h1:HyLC5l5eoS/ygQYl1BXBgFzWNlkHiAuyNAbevIn+FKg= +k8s.io/apiextensions-apiserver v0.20.0 h1:HmeP9mLET/HlIQ5gjP+1c20tgJrlshY5nUyIand3AVg= +k8s.io/apiextensions-apiserver v0.20.0/go.mod h1:ZH+C33L2Bh1LY1+HphoRmN1IQVLTShVcTojivK3N9xg= +k8s.io/apimachinery v0.20.0 h1:jjzbTJRXk0unNS71L7h3lxGDH/2HPxMPaQY+MjECKL8= +k8s.io/apimachinery v0.20.0/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= +k8s.io/cli-runtime v0.20.0 h1:UfTR9vGUWshJpwuekl7MqRmWumNs5tvqPj20qnmOns8= +k8s.io/cli-runtime v0.20.0/go.mod h1:C5tewU1SC1t09D7pmkk83FT4lMAw+bvMDuRxA7f0t2s= +k8s.io/cluster-bootstrap v0.20.0 h1:E3QnxUHhaCV5efsKSW0IXR5XFJTsve5oGq7BQgPey9I= +k8s.io/cluster-bootstrap v0.20.0/go.mod h1:6WZaNIBvcvL7MkPzSRKrZDIr4u+ePW2oIWoRsEFMjmE= +k8s.io/code-generator v0.20.0/go.mod h1:UsqdF+VX4PU2g46NC2JRs4gc+IfrctnwHb76RNbWHJg= +k8s.io/component-base v0.20.0 h1:BXGL8iitIQD+0NgW49UsM7MraNUUGDU3FBmrfUAtmVQ= +k8s.io/component-base v0.20.0/go.mod h1:wKPj+RHnAr8LW2EIBIK7AxOHPde4gme2lzXwVSoRXeA= +k8s.io/component-helpers v0.20.0 h1:7Zi1fcb5nV0h03d9eeZGk71+ZWYvAN4Be+xMOZyFerc= +k8s.io/component-helpers v0.20.0/go.mod h1:nx6NOtfSfGOxnSZsDJxpGbnsVuUA1UXpwDvZIrtigNk= +k8s.io/cri-api v0.20.0 h1:NIbGU0wmC2d2Evuec8rDjOVel3sOi371fiGKW+QfOdI= +k8s.io/cri-api v0.20.0/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= +k8s.io/csi-translation-lib v0.20.0 h1:I4wsA4/nW2low2auCUIq/ZCF58/FlCADr1OddBh0AOQ= +k8s.io/csi-translation-lib v0.20.0/go.mod h1:M4CdD66GxEI6ev8aTtsA2NkK9kIF9K5VZQMcw/SsoLs= k8s.io/gengo v0.0.0-20200114144118-36b2048a9120/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/heapster v1.2.0-beta.1/go.mod h1:h1uhptVXMwC8xtZBYsPXKVi8fpdlYkTs6k949KozGrM= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0 h1:XRvcwJozkgZ1UQJmfMGpvRthQHOvihEhYtDfAaxMz/A= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.3.0 h1:WmkrnW7fdrm0/DMClc+HIxtftvxVIPAhlVwMQo5yLco= -k8s.io/klog/v2 v2.3.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-controller-manager v0.19.2/go.mod h1:29rfd3qO+zmDKPWyBYYEBw5487tHD4T22Hp4oNqiA18= -k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6 h1:+WnxoVtG8TMiudHBSEtrVL1egv36TkkJm+bA8AxicmQ= -k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= -k8s.io/kube-proxy v0.19.2 h1:cDmPhs1drhA4Vpx6TOjJrr+nmFmOAhM0OEqWIpzqnYQ= -k8s.io/kube-proxy v0.19.2/go.mod h1:/07XChnL0EkYAQyZ7noQuyPYX5QOUBQECa9dsm9ScyY= -k8s.io/kube-scheduler v0.19.2 h1:xV2Yj76g62n4+g6IR7/8Nba5VfCI53CCrD6qnQ4yaH0= -k8s.io/kube-scheduler v0.19.2/go.mod h1:Mh/QNfmP0eqt7JtNUyIAsGhU2zO4j1EWel8TFizxZKo= -k8s.io/kubectl v0.19.2 h1:/Dxz9u7S0GnchLA6Avqi5k1qhZH4Fusgecj8dHsSnbk= -k8s.io/kubectl v0.19.2/go.mod h1:4ib3oj5ma6gF95QukTvC7ZBMxp60+UEAhDPjLuBIrV4= -k8s.io/kubelet v0.19.2 h1:jSo57ceStXcmx/6hzEayl+lNYLt79lPT2YexU/9LZx4= -k8s.io/kubelet v0.19.2/go.mod h1:FHHoByVWzh6kNaarXaDPAa751Oz6REcOVRyFT84L1Is= -k8s.io/metrics v0.19.2 h1:rpfp7VDWvc6hnF9keM23+3NIkqTlgG0qF2/Xhp3q2DA= -k8s.io/metrics v0.19.2/go.mod h1:IlLaAGXN0q7yrtB+SV0q3JIraf6VtlDr+iuTcX21fCU= -k8s.io/sample-apiserver v0.19.2 h1:paiwWeP21s78DwV+Yv1L1Y3YVGhRyBXswHmOh0lE6ks= -k8s.io/sample-apiserver v0.19.2/go.mod h1:XZxHsGPvUkjzos8B/lhbM4REthLt4tRMfkhN2CRXCGs= +k8s.io/klog/v2 v2.4.0 h1:7+X0fUguPyrKEC4WjH8iGDg3laWgMo5tMnRTIGTTxGQ= +k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= +k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd h1:sOHNzJIkytDF6qadMNKhhDRpc6ODik8lVC6nOur7B2c= +k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= +k8s.io/kube-proxy v0.20.0 h1:Y/INM9li3azE0H7RtDmjQMuYFDTEL0bv6VQakgOJgvE= +k8s.io/kube-proxy v0.20.0/go.mod h1:R97oobM6zSh3ZqFMXi5DzCH/qJXNzua/UzcDmuQRexM= +k8s.io/kube-scheduler v0.20.0 h1:tcGAaUWyGfYVJOXo6sl2OJLVUWURmymeIRaE3UagNJk= +k8s.io/kube-scheduler v0.20.0/go.mod h1:cRTGsJU3TfQvbMJBmpoPgq9rBF5cQLpLKoOafKwdZnI= +k8s.io/kubectl v0.20.0 h1:q6HH6jILYi2lkzFqBhs63M4bKLxYlM0HpFJ///MgARA= +k8s.io/kubectl v0.20.0/go.mod h1:8x5GzQkgikz7M2eFGGuu6yOfrenwnw5g4RXOUgbjR1M= +k8s.io/kubelet v0.20.0 h1:vtQMgZ7B79vCUyEpoij2Oy6UmcJx0/D2lNXfViVTBMg= +k8s.io/kubelet v0.20.0/go.mod h1:lMdjO1NA+JZXSYtxb48pQmNERmC+vVIXIYkJIugVhl0= +k8s.io/metrics v0.20.0 h1:mu95gdtxR+bHkFOGQsKR5P7aZuDo3tE4F7UHT4eGm1w= +k8s.io/metrics v0.20.0/go.mod h1:9yiRhfr8K8sjdj2EthQQE9WvpYDvsXIV3CjN4Ruq4Jw= +k8s.io/sample-apiserver v0.20.0 h1:gF5SoH4sKkEjLs7YMl0kXLQilx5LfkNNlhf2QODsH+Y= +k8s.io/sample-apiserver v0.20.0/go.mod h1:tScvbz/BcUG46IOsu2YLt4EjBP7XeUuMzMbQt2tQYWw= k8s.io/system-validators v1.0.4/go.mod h1:HgSgTg4NAGNoYYjKsUyk52gdNi2PVDswQ9Iyn66R7NI= -k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89 h1:d4vVOjXm687F1iLSP2q3lyPPuyvTUt3aVoBpi2DqRsU= -k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= +k8s.io/utils v0.0.0-20200414100711-2df71ebbae66/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20201110183641-67b214c5f920 h1:CbnUZsM497iRC5QMVkHwyl8s2tB3g7yaSHkYPkpgelw= +k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= @@ -720,8 +763,8 @@ sigs.k8s.io/controller-tools v0.2.8/go.mod h1:9VKHPszmf2DHz/QmHkcfZoewO6BL7pPs9u sigs.k8s.io/kube-storage-version-migrator v0.0.3/go.mod h1:mXfSLkx9xbJHQsgNDDUZK/iQTs2tMbx/hsJlWe6Fthw= sigs.k8s.io/kustomize v2.0.3+incompatible h1:JUufWFNlI44MdtnjUqVnvh29rR37PQFzPbLXqhyOyX0= sigs.k8s.io/kustomize v2.0.3+incompatible/go.mod h1:MkjgH3RdOWrievjo6c9T245dYlB5QeXV4WCbnt/PEpU= -sigs.k8s.io/structured-merge-diff/v4 v4.0.1 h1:YXTMot5Qz/X1iBRJhAt+vI+HVttY0WkSqqhKxQ0xVbA= -sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2 h1:YHQV7Dajm86OuqnIR6zAelnDWBRjo+YhYV9PmGrh1s8= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= vbom.ml/util v0.0.0-20160121211510-db5cfe13f5cc/go.mod h1:so/NYdZXCz+E3ZpW0uAoCj6uzU2+8OWDFv/HxUSs7kI= diff --git a/vendor/github.com/Azure/go-autorest/.gitignore b/vendor/github.com/Azure/go-autorest/.gitignore new file mode 100644 index 000000000000..3350aaf70648 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/.gitignore @@ -0,0 +1,32 @@ +# The standard Go .gitignore file follows. (Sourced from: github.com/github/gitignore/master/Go.gitignore) +# Compiled Object files, Static and Dynamic libs (Shared Objects) +*.o +*.a +*.so + +# Folders +_obj +_test +.DS_Store +.idea/ +.vscode/ + +# Architecture specific extensions/prefixes +*.[568vq] +[568vq].out + +*.cgo1.go +*.cgo2.c +_cgo_defun.c +_cgo_gotypes.go +_cgo_export.* + +_testmain.go + +*.exe +*.test +*.prof + +# go-autorest specific +vendor/ +autorest/azure/example/example diff --git a/vendor/github.com/Azure/go-autorest/CHANGELOG.md b/vendor/github.com/Azure/go-autorest/CHANGELOG.md new file mode 100644 index 000000000000..d1f596bfc9b9 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/CHANGELOG.md @@ -0,0 +1,1004 @@ +# CHANGELOG + +## v14.2.0 + +- Added package comment to make `github.com/Azure/go-autorest` importable. + +## v14.1.1 + +### Bug Fixes + +- Change `x-ms-authorization-auxiliary` header value separator to comma. + +## v14.1.0 + +### New Features + +- Added `azure.SetEnvironment()` that will update the global environments map with the specified values. + +## v14.0.1 + +### Bug Fixes + +- Fix race condition when refreshing token. +- Fixed some tests to work with Go 1.14. + +## v14.0.0 + +## Breaking Changes + +- By default, the `DoRetryForStatusCodes` functions will no longer infinitely retry a request when the response returns an HTTP status code of 429 (StatusTooManyRequests). To opt in to the old behavior set `autorest.Count429AsRetry` to `false`. + +## New Features + +- Variable `autorest.Max429Delay` can be used to control the maximum delay between retries when a 429 is received with no `Retry-After` header. The default is zero which means there is no cap. + +## v13.4.0 + +## New Features + +- Added field `SendDecorators` to the `Client` type. This can be used to specify a custom chain of SendDecorators per client. +- Added method `Client.Send()` which includes logic for selecting the preferred chain of SendDecorators. + +## v13.3.3 + +### Bug Fixes + +- Fixed connection leak when retrying requests. +- Enabled exponential back-off with a 2-minute cap when retrying on 429. +- Fixed some cases where errors were inadvertently dropped. + +## v13.3.2 + +### Bug Fixes + +- Updated `autorest.AsStringSlice()` to convert slice elements to their string representation. + +## v13.3.1 + +- Updated external dependencies. + +### Bug Fixes + +## v13.3.0 + +### New Features + +- Added support for shared key and shared access signature token authorization. + - `autorest.NewSharedKeyAuthorizer()` and dependent types. + - `autorest.NewSASTokenAuthorizer()` and dependent types. +- Added `ServicePrincipalToken.SetCustomRefresh()` so a custom refresh function can be invoked when a token has expired. + +### Bug Fixes + +- Fixed `cli.AccessTokensPath()` to respect `AZURE_CONFIG_DIR` when set. +- Support parsing error messages in XML responses. + +## v13.2.0 + +### New Features + +- Added the following functions to replace their versions that don't take a context. + - `adal.InitiateDeviceAuthWithContext()` + - `adal.CheckForUserCompletionWithContext()` + - `adal.WaitForUserCompletionWithContext()` + +## v13.1.0 + +### New Features + +- Added support for MSI authentication on Azure App Service and Azure Functions. + +## v13.0.2 + +### Bug Fixes + +- Always retry a request even if the sender returns a non-nil error. + +## v13.0.1 + +## Bug Fixes + +- Fixed `autorest.WithQueryParameters()` so that it properly encodes multi-value query parameters. + +## v13.0.0 + +## Breaking Changes + +The `tracing` package has been rewritten to provide a common interface for consumers to wire in the tracing package of their choice. +What this means is that by default no tracing provider will be compiled into your program and setting the `AZURE_SDK_TRACING_ENABLED` +environment variable will have no effect. To enable this previous behavior you must now add the following import to your source file. +```go + import _ "github.com/Azure/go-autorest/tracing/opencensus" +``` +The APIs required by autorest-generated code have remained but some APIs have been removed and new ones added. +The following APIs and variables have been removed (the majority of them were moved to the `opencensus` package). +- tracing.Transport +- tracing.Enable() +- tracing.EnableWithAIForwarding() +- tracing.Disable() + +The following APIs and types have been added +- tracing.Tracer +- tracing.Register() + +To hook up a tracer simply call `tracing.Register()` passing in a type that satisfies the `tracing.Tracer` interface. + +## v12.4.3 + +### Bug Fixes + +- `autorest.MultiTenantServicePrincipalTokenAuthorizer` will now properly add its auxiliary bearer tokens. + +## v12.4.2 + +### Bug Fixes + +- Improvements to the fixes made in v12.4.1. + - Remove `override` stanza from Gopkg.toml and `replace` directive from go.mod as they don't apply when being consumed as a dependency. + - Switched to latest version of `ocagent` that still depends on protobuf v1.2. + - Add indirect dependencies to the `required` clause with matching `constraint` stanzas so that `dep` dependencies match go.sum. + +## v12.4.1 + +### Bug Fixes + +- Updated OpenCensus and OCAgent versions to versions that don't depend on v1.3+ of protobuf as it was breaking kubernetes. +- Pinned opencensus-proto to a version that's compatible with our versions of OpenCensus and OCAgent. + +## v12.4.0 + +### New Features + +- Added `autorest.WithPrepareDecorators` and `autorest.GetPrepareDecorators` for adding and retrieving a custom chain of PrepareDecorators to the provided context. + +## v12.3.0 + +### New Features + +- Support for multi-tenant via x-ms-authorization-auxiliary header has been added for client credentials with + secret scenario; this basically bundles multiple OAuthConfig and ServicePrincipalToken types into corresponding + MultiTenant* types along with a new authorizer that adds the primary and auxiliary token headers to the reqest. + The authenticaion helpers have been updated to support this scenario; if environment var AZURE_AUXILIARY_TENANT_IDS + is set with a semicolon delimited list of tenants the multi-tenant codepath will kick in to create the appropriate authorizer. + See `adal.NewMultiTenantOAuthConfig`, `adal.NewMultiTenantServicePrincipalToken` and `autorest.NewMultiTenantServicePrincipalTokenAuthorizer` + along with their supporting types and methods. +- Added `autorest.WithSendDecorators` and `autorest.GetSendDecorators` for adding and retrieving a custom chain of SendDecorators to the provided context. +- Added `autorest.DoRetryForStatusCodesWithCap` and `autorest.DelayForBackoffWithCap` to enforce an upper bound on the duration between retries. + +## v12.2.0 + +### New Features + +- Added `autorest.WithXML`, `autorest.AsMerge`, `autorest.WithBytes` preparer decorators. +- Added `autorest.ByUnmarshallingBytes` response decorator. +- Added `Response.IsHTTPStatus` and `Response.HasHTTPStatus` helper methods for inspecting HTTP status code in `autorest.Response` types. + +### Bug Fixes + +- `autorest.DelayWithRetryAfter` now supports HTTP-Dates in the `Retry-After` header and is not limited to just 429 status codes. + +## v12.1.0 + +### New Features + +- Added `to.ByteSlicePtr()`. +- Added blob/queue storage resource ID to `azure.ResourceIdentifier`. + +## v12.0.0 + +### Breaking Changes + +In preparation for modules the following deprecated content has been removed. + + - async.NewFuture() + - async.Future.Done() + - async.Future.WaitForCompletion() + - async.DoPollForAsynchronous() + - The `utils` package + - validation.NewErrorWithValidationError() + - The `version` package + +## v11.9.0 + +### New Features + +- Add `ResourceIdentifiers` field to `azure.Environment` containing resource IDs for public and sovereign clouds. + +## v11.8.0 + +### New Features + +- Added `autorest.NewClientWithOptions()` to support endpoints that require free renegotiation. + +## v11.7.1 + +### Bug Fixes + +- Fix missing support for http(s) proxy when using the default sender. + +## v11.7.0 + +### New Features + +- Added methods to obtain a ServicePrincipalToken on the various credential configuration types in the `auth` package. + +## v11.6.1 + +### Bug Fixes + +- Fix ACR DNS endpoint for government clouds. +- Add Cosmos DB DNS endpoints. +- Update dependencies to resolve build breaks in OpenCensus. + +## v11.6.0 + +### New Features + +- Added type `autorest.BasicAuthorizer` to support Basic authentication. + +## v11.5.2 + +### Bug Fixes + +- Fixed `GetTokenFromCLI` did not work with zsh. + +## v11.5.1 + +### Bug Fixes + +- In `Client.sender()` set the minimum TLS version on HTTP clients to 1.2. + +## v11.5.0 + +### New Features + +- The `auth` package has been refactored so that the environment and file settings are now available. +- The methods used in `auth.NewAuthorizerFromEnvironment()` are now exported so that custom authorization chains can be created. +- Added support for certificate authorization for file-based config. + +## v11.4.0 + +### New Features + +- Added `adal.AddToUserAgent()` so callers can append custom data to the user-agent header used for ADAL requests. +- Exported `adal.UserAgent()` for parity with `autorest.Client`. + +## v11.3.2 + +### Bug Fixes + +- In `Future.WaitForCompletionRef()` if the provided context has a deadline don't add the default deadline. + +## v11.3.1 + +### Bug Fixes + +- For an LRO PUT operation the final GET URL was incorrectly set to the Location polling header in some cases. + +## v11.3.0 + +### New Features + +- Added method `ServicePrincipalToken()` to `DeviceFlowConfig` type. + +## v11.2.8 + +### Bug Fixes + +- Deprecate content in the `version` package. The functionality has been superseded by content in the `autorest` package. + +## v11.2.7 + +### Bug Fixes + +- Fix environment variable name for enabling tracing from `AZURE_SDK_TRACING_ENABELD` to `AZURE_SDK_TRACING_ENABLED`. + Note that for backward compatibility reasons, both will work until the next major version release of the package. + +## v11.2.6 + +### Bug Fixes + +- If zero bytes are read from a polling response body don't attempt to unmarshal them. + +## v11.2.5 + +### Bug Fixes + +- Removed race condition in `autorest.DoRetryForStatusCodes`. + +## v11.2.4 + +### Bug Fixes + +- Function `cli.ProfilePath` now respects environment `AZURE_CONFIG_DIR` if available. + +## v11.2.1 + +NOTE: Versions of Go prior to 1.10 have been removed from CI as they no +longer work with golint. + +### Bug Fixes + +- Method `MSIConfig.Authorizer` now supports user-assigned identities. +- The adal package now reports its own user-agent string. + +## v11.2.0 + +### New Features + +- Added `tracing` package that enables instrumentation of HTTP and API calls. + Setting the env variable `AZURE_SDK_TRACING_ENABLED` or calling `tracing.Enable` + will start instrumenting the code for metrics and traces. + Additionally, setting the env variable `OCAGENT_TRACE_EXPORTER_ENDPOINT` or + calling `tracing.EnableWithAIForwarding` will start the instrumentation and connect to an + App Insights Local Forwarder that is needs to be running. Note that if the + AI Local Forwarder is not running tracking will still be enabled. + By default, instrumentation is disabled. Once enabled, instrumentation can also + be programatically disabled by calling `Disable`. +- Added `DoneWithContext` call for checking LRO status. `Done` has been deprecated. + +### Bug Fixes + +- Don't use the initial request's context for LRO polling. +- Don't override the `refreshLock` and the `http.Client` when unmarshalling `ServicePrincipalToken` if + it is already set. + +## v11.1.1 + +### Bug Fixes + +- When creating a future always include the polling tracker even if there's a failure; this allows the underlying response to be obtained by the caller. + +## v11.1.0 + +### New Features + +- Added `auth.NewAuthorizerFromCLI` to create an authorizer configured from the Azure 2.0 CLI. +- Added `adal.NewOAuthConfigWithAPIVersion` to create an OAuthConfig with the specified API version. + +## v11.0.1 + +### New Features + +- Added `x5c` header to client assertion for certificate Issuer+Subject Name authentication. + +## v11.0.0 + +### Breaking Changes + +- To handle differences between ADFS and AAD the following fields have had their types changed from `string` to `json.Number` + - ExpiresIn + - ExpiresOn + - NotBefore + +### New Features + +- Added `auth.NewAuthorizerFromFileWithResource` to create an authorizer from the config file with the specified resource. +- Setting a client's `PollingDuration` to zero will use the provided context to control a LRO's polling duration. + +## v10.15.5 + +### Bug Fixes + +- In `DoRetryForStatusCodes`, if a request's context is cancelled return the last response. + +## v10.15.4 + +### Bug Fixes + +- If a polling operation returns a failure status code return the associated error. + +## v10.15.3 + +### Bug Fixes + +- Initialize the polling URL and method for an LRO tracker on each iteration, favoring the Azure-AsyncOperation header. + +## v10.15.2 + +### Bug Fixes + +- Use fmt.Fprint when printing request/response so that any escape sequences aren't treated as format specifiers. + +## v10.15.1 + +### Bug Fixes + +- If an LRO API returns a `Failed` provisioning state in the initial response return an error at that point so the caller doesn't have to poll. +- For failed LROs without an OData v4 error include the response body in the error's `AdditionalInfo` field to aid in diagnosing the failure. + +## v10.15.0 + +### New Features + +- Add initial support for request/response logging via setting environment variables. + Setting `AZURE_GO_SDK_LOG_LEVEL` to `LogInfo` will log request/response + without their bodies. To include the bodies set the log level to `LogDebug`. + By default the logger writes to strerr, however it can also write to stdout or a file + if specified in `AZURE_GO_SDK_LOG_FILE`. Note that if the specified file + already exists it will be truncated. + IMPORTANT: by default the logger will redact the Authorization and Ocp-Apim-Subscription-Key + headers. Any other secrets will _not_ be redacted. + +## v10.14.0 + +### New Features + +- Added package version that contains version constants and user-agent data. + +### Bug Fixes + +- Add the user-agent to token requests. + +## v10.13.0 + +- Added support for additionalInfo in ServiceError type. + +## v10.12.0 + +### New Features + +- Added field ServicePrincipalToken.MaxMSIRefreshAttempts to configure the maximun number of attempts to refresh an MSI token. + +## v10.11.4 + +### Bug Fixes + +- If an LRO returns http.StatusOK on the initial response with no async headers return the response body from Future.GetResult(). +- If there is no "final GET URL" return an error from Future.GetResult(). + +## v10.11.3 + +### Bug Fixes + +- In IMDS retry logic, if we don't receive a response don't retry. + - Renamed the retry function so it's clear it's meant for IMDS only. +- For error response bodies that aren't OData-v4 compliant stick the raw JSON in the ServiceError.Details field so the information isn't lost. + - Also add the raw HTTP response to the DetailedResponse. +- Removed superfluous wrapping of response error in azure.DoRetryWithRegistration(). + +## v10.11.2 + +### Bug Fixes + +- Validation for integers handles int and int64 types. + +## v10.11.1 + +### Bug Fixes + +- Adding User information to authorization config as parsed from CLI cache. + +## v10.11.0 + +### New Features + +- Added NewServicePrincipalTokenFromManualTokenSecret for creating a new SPT using a manual token and secret +- Added method ServicePrincipalToken.MarshalTokenJSON() to marshall the inner Token + +## v10.10.0 + +### New Features + +- Most ServicePrincipalTokens can now be marshalled/unmarshall to/from JSON (ServicePrincipalCertificateSecret and ServicePrincipalMSISecret are not supported). +- Added method ServicePrincipalToken.SetRefreshCallbacks(). + +## v10.9.2 + +### Bug Fixes + +- Refreshing a refresh token obtained from a web app authorization code now works. + +## v10.9.1 + +### Bug Fixes + +- The retry logic for MSI token requests now uses exponential backoff per the guidelines. +- IsTemporaryNetworkError() will return true for errors that don't implement the net.Error interface. + +## v10.9.0 + +### Deprecated Methods + +| Old Method | New Method | +| -------------------------: | :---------------------------: | +| azure.NewFuture() | azure.NewFutureFromResponse() | +| Future.WaitForCompletion() | Future.WaitForCompletionRef() | + +### New Features + +- Added azure.NewFutureFromResponse() for creating a Future from the initial response from an async operation. +- Added Future.GetResult() for making the final GET call to retrieve the result from an async operation. + +### Bug Fixes + +- Some futures failed to return their results, this should now be fixed. + +## v10.8.2 + +### Bug Fixes + +- Add nil-gaurd to token retry logic. + +## v10.8.1 + +### Bug Fixes + +- Return a TokenRefreshError if the sender fails on the initial request. +- Don't retry on non-temporary network errors. + +## v10.8.0 + +- Added NewAuthorizerFromEnvironmentWithResource() helper function. + +## v10.7.0 + +### New Features + +- Added \*WithContext() methods to ADAL token refresh operations. + +## v10.6.2 + +- Fixed a bug on device authentication. + +## v10.6.1 + +- Added retries to MSI token get request. + +## v10.6.0 + +- Changed MSI token implementation. Now, the token endpoint is the IMDS endpoint. + +## v10.5.1 + +### Bug Fixes + +- `DeviceFlowConfig.Authorizer()` now prints the device code message when running `go test`. `-v` flag is required. + +## v10.5.0 + +### New Features + +- Added NewPollingRequestWithContext() for use with polling asynchronous operations. + +### Bug Fixes + +- Make retry logic use the request's context instead of the deprecated Cancel object. + +## v10.4.0 + +### New Features + +- Added helper for parsing Azure Resource ID's. +- Added deprecation message to utils.GetEnvVarOrExit() + +## v10.3.0 + +### New Features + +- Added EnvironmentFromURL method to load an Environment from a given URL. This function is particularly useful in the private and hybrid Cloud model, where one may define their own endpoints +- Added TokenAudience endpoint to Environment structure. This is useful in private and hybrid cloud models where TokenAudience endpoint can be different from ResourceManagerEndpoint + +## v10.2.0 + +### New Features + +- Added endpoints for batch management. + +## v10.1.3 + +### Bug Fixes + +- In Client.Do() invoke WithInspection() last so that it will inspect WithAuthorization(). +- Fixed authorization methods to invoke p.Prepare() first, aligning them with the other preparers. + +## v10.1.2 + +- Corrected comment for auth.NewAuthorizerFromFile() function. + +## v10.1.1 + +- Updated version number to match current release. + +## v10.1.0 + +### New Features + +- Expose the polling URL for futures. + +### Bug Fixes + +- Add validation.NewErrorWithValidationError back to prevent breaking changes (it is deprecated). + +## v10.0.0 + +### New Features + +- Added target and innererror fields to ServiceError to comply with OData v4 spec. +- The Done() method on futures will now return a ServiceError object when available (it used to return a partial value of such errors). +- Added helper methods for obtaining authorizers. +- Expose the polling URL for futures. + +### Bug Fixes + +- Switched from glide to dep for dependency management. +- Fixed unmarshaling of ServiceError for JSON bodies that don't conform to the OData spec. +- Fixed a race condition in token refresh. + +### Breaking Changes + +- The ServiceError.Details field type has been changed to match the OData v4 spec. +- Go v1.7 has been dropped from CI. +- API parameter validation failures will now return a unique error type validation.Error. +- The adal.Token type has been decomposed from adal.ServicePrincipalToken (this was necessary in order to fix the token refresh race). + +## v9.10.0 + +- Fix the Service Bus suffix in Azure public env +- Add Service Bus Endpoint (AAD ResourceURI) for use in [Azure Service Bus RBAC Preview](https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-role-based-access-control) + +## v9.9.0 + +### New Features + +- Added EventGridKeyAuthorizer for key authorization with event grid topics. + +### Bug Fixes + +- Fixed race condition when auto-refreshing service principal tokens. + +## v9.8.1 + +### Bug Fixes + +- Added http.StatusNoContent (204) to the list of expected status codes for long-running operations. +- Updated runtime version info so it's current. + +## v9.8.0 + +### New Features + +- Added type azure.AsyncOpIncompleteError to be returned from a future's Result() method when the operation has not completed. + +## v9.7.1 + +### Bug Fixes + +- Use correct AAD and Graph endpoints for US Gov environment. + +## v9.7.0 + +### New Features + +- Added support for application/octet-stream MIME types. + +## v9.6.1 + +### Bug Fixes + +- Ensure Authorization header is added to request when polling for registration status. + +## v9.6.0 + +### New Features + +- Added support for acquiring tokens via MSI with a user assigned identity. + +## v9.5.3 + +### Bug Fixes + +- Don't remove encoding of existing URL Query parameters when calling autorest.WithQueryParameters. +- Set correct Content Type when using autorest.WithFormData. + +## v9.5.2 + +### Bug Fixes + +- Check for nil \*http.Response before dereferencing it. + +## v9.5.1 + +### Bug Fixes + +- Don't count http.StatusTooManyRequests (429) against the retry cap. +- Use retry logic when SkipResourceProviderRegistration is set to true. + +## v9.5.0 + +### New Features + +- Added support for username + password, API key, authoriazation code and cognitive services authentication. +- Added field SkipResourceProviderRegistration to clients to provide a way to skip auto-registration of RPs. +- Added utility function AsStringSlice() to convert its parameters to a string slice. + +### Bug Fixes + +- When checking for authentication failures look at the error type not the status code as it could vary. + +## v9.4.2 + +### Bug Fixes + +- Validate parameters when creating credentials. +- Don't retry requests if the returned status is a 401 (http.StatusUnauthorized) as it will never succeed. + +## v9.4.1 + +### Bug Fixes + +- Update the AccessTokensPath() to read access tokens path through AZURE_ACCESS_TOKEN_FILE. If this + environment variable is not set, it will fall back to use default path set by Azure CLI. +- Use case-insensitive string comparison for polling states. + +## v9.4.0 + +### New Features + +- Added WaitForCompletion() to Future as a default polling implementation. + +### Bug Fixes + +- Method Future.Done() shouldn't update polling status for unexpected HTTP status codes. + +## v9.3.1 + +### Bug Fixes + +- DoRetryForStatusCodes will retry if sender.Do returns a non-nil error. + +## v9.3.0 + +### New Features + +- Added PollingMethod() to Future so callers know what kind of polling mechanism is used. +- Added azure.ChangeToGet() which transforms an http.Request into a GET (to be used with LROs). + +## v9.2.0 + +### New Features + +- Added support for custom Azure Stack endpoints. +- Added type azure.Future used to track the status of long-running operations. + +### Bug Fixes + +- Preserve the original error in DoRetryWithRegistration when registration fails. + +## v9.1.1 + +- Fixes a bug regarding the cookie jar on `autorest.Client.Sender`. + +## v9.1.0 + +### New Features + +- In cases where there is a non-empty error from the service, attempt to unmarshal it instead of uniformly calling it an "Unknown" error. +- Support for loading Azure CLI Authentication files. +- Automatically register your subscription with the Azure Resource Provider if it hadn't been previously. + +### Bug Fixes + +- RetriableRequest can now tolerate a ReadSeekable body being read but not reset. +- Adding missing Apache Headers + +## v9.0.0 + +> **IMPORTANT:** This release was intially labeled incorrectly as `v8.4.0`. From the time it was released, it should have been marked `v9.0.0` because it contains breaking changes to the MSI packages. We appologize for any inconvenience this causes. + +Adding MSI Endpoint Support and CLI token rehydration. + +## v8.3.1 + +Pick up bug fix in adal for MSI support. + +## v8.3.0 + +Updates to Error string formats for clarity. Also, adding a copy of the http.Response to errors for an improved debugging experience. + +## v8.2.0 + +### New Features + +- Add support for bearer authentication callbacks +- Support 429 response codes that include "Retry-After" header +- Support validation constraint "Pattern" for map keys + +### Bug Fixes + +- Make RetriableRequest work with multiple versions of Go + +## v8.1.1 + +Updates the RetriableRequest to take advantage of GetBody() added in Go 1.8. + +## v8.1.0 + +Adds RetriableRequest type for more efficient handling of retrying HTTP requests. + +## v8.0.0 + +ADAL refactored into its own package. +Support for UNIX time. + +## v7.3.1 + +- Version Testing now removed from production bits that are shipped with the library. + +## v7.3.0 + +- Exposing new `RespondDecorator`, `ByDiscardingBody`. This allows operations + to acknowledge that they do not need either the entire or a trailing portion + of accepts response body. In doing so, Go's http library can reuse HTTP + connections more readily. +- Adding `PrepareDecorator` to target custom BaseURLs. +- Adding ACR suffix to public cloud environment. +- Updating Glide dependencies. + +## v7.2.5 + +- Fixed the Active Directory endpoint for the China cloud. +- Removes UTF-8 BOM if present in response payload. +- Added telemetry. + +## v7.2.3 + +- Fixing bug in calls to `DelayForBackoff` that caused doubling of delay + duration. + +## v7.2.2 + +- autorest/azure: added ASM and ARM VM DNS suffixes. + +## v7.2.1 + +- fixed parsing of UTC times that are not RFC3339 conformant. + +## v7.2.0 + +- autorest/validation: Reformat validation error for better error message. + +## v7.1.0 + +- preparer: Added support for multipart formdata - WithMultiPartFormdata() +- preparer: Added support for sending file in request body - WithFile +- client: Added RetryDuration parameter. +- autorest/validation: new package for validation code for Azure Go SDK. + +## v7.0.7 + +- Add trailing / to endpoint +- azure: add EnvironmentFromName + +## v7.0.6 + +- Add retry logic for 408, 500, 502, 503 and 504 status codes. +- Change url path and query encoding logic. +- Fix DelayForBackoff for proper exponential delay. +- Add CookieJar in Client. + +## v7.0.5 + +- Add check to start polling only when status is in [200,201,202]. +- Refactoring for unchecked errors. +- azure/persist changes. +- Fix 'file in use' issue in renewing token in deviceflow. +- Store header RetryAfter for subsequent requests in polling. +- Add attribute details in service error. + +## v7.0.4 + +- Better error messages for long running operation failures + +## v7.0.3 + +- Corrected DoPollForAsynchronous to properly handle the initial response + +## v7.0.2 + +- Corrected DoPollForAsynchronous to continue using the polling method first discovered + +## v7.0.1 + +- Fixed empty JSON input error in ByUnmarshallingJSON +- Fixed polling support for GET calls +- Changed format name from TimeRfc1123 to TimeRFC1123 + +## v7.0.0 + +- Added ByCopying responder with supporting TeeReadCloser +- Rewrote Azure asynchronous handling +- Reverted to only unmarshalling JSON +- Corrected handling of RFC3339 time strings and added support for Rfc1123 time format + +The `json.Decoder` does not catch bad data as thoroughly as `json.Unmarshal`. Since +`encoding/json` successfully deserializes all core types, and extended types normally provide +their custom JSON serialization handlers, the code has been reverted back to using +`json.Unmarshal`. The original change to use `json.Decode` was made to reduce duplicate +code; there is no loss of function, and there is a gain in accuracy, by reverting. + +Additionally, Azure services indicate requests to be polled by multiple means. The existing code +only checked for one of those (that is, the presence of the `Azure-AsyncOperation` header). +The new code correctly covers all cases and aligns with the other Azure SDKs. + +## v6.1.0 + +- Introduced `date.ByUnmarshallingJSONDate` and `date.ByUnmarshallingJSONTime` to enable JSON encoded values. + +## v6.0.0 + +- Completely reworked the handling of polled and asynchronous requests +- Removed unnecessary routines +- Reworked `mocks.Sender` to replay a series of `http.Response` objects +- Added `PrepareDecorators` for primitive types (e.g., bool, int32) + +Handling polled and asynchronous requests is no longer part of `Client#Send`. Instead new +`SendDecorators` implement different styles of polled behavior. See`autorest.DoPollForStatusCodes` +and `azure.DoPollForAsynchronous` for examples. + +## v5.0.0 + +- Added new RespondDecorators unmarshalling primitive types +- Corrected application of inspection and authorization PrependDecorators + +## v4.0.0 + +- Added support for Azure long-running operations. +- Added cancelation support to all decorators and functions that may delay. +- Breaking: `DelayForBackoff` now accepts a channel, which may be nil. + +## v3.1.0 + +- Add support for OAuth Device Flow authorization. +- Add support for ServicePrincipalTokens that are backed by an existing token, rather than other secret material. +- Add helpers for persisting and restoring Tokens. +- Increased code coverage in the github.com/Azure/autorest/azure package + +## v3.0.0 + +- Breaking: `NewErrorWithError` no longer takes `statusCode int`. +- Breaking: `NewErrorWithStatusCode` is replaced with `NewErrorWithResponse`. +- Breaking: `Client#Send()` no longer takes `codes ...int` argument. +- Add: XML unmarshaling support with `ByUnmarshallingXML()` +- Stopped vending dependencies locally and switched to [Glide](https://github.com/Masterminds/glide). + Applications using this library should either use Glide or vendor dependencies locally some other way. +- Add: `azure.WithErrorUnlessStatusCode()` decorator to handle Azure errors. +- Fix: use `net/http.DefaultClient` as base client. +- Fix: Missing inspection for polling responses added. +- Add: CopyAndDecode helpers. +- Improved `./autorest/to` with `[]string` helpers. +- Removed golint suppressions in .travis.yml. + +## v2.1.0 + +- Added `StatusCode` to `Error` for more easily obtaining the HTTP Reponse StatusCode (if any) + +## v2.0.0 + +- Changed `to.StringMapPtr` method signature to return a pointer +- Changed `ServicePrincipalCertificateSecret` and `NewServicePrincipalTokenFromCertificate` to support generic certificate and private keys + +## v1.0.0 + +- Added Logging inspectors to trace http.Request / Response +- Added support for User-Agent header +- Changed WithHeader PrepareDecorator to use set vs. add +- Added JSON to error when unmarshalling fails +- Added Client#Send method +- Corrected case of "Azure" in package paths +- Added "to" helpers, Azure helpers, and improved ease-of-use +- Corrected golint issues + +## v1.0.1 + +- Added CHANGELOG.md + +## v1.1.0 + +- Added mechanism to retrieve a ServicePrincipalToken using a certificate-signed JWT +- Added an example of creating a certificate-based ServicePrincipal and retrieving an OAuth token using the certificate + +## v1.1.1 + +- Introduce godeps and vendor dependencies introduced in v1.1.1 diff --git a/vendor/github.com/Azure/go-autorest/GNUmakefile b/vendor/github.com/Azure/go-autorest/GNUmakefile new file mode 100644 index 000000000000..a434e73ac49d --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/GNUmakefile @@ -0,0 +1,23 @@ +DIR?=./autorest/ + +default: build + +build: fmt + go install $(DIR) + +test: + go test $(DIR) || exit 1 + +vet: + @echo "go vet ." + @go vet $(DIR)... ; if [ $$? -eq 1 ]; then \ + echo ""; \ + echo "Vet found suspicious constructs. Please check the reported constructs"; \ + echo "and fix them if necessary before submitting the code for review."; \ + exit 1; \ + fi + +fmt: + gofmt -w $(DIR) + +.PHONY: build test vet fmt diff --git a/vendor/github.com/Azure/go-autorest/Gopkg.lock b/vendor/github.com/Azure/go-autorest/Gopkg.lock new file mode 100644 index 000000000000..dc6e3e633e6d --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/Gopkg.lock @@ -0,0 +1,324 @@ +# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'. + + +[[projects]] + digest = "1:892e39e5c083d0943f1e80ab8351690f183c6a5ab24e1d280adcad424c26255e" + name = "contrib.go.opencensus.io/exporter/ocagent" + packages = ["."] + pruneopts = "UT" + revision = "a8a6f458bbc1d5042322ad1f9b65eeb0b69be9ea" + version = "v0.6.0" + +[[projects]] + digest = "1:8f5acd4d4462b5136af644d25101f0968a7a94ee90fcb2059cec5b7cc42e0b20" + name = "github.com/census-instrumentation/opencensus-proto" + packages = [ + "gen-go/agent/common/v1", + "gen-go/agent/metrics/v1", + "gen-go/agent/trace/v1", + "gen-go/metrics/v1", + "gen-go/resource/v1", + "gen-go/trace/v1", + ] + pruneopts = "UT" + revision = "d89fa54de508111353cb0b06403c00569be780d8" + version = "v0.2.1" + +[[projects]] + digest = "1:ffe9824d294da03b391f44e1ae8281281b4afc1bdaa9588c9097785e3af10cec" + name = "github.com/davecgh/go-spew" + packages = ["spew"] + pruneopts = "UT" + revision = "8991bc29aa16c548c550c7ff78260e27b9ab7c73" + version = "v1.1.1" + +[[projects]] + digest = "1:76dc72490af7174349349838f2fe118996381b31ea83243812a97e5a0fd5ed55" + name = "github.com/dgrijalva/jwt-go" + packages = ["."] + pruneopts = "UT" + revision = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e" + version = "v3.2.0" + +[[projects]] + digest = "1:cf0d2e435fd4ce45b789e93ef24b5f08e86be0e9807a16beb3694e2d8c9af965" + name = "github.com/dimchansky/utfbom" + packages = ["."] + pruneopts = "UT" + revision = "d2133a1ce379ef6fa992b0514a77146c60db9d1c" + version = "v1.1.0" + +[[projects]] + branch = "master" + digest = "1:b7cb6054d3dff43b38ad2e92492f220f57ae6087ee797dca298139776749ace8" + name = "github.com/golang/groupcache" + packages = ["lru"] + pruneopts = "UT" + revision = "611e8accdfc92c4187d399e95ce826046d4c8d73" + +[[projects]] + digest = "1:e3839df32927e8d3403cd5aa7253d966e8ff80fc8f10e2e35d146461cd83fcfa" + name = "github.com/golang/protobuf" + packages = [ + "descriptor", + "jsonpb", + "proto", + "protoc-gen-go/descriptor", + "ptypes", + "ptypes/any", + "ptypes/duration", + "ptypes/struct", + "ptypes/timestamp", + "ptypes/wrappers", + ] + pruneopts = "UT" + revision = "6c65a5562fc06764971b7c5d05c76c75e84bdbf7" + version = "v1.3.2" + +[[projects]] + digest = "1:c560cd79300fac84f124b96225181a637a70b60155919a3c36db50b7cca6b806" + name = "github.com/grpc-ecosystem/grpc-gateway" + packages = [ + "internal", + "runtime", + "utilities", + ] + pruneopts = "UT" + revision = "f7120437bb4f6c71f7f5076ad65a45310de2c009" + version = "v1.12.1" + +[[projects]] + digest = "1:5d231480e1c64a726869bc4142d270184c419749d34f167646baa21008eb0a79" + name = "github.com/mitchellh/go-homedir" + packages = ["."] + pruneopts = "UT" + revision = "af06845cf3004701891bf4fdb884bfe4920b3727" + version = "v1.1.0" + +[[projects]] + digest = "1:0028cb19b2e4c3112225cd871870f2d9cf49b9b4276531f03438a88e94be86fe" + name = "github.com/pmezard/go-difflib" + packages = ["difflib"] + pruneopts = "UT" + revision = "792786c7400a136282c1664665ae0a8db921c6c2" + version = "v1.0.0" + +[[projects]] + digest = "1:99d32780e5238c2621fff621123997c3e3cca96db8be13179013aea77dfab551" + name = "github.com/stretchr/testify" + packages = [ + "assert", + "require", + ] + pruneopts = "UT" + revision = "221dbe5ed46703ee255b1da0dec05086f5035f62" + version = "v1.4.0" + +[[projects]] + digest = "1:7c5e00383399fe13de0b4b65c9fdde16275407ce8ac02d867eafeaa916edcc71" + name = "go.opencensus.io" + packages = [ + ".", + "internal", + "internal/tagencoding", + "metric/metricdata", + "metric/metricproducer", + "plugin/ocgrpc", + "plugin/ochttp", + "plugin/ochttp/propagation/b3", + "plugin/ochttp/propagation/tracecontext", + "resource", + "stats", + "stats/internal", + "stats/view", + "tag", + "trace", + "trace/internal", + "trace/propagation", + "trace/tracestate", + ] + pruneopts = "UT" + revision = "aad2c527c5defcf89b5afab7f37274304195a6b2" + version = "v0.22.2" + +[[projects]] + branch = "master" + digest = "1:f604f5e2ee721b6757d962dfe7bab4f28aae50c456e39cfb2f3819762a44a6ae" + name = "golang.org/x/crypto" + packages = [ + "pkcs12", + "pkcs12/internal/rc2", + ] + pruneopts = "UT" + revision = "e9b2fee46413994441b28dfca259d911d963dfed" + +[[projects]] + branch = "master" + digest = "1:334b27eac455cb6567ea28cd424230b07b1a64334a2f861a8075ac26ce10af43" + name = "golang.org/x/lint" + packages = [ + ".", + "golint", + ] + pruneopts = "UT" + revision = "fdd1cda4f05fd1fd86124f0ef9ce31a0b72c8448" + +[[projects]] + branch = "master" + digest = "1:257a75d024975428ab9192bfc334c3490882f8cb21322ea5784ca8eca000a910" + name = "golang.org/x/net" + packages = [ + "http/httpguts", + "http2", + "http2/hpack", + "idna", + "internal/timeseries", + "trace", + ] + pruneopts = "UT" + revision = "1ddd1de85cb0337b623b740a609d35817d516a8d" + +[[projects]] + branch = "master" + digest = "1:382bb5a7fb4034db3b6a2d19e5a4a6bcf52f4750530603c01ca18a172fa3089b" + name = "golang.org/x/sync" + packages = ["semaphore"] + pruneopts = "UT" + revision = "cd5d95a43a6e21273425c7ae415d3df9ea832eeb" + +[[projects]] + branch = "master" + digest = "1:4da420ceda5f68e8d748aa2169d0ed44ffadb1bbd6537cf778a49563104189b8" + name = "golang.org/x/sys" + packages = ["unix"] + pruneopts = "UT" + revision = "ce4227a45e2eb77e5c847278dcc6a626742e2945" + +[[projects]] + digest = "1:8d8faad6b12a3a4c819a3f9618cb6ee1fa1cfc33253abeeea8b55336721e3405" + name = "golang.org/x/text" + packages = [ + "collate", + "collate/build", + "internal/colltab", + "internal/gen", + "internal/language", + "internal/language/compact", + "internal/tag", + "internal/triegen", + "internal/ucd", + "language", + "secure/bidirule", + "transform", + "unicode/bidi", + "unicode/cldr", + "unicode/norm", + "unicode/rangetable", + ] + pruneopts = "UT" + revision = "342b2e1fbaa52c93f31447ad2c6abc048c63e475" + version = "v0.3.2" + +[[projects]] + branch = "master" + digest = "1:4eb5ea8395fb60212dd58b92c9db80bab59d5e99c7435f9a6a0a528c373b60e7" + name = "golang.org/x/tools" + packages = [ + "go/ast/astutil", + "go/gcexportdata", + "go/internal/gcimporter", + "go/types/typeutil", + ] + pruneopts = "UT" + revision = "259af5ff87bdcd4abf2ecda8edc3f13f04f26a42" + +[[projects]] + digest = "1:964bb30febc27fabfbec4759fa530c6ec35e77a7c85fed90b9317ea39a054877" + name = "google.golang.org/api" + packages = ["support/bundler"] + pruneopts = "UT" + revision = "8a410c21381766a810817fd6200fce8838ecb277" + version = "v0.14.0" + +[[projects]] + branch = "master" + digest = "1:a8d5c2c6e746b3485e36908ab2a9e3d77b86b81f8156d88403c7d2b462431dfd" + name = "google.golang.org/genproto" + packages = [ + "googleapis/api/httpbody", + "googleapis/rpc/status", + "protobuf/field_mask", + ] + pruneopts = "UT" + revision = "51378566eb590fa106d1025ea12835a4416dda84" + +[[projects]] + digest = "1:b59ce3ddb11daeeccccc9cb3183b58ebf8e9a779f1c853308cd91612e817a301" + name = "google.golang.org/grpc" + packages = [ + ".", + "backoff", + "balancer", + "balancer/base", + "balancer/roundrobin", + "binarylog/grpc_binarylog_v1", + "codes", + "connectivity", + "credentials", + "credentials/internal", + "encoding", + "encoding/proto", + "grpclog", + "internal", + "internal/backoff", + "internal/balancerload", + "internal/binarylog", + "internal/buffer", + "internal/channelz", + "internal/envconfig", + "internal/grpcrand", + "internal/grpcsync", + "internal/resolver/dns", + "internal/resolver/passthrough", + "internal/syscall", + "internal/transport", + "keepalive", + "metadata", + "naming", + "peer", + "resolver", + "serviceconfig", + "stats", + "status", + "tap", + ] + pruneopts = "UT" + revision = "1a3960e4bd028ac0cec0a2afd27d7d8e67c11514" + version = "v1.25.1" + +[[projects]] + digest = "1:b75b3deb2bce8bc079e16bb2aecfe01eb80098f5650f9e93e5643ca8b7b73737" + name = "gopkg.in/yaml.v2" + packages = ["."] + pruneopts = "UT" + revision = "1f64d6156d11335c3f22d9330b0ad14fc1e789ce" + version = "v2.2.7" + +[solve-meta] + analyzer-name = "dep" + analyzer-version = 1 + input-imports = [ + "contrib.go.opencensus.io/exporter/ocagent", + "github.com/dgrijalva/jwt-go", + "github.com/dimchansky/utfbom", + "github.com/mitchellh/go-homedir", + "github.com/stretchr/testify/require", + "go.opencensus.io/plugin/ochttp", + "go.opencensus.io/plugin/ochttp/propagation/tracecontext", + "go.opencensus.io/stats/view", + "go.opencensus.io/trace", + "golang.org/x/crypto/pkcs12", + "golang.org/x/lint/golint", + ] + solver-name = "gps-cdcl" + solver-version = 1 diff --git a/vendor/github.com/Azure/go-autorest/Gopkg.toml b/vendor/github.com/Azure/go-autorest/Gopkg.toml new file mode 100644 index 000000000000..1fc28659696c --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/Gopkg.toml @@ -0,0 +1,59 @@ +# Gopkg.toml example +# +# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html +# for detailed Gopkg.toml documentation. +# +# required = ["github.com/user/thing/cmd/thing"] +# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"] +# +# [[constraint]] +# name = "github.com/user/project" +# version = "1.0.0" +# +# [[constraint]] +# name = "github.com/user/project2" +# branch = "dev" +# source = "github.com/myfork/project2" +# +# [[override]] +# name = "github.com/x/y" +# version = "2.4.0" +# +# [prune] +# non-go = false +# go-tests = true +# unused-packages = true + +required = ["golang.org/x/lint/golint"] + +[prune] + go-tests = true + unused-packages = true + +[[constraint]] + name = "contrib.go.opencensus.io/exporter/ocagent" + version = "0.6.0" + +[[constraint]] + name = "github.com/dgrijalva/jwt-go" + version = "3.2.0" + +[[constraint]] + name = "github.com/dimchansky/utfbom" + version = "1.1.0" + +[[constraint]] + name = "github.com/mitchellh/go-homedir" + version = "1.1.0" + +[[constraint]] + name = "github.com/stretchr/testify" + version = "1.3.0" + +[[constraint]] + name = "go.opencensus.io" + version = "0.22.0" + +[[constraint]] + branch = "master" + name = "golang.org/x/crypto" diff --git a/vendor/github.com/Azure/go-autorest/LICENSE b/vendor/github.com/Azure/go-autorest/LICENSE new file mode 100644 index 000000000000..b9d6a27ea92e --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/LICENSE @@ -0,0 +1,191 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright 2015 Microsoft Corporation + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/README.md b/vendor/github.com/Azure/go-autorest/README.md new file mode 100644 index 000000000000..de1e19a44df9 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/README.md @@ -0,0 +1,165 @@ +# go-autorest + +[![GoDoc](https://godoc.org/github.com/Azure/go-autorest/autorest?status.png)](https://godoc.org/github.com/Azure/go-autorest/autorest) +[![Build Status](https://dev.azure.com/azure-sdk/public/_apis/build/status/go/Azure.go-autorest?branchName=master)](https://dev.azure.com/azure-sdk/public/_build/latest?definitionId=625&branchName=master) +[![Go Report Card](https://goreportcard.com/badge/Azure/go-autorest)](https://goreportcard.com/report/Azure/go-autorest) + +Package go-autorest provides an HTTP request client for use with [Autorest](https://github.com/Azure/autorest.go)-generated API client packages. + +An authentication client tested with Azure Active Directory (AAD) is also +provided in this repo in the package +`github.com/Azure/go-autorest/autorest/adal`. Despite its name, this package +is maintained only as part of the Azure Go SDK and is not related to other +"ADAL" libraries in [github.com/AzureAD](https://github.com/AzureAD). + +## Overview + +Package go-autorest implements an HTTP request pipeline suitable for use across +multiple goroutines and provides the shared routines used by packages generated +by [Autorest](https://github.com/Azure/autorest.go). + +The package breaks sending and responding to HTTP requests into three phases: Preparing, Sending, +and Responding. A typical pattern is: + +```go + req, err := Prepare(&http.Request{}, + token.WithAuthorization()) + + resp, err := Send(req, + WithLogging(logger), + DoErrorIfStatusCode(http.StatusInternalServerError), + DoCloseIfError(), + DoRetryForAttempts(5, time.Second)) + + err = Respond(resp, + ByDiscardingBody(), + ByClosing()) +``` + +Each phase relies on decorators to modify and / or manage processing. Decorators may first modify +and then pass the data along, pass the data first and then modify the result, or wrap themselves +around passing the data (such as a logger might do). Decorators run in the order provided. For +example, the following: + +```go + req, err := Prepare(&http.Request{}, + WithBaseURL("https://microsoft.com/"), + WithPath("a"), + WithPath("b"), + WithPath("c")) +``` + +will set the URL to: + +``` + https://microsoft.com/a/b/c +``` + +Preparers and Responders may be shared and re-used (assuming the underlying decorators support +sharing and re-use). Performant use is obtained by creating one or more Preparers and Responders +shared among multiple go-routines, and a single Sender shared among multiple sending go-routines, +all bound together by means of input / output channels. + +Decorators hold their passed state within a closure (such as the path components in the example +above). Be careful to share Preparers and Responders only in a context where such held state +applies. For example, it may not make sense to share a Preparer that applies a query string from a +fixed set of values. Similarly, sharing a Responder that reads the response body into a passed +struct (e.g., `ByUnmarshallingJson`) is likely incorrect. + +Errors raised by autorest objects and methods will conform to the `autorest.Error` interface. + +See the included examples for more detail. For details on the suggested use of this package by +generated clients, see the Client described below. + +## Helpers + +### Handling Swagger Dates + +The Swagger specification (https://swagger.io) that drives AutoRest +(https://github.com/Azure/autorest/) precisely defines two date forms: date and date-time. The +github.com/Azure/go-autorest/autorest/date package provides time.Time derivations to ensure correct +parsing and formatting. + +### Handling Empty Values + +In JSON, missing values have different semantics than empty values. This is especially true for +services using the HTTP PATCH verb. The JSON submitted with a PATCH request generally contains +only those values to modify. Missing values are to be left unchanged. Developers, then, require a +means to both specify an empty value and to leave the value out of the submitted JSON. + +The Go JSON package (`encoding/json`) supports the `omitempty` tag. When specified, it omits +empty values from the rendered JSON. Since Go defines default values for all base types (such as "" +for string and 0 for int) and provides no means to mark a value as actually empty, the JSON package +treats default values as meaning empty, omitting them from the rendered JSON. This means that, using +the Go base types encoded through the default JSON package, it is not possible to create JSON to +clear a value at the server. + +The workaround within the Go community is to use pointers to base types in lieu of base types within +structures that map to JSON. For example, instead of a value of type `string`, the workaround uses +`*string`. While this enables distinguishing empty values from those to be unchanged, creating +pointers to a base type (notably constant, in-line values) requires additional variables. This, for +example, + +```go + s := struct { + S *string + }{ S: &"foo" } +``` +fails, while, this + +```go + v := "foo" + s := struct { + S *string + }{ S: &v } +``` +succeeds. + +To ease using pointers, the subpackage `to` contains helpers that convert to and from pointers for +Go base types which have Swagger analogs. It also provides a helper that converts between +`map[string]string` and `map[string]*string`, enabling the JSON to specify that the value +associated with a key should be cleared. With the helpers, the previous example becomes + +```go + s := struct { + S *string + }{ S: to.StringPtr("foo") } +``` + +## Install + +```bash +go get github.com/Azure/go-autorest/autorest +go get github.com/Azure/go-autorest/autorest/azure +go get github.com/Azure/go-autorest/autorest/date +go get github.com/Azure/go-autorest/autorest/to +``` + +### Using with Go Modules +In [v12.0.1](https://github.com/Azure/go-autorest/pull/386), this repository introduced the following modules. + +- autorest/adal +- autorest/azure/auth +- autorest/azure/cli +- autorest/date +- autorest/mocks +- autorest/to +- autorest/validation +- autorest +- logger +- tracing + +Tagging cumulative SDK releases as a whole (e.g. `v12.3.0`) is still enabled to support consumers of this repo that have not yet migrated to modules. + +## License + +See LICENSE file. + +----- + +This project has adopted the [Microsoft Open Source Code of +Conduct](https://opensource.microsoft.com/codeofconduct/). For more information +see the [Code of Conduct +FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact +[opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional +questions or comments. diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/devicetoken.go b/vendor/github.com/Azure/go-autorest/autorest/adal/devicetoken.go index 914f8af5e4ea..9daa4b58b881 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/devicetoken.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/devicetoken.go @@ -222,6 +222,10 @@ func CheckForUserCompletionWithContext(ctx context.Context, sender Sender, code case "code_expired": return nil, ErrDeviceCodeExpired default: + // return a more meaningful error message if available + if token.ErrorDescription != nil { + return nil, fmt.Errorf("%s %s: %s", logPrefix, *token.Error, *token.ErrorDescription) + } return nil, ErrDeviceGeneric } } diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/go.mod b/vendor/github.com/Azure/go-autorest/autorest/adal/go.mod index a030eb42da8b..abcc27d4cc90 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/go.mod +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/go.mod @@ -3,10 +3,10 @@ module github.com/Azure/go-autorest/autorest/adal go 1.12 require ( - github.com/Azure/go-autorest/autorest v0.9.0 - github.com/Azure/go-autorest/autorest/date v0.2.0 - github.com/Azure/go-autorest/autorest/mocks v0.3.0 - github.com/Azure/go-autorest/tracing v0.5.0 - github.com/dgrijalva/jwt-go v3.2.0+incompatible - golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413 + github.com/Azure/go-autorest v14.2.0+incompatible + github.com/Azure/go-autorest/autorest/date v0.3.0 + github.com/Azure/go-autorest/autorest/mocks v0.4.1 + github.com/Azure/go-autorest/tracing v0.6.0 + github.com/form3tech-oss/jwt-go v3.2.2+incompatible + golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0 ) diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/go.sum b/vendor/github.com/Azure/go-autorest/autorest/adal/go.sum index e43cf6498d0d..9d55b0f59611 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/go.sum +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/go.sum @@ -1,26 +1,17 @@ -github.com/Azure/go-autorest/autorest v0.9.0 h1:MRvx8gncNaXJqOoLmhNjUAKh33JJF8LyxPhomEtOsjs= -github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= -github.com/Azure/go-autorest/autorest/date v0.1.0 h1:YGrhWfrgtFs84+h0o46rJrlmsZtyZRg470CqAXTZaGM= -github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= -github.com/Azure/go-autorest/autorest/date v0.2.0 h1:yW+Zlqf26583pE43KhfnhFcdmSWlm5Ew6bxipnr/tbM= -github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g= -github.com/Azure/go-autorest/autorest/mocks v0.1.0 h1:Kx+AUU2Te+A3JIyYn6Dfs+cFgx5XorQKuIXrZGoq/SI= -github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0 h1:Ww5g4zThfD/6cLb4z6xxgeyDa7QDkizMkJKe0ysZXp0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.3.0 h1:qJumjCaCudz+OcqE9/XtEPfvtOjOmKaui4EOpFI6zZc= -github.com/Azure/go-autorest/autorest/mocks v0.3.0/go.mod h1:a8FDP3DYzQ4RYfVAxAN3SVSiiO77gL2j2ronKKP0syM= -github.com/Azure/go-autorest/logger v0.1.0 h1:ruG4BSDXONFRrZZJ2GUXDiUyVpayPmb1GnWeHDdaNKY= -github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= -github.com/Azure/go-autorest/tracing v0.5.0 h1:TRn4WjSnkcSy5AEG3pnbtFSwNtwzjr4VYyQflFE619k= -github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= -github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= +github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= +github.com/Azure/go-autorest/autorest/mocks v0.4.1 h1:K0laFcLE6VLTOwNgSxaGbUcLPuGXlNkbVvq4cW4nIHk= +github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= +github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= +github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= +github.com/form3tech-oss/jwt-go v3.2.2+incompatible h1:TcekIExNqud5crz4xD2pavyTgWiPvpYe4Xau31I0PRk= +github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413 h1:ULYEB3JvPRE/IfO+9uO7vKV/xzVTO7XPAwm8xbf4w2g= -golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0 h1:hb9wdF1z5waM+dSIICn1l0DkLVDT3hqhhQsDNUmHPRE= +golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go index 28a4bfc4c437..7551b79235de 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go @@ -16,9 +16,9 @@ package adal // See the License for the specific language governing permissions and // limitations under the License. -// This file, and the github.com/Azure/go-autorest/autorest import, won't actually become part of +// This file, and the github.com/Azure/go-autorest import, won't actually become part of // the resultant binary. // Necessary for safely adding multi-module repo. // See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest/autorest" +import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/persist.go b/vendor/github.com/Azure/go-autorest/autorest/adal/persist.go index 9e15f2751f27..2a974a39b3cd 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/persist.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/persist.go @@ -15,11 +15,24 @@ package adal // limitations under the License. import ( + "crypto/rsa" + "crypto/x509" "encoding/json" + "errors" "fmt" "io/ioutil" "os" "path/filepath" + + "golang.org/x/crypto/pkcs12" +) + +var ( + // ErrMissingCertificate is returned when no local certificate is found in the provided PFX data. + ErrMissingCertificate = errors.New("adal: certificate missing") + + // ErrMissingPrivateKey is returned when no private key is found in the provided PFX data. + ErrMissingPrivateKey = errors.New("adal: private key missing") ) // LoadToken restores a Token object from a file located at 'path'. @@ -71,3 +84,52 @@ func SaveToken(path string, mode os.FileMode, token Token) error { } return nil } + +// DecodePfxCertificateData extracts the x509 certificate and RSA private key from the provided PFX data. +// The PFX data must contain a private key along with a certificate whose public key matches that of the +// private key or an error is returned. +// If the private key is not password protected pass the empty string for password. +func DecodePfxCertificateData(pfxData []byte, password string) (*x509.Certificate, *rsa.PrivateKey, error) { + blocks, err := pkcs12.ToPEM(pfxData, password) + if err != nil { + return nil, nil, err + } + // first extract the private key + var priv *rsa.PrivateKey + for _, block := range blocks { + if block.Type == "PRIVATE KEY" { + priv, err = x509.ParsePKCS1PrivateKey(block.Bytes) + if err != nil { + return nil, nil, err + } + break + } + } + if priv == nil { + return nil, nil, ErrMissingPrivateKey + } + // now find the certificate with the matching public key of our private key + var cert *x509.Certificate + for _, block := range blocks { + if block.Type == "CERTIFICATE" { + pcert, err := x509.ParseCertificate(block.Bytes) + if err != nil { + return nil, nil, err + } + certKey, ok := pcert.PublicKey.(*rsa.PublicKey) + if !ok { + // keep looking + continue + } + if priv.E == certKey.E && priv.N.Cmp(certKey.N) == 0 { + // found a match + cert = pcert + break + } + } + } + if cert == nil { + return nil, nil, ErrMissingCertificate + } + return cert, priv, nil +} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token.go index b65b2c8b206a..b83f16a49a1f 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/token.go @@ -35,7 +35,7 @@ import ( "time" "github.com/Azure/go-autorest/autorest/date" - "github.com/dgrijalva/jwt-go" + "github.com/form3tech-oss/jwt-go" ) const ( @@ -62,6 +62,9 @@ const ( // msiEndpoint is the well known endpoint for getting MSI authentications tokens msiEndpoint = "http://169.254.169.254/metadata/identity/oauth2/token" + // the API version to use for the MSI endpoint + msiAPIVersion = "2018-02-01" + // the default number of attempts to refresh an MSI authentication token defaultMaxMSIRefreshAttempts = 5 @@ -70,6 +73,9 @@ const ( // asMSISecretEnv is the environment variable used to store the request secret on App Service and Functions asMSISecretEnv = "MSI_SECRET" + + // the API version to use for the App Service MSI endpoint + appServiceAPIVersion = "2017-09-01" ) // OAuthTokenProvider is an interface which should be implemented by an access token retriever @@ -354,6 +360,7 @@ type ServicePrincipalToken struct { customRefreshFunc TokenRefresh refreshCallbacks []TokenRefreshCallback // MaxMSIRefreshAttempts is the maximum number of attempts to refresh an MSI token. + // Settings this to a value less than 1 will use the default value. MaxMSIRefreshAttempts int } @@ -650,6 +657,8 @@ func GetMSIVMEndpoint() (string, error) { return msiEndpoint, nil } +// NOTE: this only indicates if the ASE environment credentials have been set +// which does not necessarily mean that the caller is authenticating via ASE! func isAppService() bool { _, asMSIEndpointEnvExists := os.LookupEnv(asMSIEndpointEnv) _, asMSISecretEnvExists := os.LookupEnv(asMSISecretEnv) @@ -678,16 +687,22 @@ func GetMSIEndpoint() (string, error) { // NewServicePrincipalTokenFromMSI creates a ServicePrincipalToken via the MSI VM Extension. // It will use the system assigned identity when creating the token. func NewServicePrincipalTokenFromMSI(msiEndpoint, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - return newServicePrincipalTokenFromMSI(msiEndpoint, resource, nil, callbacks...) + return newServicePrincipalTokenFromMSI(msiEndpoint, resource, nil, nil, callbacks...) } // NewServicePrincipalTokenFromMSIWithUserAssignedID creates a ServicePrincipalToken via the MSI VM Extension. -// It will use the specified user assigned identity when creating the token. +// It will use the clientID of specified user assigned identity when creating the token. func NewServicePrincipalTokenFromMSIWithUserAssignedID(msiEndpoint, resource string, userAssignedID string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - return newServicePrincipalTokenFromMSI(msiEndpoint, resource, &userAssignedID, callbacks...) + return newServicePrincipalTokenFromMSI(msiEndpoint, resource, &userAssignedID, nil, callbacks...) +} + +// NewServicePrincipalTokenFromMSIWithIdentityResourceID creates a ServicePrincipalToken via the MSI VM Extension. +// It will use the azure resource id of user assigned identity when creating the token. +func NewServicePrincipalTokenFromMSIWithIdentityResourceID(msiEndpoint, resource string, identityResourceID string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { + return newServicePrincipalTokenFromMSI(msiEndpoint, resource, nil, &identityResourceID, callbacks...) } -func newServicePrincipalTokenFromMSI(msiEndpoint, resource string, userAssignedID *string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { +func newServicePrincipalTokenFromMSI(msiEndpoint, resource string, userAssignedID *string, identityResourceID *string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { if err := validateStringParam(msiEndpoint, "msiEndpoint"); err != nil { return nil, err } @@ -699,6 +714,11 @@ func newServicePrincipalTokenFromMSI(msiEndpoint, resource string, userAssignedI return nil, err } } + if identityResourceID != nil { + if err := validateStringParam(*identityResourceID, "identityResourceID"); err != nil { + return nil, err + } + } // We set the oauth config token endpoint to be MSI's endpoint msiEndpointURL, err := url.Parse(msiEndpoint) if err != nil { @@ -709,13 +729,16 @@ func newServicePrincipalTokenFromMSI(msiEndpoint, resource string, userAssignedI v.Set("resource", resource) // App Service MSI currently only supports token API version 2017-09-01 if isAppService() { - v.Set("api-version", "2017-09-01") + v.Set("api-version", appServiceAPIVersion) } else { - v.Set("api-version", "2018-02-01") + v.Set("api-version", msiAPIVersion) } if userAssignedID != nil { v.Set("client_id", *userAssignedID) } + if identityResourceID != nil { + v.Set("mi_res_id", *identityResourceID) + } msiEndpointURL.RawQuery = v.Encode() spt := &ServicePrincipalToken{ @@ -771,8 +794,9 @@ func (spt *ServicePrincipalToken) EnsureFresh() error { // EnsureFreshWithContext will refresh the token if it will expire within the refresh window (as set by // RefreshWithin) and autoRefresh flag is on. This method is safe for concurrent use. func (spt *ServicePrincipalToken) EnsureFreshWithContext(ctx context.Context) error { - if spt.inner.AutoRefresh && spt.inner.Token.WillExpireIn(spt.inner.RefreshWithin) { - // take the write lock then check to see if the token was already refreshed + // must take the read lock when initially checking the token's expiration + if spt.inner.AutoRefresh && spt.Token().WillExpireIn(spt.inner.RefreshWithin) { + // take the write lock then check again to see if the token was already refreshed spt.refreshLock.Lock() defer spt.refreshLock.Unlock() if spt.inner.Token.WillExpireIn(spt.inner.RefreshWithin) { @@ -835,11 +859,28 @@ func (spt *ServicePrincipalToken) getGrantType() string { } func isIMDS(u url.URL) bool { - imds, err := url.Parse(msiEndpoint) + return isMSIEndpoint(u) == true || isASEEndpoint(u) == true +} + +func isMSIEndpoint(endpoint url.URL) bool { + msi, err := url.Parse(msiEndpoint) if err != nil { return false } - return (u.Host == imds.Host && u.Path == imds.Path) || isAppService() + return endpoint.Host == msi.Host && endpoint.Path == msi.Path +} + +func isASEEndpoint(endpoint url.URL) bool { + aseEndpoint, err := GetMSIAppServiceEndpoint() + if err != nil { + // app service environment isn't enabled + return false + } + ase, err := url.Parse(aseEndpoint) + if err != nil { + return false + } + return endpoint.Host == ase.Host && endpoint.Path == ase.Path } func (spt *ServicePrincipalToken) refreshInternal(ctx context.Context, resource string) error { @@ -858,7 +899,7 @@ func (spt *ServicePrincipalToken) refreshInternal(ctx context.Context, resource } req.Header.Add("User-Agent", UserAgent()) // Add header when runtime is on App Service or Functions - if isAppService() { + if isASEEndpoint(spt.inner.OauthConfig.TokenEndpoint) { asMSISecret, _ := os.LookupEnv(asMSISecretEnv) req.Header.Add("Secret", asMSISecret) } @@ -900,6 +941,14 @@ func (spt *ServicePrincipalToken) refreshInternal(ctx context.Context, resource } var resp *http.Response + if isMSIEndpoint(spt.inner.OauthConfig.TokenEndpoint) { + resp, err = getMSIEndpoint(ctx, spt.sender) + if err != nil { + // return a TokenRefreshError here so that we don't keep retrying + return newTokenRefreshError(fmt.Sprintf("the MSI endpoint is not available. Failed HTTP request to MSI endpoint: %v", err), nil) + } + resp.Body.Close() + } if isIMDS(spt.inner.OauthConfig.TokenEndpoint) { resp, err = retryForIMDS(spt.sender, req, spt.MaxMSIRefreshAttempts) } else { @@ -972,6 +1021,11 @@ func retryForIMDS(sender Sender, req *http.Request, maxAttempts int) (resp *http attempt := 0 delay := time.Duration(0) + // maxAttempts is user-specified, ensure that its value is greater than zero else no request will be made + if maxAttempts < 1 { + maxAttempts = defaultMaxMSIRefreshAttempts + } + for attempt < maxAttempts { if resp != nil && resp.Body != nil { io.Copy(ioutil.Discard, resp.Body) @@ -1133,3 +1187,12 @@ func NewMultiTenantServicePrincipalToken(multiTenantCfg MultiTenantOAuthConfig, } return &m, nil } + +// MSIAvailable returns true if the MSI endpoint is available for authentication. +func MSIAvailable(ctx context.Context, sender Sender) bool { + resp, err := getMSIEndpoint(ctx, sender) + if err == nil { + resp.Body.Close() + } + return err == nil +} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go new file mode 100644 index 000000000000..45e01a7eee8d --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go @@ -0,0 +1,36 @@ +// +build go1.13 + +// Copyright 2017 Microsoft Corporation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package adal + +import ( + "context" + "net/http" + "time" +) + +func getMSIEndpoint(ctx context.Context, sender Sender) (*http.Response, error) { + // this cannot fail, the return sig is due to legacy reasons + msiEndpoint, _ := GetMSIVMEndpoint() + tempCtx, cancel := context.WithTimeout(ctx, 500*time.Millisecond) + defer cancel() + // http.NewRequestWithContext() was added in Go 1.13 + req, _ := http.NewRequestWithContext(tempCtx, http.MethodGet, msiEndpoint, nil) + q := req.URL.Query() + q.Add("api-version", msiAPIVersion) + req.URL.RawQuery = q.Encode() + return sender.Do(req) +} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go new file mode 100644 index 000000000000..6f7ad8078c15 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go @@ -0,0 +1,36 @@ +// +build !go1.13 + +// Copyright 2017 Microsoft Corporation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package adal + +import ( + "context" + "net/http" + "time" +) + +func getMSIEndpoint(ctx context.Context, sender Sender) (*http.Response, error) { + // this cannot fail, the return sig is due to legacy reasons + msiEndpoint, _ := GetMSIVMEndpoint() + tempCtx, cancel := context.WithTimeout(ctx, 500*time.Millisecond) + defer cancel() + req, _ := http.NewRequest(http.MethodGet, msiEndpoint, nil) + req = req.WithContext(tempCtx) + q := req.URL.Query() + q.Add("api-version", msiAPIVersion) + req.URL.RawQuery = q.Encode() + return sender.Do(req) +} diff --git a/vendor/github.com/Azure/go-autorest/autorest/authorization.go b/vendor/github.com/Azure/go-autorest/autorest/authorization.go index f43e1a6ed5a1..15138b642f2e 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/authorization.go +++ b/vendor/github.com/Azure/go-autorest/autorest/authorization.go @@ -138,6 +138,11 @@ func (ba *BearerAuthorizer) WithAuthorization() PrepareDecorator { } } +// TokenProvider returns OAuthTokenProvider so that it can be used for authorization outside the REST. +func (ba *BearerAuthorizer) TokenProvider() adal.OAuthTokenProvider { + return ba.tokenProvider +} + // BearerAuthorizerCallbackFunc is the authentication callback signature. type BearerAuthorizerCallbackFunc func(tenantID, resource string) (*BearerAuthorizer, error) @@ -331,7 +336,7 @@ func (mt multiTenantSPTAuthorizer) WithAuthorization() PrepareDecorator { for i := range auxTokens { auxTokens[i] = fmt.Sprintf("Bearer %s", auxTokens[i]) } - return Prepare(r, WithHeader(headerAuxAuthorization, strings.Join(auxTokens, "; "))) + return Prepare(r, WithHeader(headerAuxAuthorization, strings.Join(auxTokens, ", "))) }) } } diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go b/vendor/github.com/Azure/go-autorest/autorest/azure/async.go index c5fc511f67c0..5326f1fd3b9b 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go +++ b/vendor/github.com/Azure/go-autorest/autorest/azure/async.go @@ -167,7 +167,13 @@ func (f *Future) WaitForCompletionRef(ctx context.Context, client autorest.Clien cancelCtx, cancel = context.WithTimeout(ctx, d) defer cancel() } - + // if the initial response has a Retry-After, sleep for the specified amount of time before starting to poll + if delay, ok := f.GetPollingDelay(); ok { + if delayElapsed := autorest.DelayForBackoff(delay, 0, cancelCtx.Done()); !delayElapsed { + err = cancelCtx.Err() + return + } + } done, err := f.DoneWithContext(ctx, client) for attempts := 0; !done; done, err = f.DoneWithContext(ctx, client) { if attempts >= client.RetryAttempts { diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go b/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go index 6c20b8179ab0..faff93275991 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go +++ b/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go @@ -127,7 +127,7 @@ var ( KeyVaultDNSSuffix: "vault.usgovcloudapi.net", ServiceBusEndpointSuffix: "servicebus.usgovcloudapi.net", ServiceManagementVMDNSSuffix: "usgovcloudapp.net", - ResourceManagerVMDNSSuffix: "cloudapp.windowsazure.us", + ResourceManagerVMDNSSuffix: "cloudapp.usgovcloudapi.net", ContainerRegistryDNSSuffix: "azurecr.us", CosmosDBDNSSuffix: "documents.azure.us", TokenAudience: "https://management.usgovcloudapi.net/", @@ -160,7 +160,7 @@ var ( KeyVaultDNSSuffix: "vault.azure.cn", ServiceBusEndpointSuffix: "servicebus.chinacloudapi.cn", ServiceManagementVMDNSSuffix: "chinacloudapp.cn", - ResourceManagerVMDNSSuffix: "cloudapp.azure.cn", + ResourceManagerVMDNSSuffix: "cloudapp.chinacloudapi.cn", ContainerRegistryDNSSuffix: "azurecr.cn", CosmosDBDNSSuffix: "documents.azure.cn", TokenAudience: "https://management.chinacloudapi.cn/", @@ -242,3 +242,8 @@ func EnvironmentFromFile(location string) (unmarshaled Environment, err error) { return } + +// SetEnvironment updates the environment map with the specified values. +func SetEnvironment(name string, env Environment) { + environments[strings.ToUpper(name)] = env +} diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/go.mod b/vendor/github.com/Azure/go-autorest/autorest/date/go.mod index 3adc4804c3d2..f88ecc4022d6 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/date/go.mod +++ b/vendor/github.com/Azure/go-autorest/autorest/date/go.mod @@ -2,4 +2,4 @@ module github.com/Azure/go-autorest/autorest/date go 1.12 -require github.com/Azure/go-autorest/autorest v0.9.0 +require github.com/Azure/go-autorest v14.2.0+incompatible diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/go.sum b/vendor/github.com/Azure/go-autorest/autorest/date/go.sum index 9e2ee7a94844..1fc56a962ee4 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/date/go.sum +++ b/vendor/github.com/Azure/go-autorest/autorest/date/go.sum @@ -1,16 +1,2 @@ -github.com/Azure/go-autorest/autorest v0.9.0 h1:MRvx8gncNaXJqOoLmhNjUAKh33JJF8LyxPhomEtOsjs= -github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest/adal v0.5.0 h1:q2gDruN08/guU9vAjuPWff0+QIrpH6ediguzdAzXAUU= -github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= -github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= -github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0 h1:Ww5g4zThfD/6cLb4z6xxgeyDa7QDkizMkJKe0ysZXp0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/logger v0.1.0 h1:ruG4BSDXONFRrZZJ2GUXDiUyVpayPmb1GnWeHDdaNKY= -github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= -github.com/Azure/go-autorest/tracing v0.5.0 h1:TRn4WjSnkcSy5AEG3pnbtFSwNtwzjr4VYyQflFE619k= -github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= -github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/date/go_mod_tidy_hack.go index 55adf930f4ab..4e0543207171 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/date/go_mod_tidy_hack.go +++ b/vendor/github.com/Azure/go-autorest/autorest/date/go_mod_tidy_hack.go @@ -16,9 +16,9 @@ package date // See the License for the specific language governing permissions and // limitations under the License. -// This file, and the github.com/Azure/go-autorest/autorest import, won't actually become part of +// This file, and the github.com/Azure/go-autorest import, won't actually become part of // the resultant binary. // Necessary for safely adding multi-module repo. // See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest/autorest" +import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/go.mod b/vendor/github.com/Azure/go-autorest/autorest/go.mod index 499c56de48ae..b66c78da2ccf 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/go.mod +++ b/vendor/github.com/Azure/go-autorest/autorest/go.mod @@ -3,9 +3,10 @@ module github.com/Azure/go-autorest/autorest go 1.12 require ( - github.com/Azure/go-autorest/autorest/adal v0.8.2 - github.com/Azure/go-autorest/autorest/mocks v0.3.0 - github.com/Azure/go-autorest/logger v0.1.0 - github.com/Azure/go-autorest/tracing v0.5.0 - golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413 + github.com/Azure/go-autorest v14.2.0+incompatible + github.com/Azure/go-autorest/autorest/adal v0.9.0 + github.com/Azure/go-autorest/autorest/mocks v0.4.0 + github.com/Azure/go-autorest/logger v0.2.0 + github.com/Azure/go-autorest/tracing v0.6.0 + golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 ) diff --git a/vendor/github.com/Azure/go-autorest/autorest/go.sum b/vendor/github.com/Azure/go-autorest/autorest/go.sum index 37398d1d48a8..96d2ad0fcd86 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/go.sum +++ b/vendor/github.com/Azure/go-autorest/autorest/go.sum @@ -1,28 +1,21 @@ -github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest/adal v0.5.0 h1:q2gDruN08/guU9vAjuPWff0+QIrpH6ediguzdAzXAUU= -github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= -github.com/Azure/go-autorest/autorest/adal v0.8.2 h1:O1X4oexUxnZCaEUGsvMnr8ZGj8HI37tNezwY4npRqA0= -github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= -github.com/Azure/go-autorest/autorest/date v0.1.0 h1:YGrhWfrgtFs84+h0o46rJrlmsZtyZRg470CqAXTZaGM= -github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= -github.com/Azure/go-autorest/autorest/date v0.2.0 h1:yW+Zlqf26583pE43KhfnhFcdmSWlm5Ew6bxipnr/tbM= -github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g= -github.com/Azure/go-autorest/autorest/mocks v0.1.0 h1:Kx+AUU2Te+A3JIyYn6Dfs+cFgx5XorQKuIXrZGoq/SI= -github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0 h1:Ww5g4zThfD/6cLb4z6xxgeyDa7QDkizMkJKe0ysZXp0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.3.0 h1:qJumjCaCudz+OcqE9/XtEPfvtOjOmKaui4EOpFI6zZc= -github.com/Azure/go-autorest/autorest/mocks v0.3.0/go.mod h1:a8FDP3DYzQ4RYfVAxAN3SVSiiO77gL2j2ronKKP0syM= -github.com/Azure/go-autorest/logger v0.1.0 h1:ruG4BSDXONFRrZZJ2GUXDiUyVpayPmb1GnWeHDdaNKY= -github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= -github.com/Azure/go-autorest/tracing v0.5.0 h1:TRn4WjSnkcSy5AEG3pnbtFSwNtwzjr4VYyQflFE619k= -github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= +github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest/autorest/adal v0.9.0 h1:SigMbuFNuKgc1xcGhaeapbh+8fgsu+GxgDRFyg7f5lM= +github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= +github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= +github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= +github.com/Azure/go-autorest/autorest/mocks v0.4.0 h1:z20OWOSG5aCye0HEkDp6TPmP17ZcfeMxPi6HnSALa8c= +github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= +github.com/Azure/go-autorest/logger v0.2.0 h1:e4RVHVZKC5p6UANLJHkM4OfR1UKZPj8Wt8Pcx+3oqrE= +github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= +github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= +github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413 h1:ULYEB3JvPRE/IfO+9uO7vKV/xzVTO7XPAwm8xbf4w2g= -golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= diff --git a/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go new file mode 100644 index 000000000000..da65e1041eb0 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go @@ -0,0 +1,24 @@ +// +build modhack + +package autorest + +// Copyright 2017 Microsoft Corporation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// This file, and the github.com/Azure/go-autorest import, won't actually become part of +// the resultant binary. + +// Necessary for safely adding multi-module repo. +// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository +import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/mocks/go.mod b/vendor/github.com/Azure/go-autorest/autorest/mocks/go.mod index f1dfdbeb52b9..c3f6b7e866de 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/mocks/go.mod +++ b/vendor/github.com/Azure/go-autorest/autorest/mocks/go.mod @@ -2,4 +2,4 @@ module github.com/Azure/go-autorest/autorest/mocks go 1.12 -require github.com/Azure/go-autorest/autorest v0.9.0 +require github.com/Azure/go-autorest v14.2.0+incompatible diff --git a/vendor/github.com/Azure/go-autorest/autorest/mocks/go.sum b/vendor/github.com/Azure/go-autorest/autorest/mocks/go.sum index 7d96b7ed87d5..1fc56a962ee4 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/mocks/go.sum +++ b/vendor/github.com/Azure/go-autorest/autorest/mocks/go.sum @@ -1,16 +1,2 @@ -github.com/Azure/go-autorest/autorest v0.9.0 h1:MRvx8gncNaXJqOoLmhNjUAKh33JJF8LyxPhomEtOsjs= -github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest/adal v0.5.0 h1:q2gDruN08/guU9vAjuPWff0+QIrpH6ediguzdAzXAUU= -github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= -github.com/Azure/go-autorest/autorest/date v0.1.0 h1:YGrhWfrgtFs84+h0o46rJrlmsZtyZRg470CqAXTZaGM= -github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= -github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/logger v0.1.0 h1:ruG4BSDXONFRrZZJ2GUXDiUyVpayPmb1GnWeHDdaNKY= -github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= -github.com/Azure/go-autorest/tracing v0.5.0 h1:TRn4WjSnkcSy5AEG3pnbtFSwNtwzjr4VYyQflFE619k= -github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= -github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= diff --git a/vendor/github.com/Azure/go-autorest/autorest/mocks/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/mocks/go_mod_tidy_hack.go index b828eed70ee8..85a4baf1009b 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/mocks/go_mod_tidy_hack.go +++ b/vendor/github.com/Azure/go-autorest/autorest/mocks/go_mod_tidy_hack.go @@ -16,9 +16,9 @@ package mocks // See the License for the specific language governing permissions and // limitations under the License. -// This file, and the github.com/Azure/go-autorest/autorest import, won't actually become part of +// This file, and the github.com/Azure/go-autorest import, won't actually become part of // the resultant binary. // Necessary for safely adding multi-module repo. // See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest/autorest" +import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/mocks/mocks.go b/vendor/github.com/Azure/go-autorest/autorest/mocks/mocks.go index a00a27dd82b1..18847ba0f55d 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/mocks/mocks.go +++ b/vendor/github.com/Azure/go-autorest/autorest/mocks/mocks.go @@ -131,7 +131,13 @@ func (c *Sender) Do(r *http.Request) (resp *http.Response, err error) { } else { err = c.responses[0].e } - time.Sleep(c.responses[0].d) + select { + case <-time.After(c.responses[0].d): + // do nothing + case <-r.Context().Done(): + err = r.Context().Err() + return + } c.repeatResponse[0]-- if c.repeatResponse[0] == 0 { c.responses = c.responses[1:] diff --git a/vendor/github.com/Azure/go-autorest/autorest/sender.go b/vendor/github.com/Azure/go-autorest/autorest/sender.go index a07670b8cea6..704f3e55e084 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/sender.go +++ b/vendor/github.com/Azure/go-autorest/autorest/sender.go @@ -257,6 +257,12 @@ func DoRetryForAttempts(attempts int, backoff time.Duration) SendDecorator { } } +// Count429AsRetry indicates that a 429 response should be included as a retry attempt. +var Count429AsRetry = true + +// Max429Delay is the maximum duration to wait between retries on a 429 if no Retry-After header was received. +var Max429Delay time.Duration + // DoRetryForStatusCodes returns a SendDecorator that retries for specified statusCodes for up to the specified // number of attempts, exponentially backing off between requests using the supplied backoff // time.Duration (which may be zero). Retrying may be canceled by cancelling the context on the http.Request. @@ -264,7 +270,7 @@ func DoRetryForAttempts(attempts int, backoff time.Duration) SendDecorator { func DoRetryForStatusCodes(attempts int, backoff time.Duration, codes ...int) SendDecorator { return func(s Sender) Sender { return SenderFunc(func(r *http.Request) (*http.Response, error) { - return doRetryForStatusCodesImpl(s, r, false, attempts, backoff, 0, codes...) + return doRetryForStatusCodesImpl(s, r, Count429AsRetry, attempts, backoff, 0, codes...) }) } } @@ -276,7 +282,7 @@ func DoRetryForStatusCodes(attempts int, backoff time.Duration, codes ...int) Se func DoRetryForStatusCodesWithCap(attempts int, backoff, cap time.Duration, codes ...int) SendDecorator { return func(s Sender) Sender { return SenderFunc(func(r *http.Request) (*http.Response, error) { - return doRetryForStatusCodesImpl(s, r, true, attempts, backoff, cap, codes...) + return doRetryForStatusCodesImpl(s, r, Count429AsRetry, attempts, backoff, cap, codes...) }) } } @@ -297,11 +303,10 @@ func doRetryForStatusCodesImpl(s Sender, r *http.Request, count429 bool, attempt return resp, err } delayed := DelayWithRetryAfter(resp, r.Context().Done()) - // enforce a 2 minute cap between requests when 429 status codes are - // not going to be counted as an attempt and when the cap is 0. - // this should only happen in the absence of a retry-after header. - if !count429 && cap == 0 { - cap = 2 * time.Minute + // if this was a 429 set the delay cap as specified. + // applicable only in the absence of a retry-after header. + if resp != nil && resp.StatusCode == http.StatusTooManyRequests { + cap = Max429Delay } if !delayed && !DelayForBackoffWithCap(backoff, cap, delayCount, r.Context().Done()) { return resp, r.Context().Err() diff --git a/vendor/github.com/Azure/go-autorest/autorest/version.go b/vendor/github.com/Azure/go-autorest/autorest/version.go index a42f705d3765..713e23581d92 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/version.go +++ b/vendor/github.com/Azure/go-autorest/autorest/version.go @@ -19,7 +19,7 @@ import ( "runtime" ) -const number = "v13.4.0" +const number = "v14.2.1" var ( userAgent = fmt.Sprintf("Go/%s (%s-%s) go-autorest/%s", diff --git a/vendor/github.com/Azure/go-autorest/azure-pipelines.yml b/vendor/github.com/Azure/go-autorest/azure-pipelines.yml new file mode 100644 index 000000000000..6fb8404fd01d --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/azure-pipelines.yml @@ -0,0 +1,105 @@ +variables: + GOPATH: '$(system.defaultWorkingDirectory)/work' + sdkPath: '$(GOPATH)/src/github.com/$(build.repository.name)' + +jobs: + - job: 'goautorest' + displayName: 'Run go-autorest CI Checks' + + strategy: + matrix: + Linux_Go113: + vm.image: 'ubuntu-18.04' + go.version: '1.13' + Linux_Go114: + vm.image: 'ubuntu-18.04' + go.version: '1.14' + + pool: + vmImage: '$(vm.image)' + + steps: + - task: GoTool@0 + inputs: + version: '$(go.version)' + displayName: "Select Go Version" + + - script: | + set -e + mkdir -p '$(GOPATH)/bin' + mkdir -p '$(sdkPath)' + shopt -s extglob + mv !(work) '$(sdkPath)' + echo '##vso[task.prependpath]$(GOPATH)/bin' + displayName: 'Create Go Workspace' + + - script: | + set -e + curl -sSL https://raw.githubusercontent.com/golang/dep/master/install.sh | sh + dep ensure -v + go install ./vendor/golang.org/x/lint/golint + go get github.com/jstemmer/go-junit-report + go get github.com/axw/gocov/gocov + go get github.com/AlekSi/gocov-xml + go get -u github.com/matm/gocov-html + workingDirectory: '$(sdkPath)' + displayName: 'Install Dependencies' + + - script: | + go vet ./autorest/... + go vet ./logger/... + go vet ./tracing/... + workingDirectory: '$(sdkPath)' + displayName: 'Vet' + + - script: | + go build -v ./autorest/... + go build -v ./logger/... + go build -v ./tracing/... + workingDirectory: '$(sdkPath)' + displayName: 'Build' + + - script: | + set -e + go test -race -v -coverprofile=coverage.txt -covermode atomic ./autorest/... ./logger/... ./tracing/... 2>&1 | go-junit-report > report.xml + gocov convert coverage.txt > coverage.json + gocov-xml < coverage.json > coverage.xml + gocov-html < coverage.json > coverage.html + workingDirectory: '$(sdkPath)' + displayName: 'Run Tests' + + - script: grep -L -r --include *.go --exclude-dir vendor -P "Copyright (\d{4}|\(c\)) Microsoft" ./ | tee >&2 + workingDirectory: '$(sdkPath)' + displayName: 'Copyright Header Check' + failOnStderr: true + condition: succeededOrFailed() + + - script: | + gofmt -s -l -w ./autorest/. >&2 + gofmt -s -l -w ./logger/. >&2 + gofmt -s -l -w ./tracing/. >&2 + workingDirectory: '$(sdkPath)' + displayName: 'Format Check' + failOnStderr: true + condition: succeededOrFailed() + + - script: | + golint ./autorest/... >&2 + golint ./logger/... >&2 + golint ./tracing/... >&2 + workingDirectory: '$(sdkPath)' + displayName: 'Linter Check' + failOnStderr: true + condition: succeededOrFailed() + + - task: PublishTestResults@2 + inputs: + testRunner: JUnit + testResultsFiles: $(sdkPath)/report.xml + failTaskOnFailedTests: true + + - task: PublishCodeCoverageResults@1 + inputs: + codeCoverageTool: Cobertura + summaryFileLocation: $(sdkPath)/coverage.xml + additionalCodeCoverageFiles: $(sdkPath)/coverage.html diff --git a/vendor/github.com/Azure/go-autorest/doc.go b/vendor/github.com/Azure/go-autorest/doc.go new file mode 100644 index 000000000000..99ae6ca988a4 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/doc.go @@ -0,0 +1,18 @@ +/* +Package go-autorest provides an HTTP request client for use with Autorest-generated API client packages. +*/ +package go_autorest + +// Copyright 2017 Microsoft Corporation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/logger/go.mod b/vendor/github.com/Azure/go-autorest/logger/go.mod index f22ed56bcde4..bedeaee039e0 100644 --- a/vendor/github.com/Azure/go-autorest/logger/go.mod +++ b/vendor/github.com/Azure/go-autorest/logger/go.mod @@ -1,3 +1,5 @@ module github.com/Azure/go-autorest/logger go 1.12 + +require github.com/Azure/go-autorest v14.2.0+incompatible diff --git a/vendor/github.com/Azure/go-autorest/logger/go.sum b/vendor/github.com/Azure/go-autorest/logger/go.sum new file mode 100644 index 000000000000..1fc56a962ee4 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/logger/go.sum @@ -0,0 +1,2 @@ +github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= diff --git a/vendor/github.com/Azure/go-autorest/logger/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/logger/go_mod_tidy_hack.go new file mode 100644 index 000000000000..0aa27680db9b --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/logger/go_mod_tidy_hack.go @@ -0,0 +1,24 @@ +// +build modhack + +package logger + +// Copyright 2017 Microsoft Corporation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// This file, and the github.com/Azure/go-autorest import, won't actually become part of +// the resultant binary. + +// Necessary for safely adding multi-module repo. +// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository +import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/tracing/go.mod b/vendor/github.com/Azure/go-autorest/tracing/go.mod index 25c34c1085a7..a2cdec78c810 100644 --- a/vendor/github.com/Azure/go-autorest/tracing/go.mod +++ b/vendor/github.com/Azure/go-autorest/tracing/go.mod @@ -1,3 +1,5 @@ module github.com/Azure/go-autorest/tracing go 1.12 + +require github.com/Azure/go-autorest v14.2.0+incompatible diff --git a/vendor/github.com/Azure/go-autorest/tracing/go.sum b/vendor/github.com/Azure/go-autorest/tracing/go.sum new file mode 100644 index 000000000000..1fc56a962ee4 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/tracing/go.sum @@ -0,0 +1,2 @@ +github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= diff --git a/vendor/github.com/Azure/go-autorest/tracing/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/tracing/go_mod_tidy_hack.go new file mode 100644 index 000000000000..e163975cd4e1 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/tracing/go_mod_tidy_hack.go @@ -0,0 +1,24 @@ +// +build modhack + +package tracing + +// Copyright 2017 Microsoft Corporation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// This file, and the github.com/Azure/go-autorest import, won't actually become part of +// the resultant binary. + +// Necessary for safely adding multi-module repo. +// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository +import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Microsoft/hcsshim/osversion/osversion_windows.go b/vendor/github.com/Microsoft/hcsshim/osversion/osversion_windows.go new file mode 100644 index 000000000000..916950c02336 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/osversion/osversion_windows.go @@ -0,0 +1,51 @@ +package osversion + +import ( + "fmt" + + "golang.org/x/sys/windows" +) + +// OSVersion is a wrapper for Windows version information +// https://msdn.microsoft.com/en-us/library/windows/desktop/ms724439(v=vs.85).aspx +type OSVersion struct { + Version uint32 + MajorVersion uint8 + MinorVersion uint8 + Build uint16 +} + +// https://msdn.microsoft.com/en-us/library/windows/desktop/ms724833(v=vs.85).aspx +type osVersionInfoEx struct { + OSVersionInfoSize uint32 + MajorVersion uint32 + MinorVersion uint32 + BuildNumber uint32 + PlatformID uint32 + CSDVersion [128]uint16 + ServicePackMajor uint16 + ServicePackMinor uint16 + SuiteMask uint16 + ProductType byte + Reserve byte +} + +// Get gets the operating system version on Windows. +// The calling application must be manifested to get the correct version information. +func Get() OSVersion { + var err error + osv := OSVersion{} + osv.Version, err = windows.GetVersion() + if err != nil { + // GetVersion never fails. + panic(err) + } + osv.MajorVersion = uint8(osv.Version & 0xFF) + osv.MinorVersion = uint8(osv.Version >> 8 & 0xFF) + osv.Build = uint16(osv.Version >> 16) + return osv +} + +func (osv OSVersion) ToString() string { + return fmt.Sprintf("%d.%d.%d", osv.MajorVersion, osv.MinorVersion, osv.Build) +} diff --git a/vendor/github.com/Microsoft/hcsshim/osversion/windowsbuilds.go b/vendor/github.com/Microsoft/hcsshim/osversion/windowsbuilds.go new file mode 100644 index 000000000000..c26d35ac5738 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/osversion/windowsbuilds.go @@ -0,0 +1,23 @@ +package osversion + +const ( + // RS1 (version 1607, codename "Redstone 1") corresponds to Windows Server + // 2016 (ltsc2016) and Windows 10 (Anniversary Update). + RS1 = 14393 + + // RS2 (version 1703, codename "Redstone 2") was a client-only update, and + // corresponds to Windows 10 (Creators Update). + RS2 = 15063 + + // RS3 (version 1709, codename "Redstone 3") corresponds to Windows Server + // 1709 (Semi-Annual Channel (SAC)), and Windows 10 (Fall Creators Update). + RS3 = 16299 + + // RS4 (version 1803, codename "Redstone 4") corresponds to Windows Server + // 1809 (Semi-Annual Channel (SAC)), and Windows 10 (April 2018 Update). + RS4 = 17134 + + // RS5 (version 1809, codename "Redstone 5") corresponds to Windows Server + // 2019 (ltsc2019), and Windows 10 (October 2018 Update). + RS5 = 17763 +) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/config.go b/vendor/github.com/aws/aws-sdk-go/aws/config.go index 2def23fa1d1c..3b809e8478c1 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/config.go @@ -43,7 +43,7 @@ type Config struct { // An optional endpoint URL (hostname only or fully qualified URI) // that overrides the default generated endpoint for a client. Set this - // to `""` to use the default generated endpoint. + // to `nil` or the value to `""` to use the default generated endpoint. // // Note: You must still provide a `Region` value when specifying an // endpoint for a client. @@ -138,7 +138,7 @@ type Config struct { // `ExpectContinueTimeout` for information on adjusting the continue wait // timeout. https://golang.org/pkg/net/http/#Transport // - // You should use this flag to disble 100-Continue if you experience issues + // You should use this flag to disable 100-Continue if you experience issues // with proxies or third party S3 compatible services. S3Disable100Continue *bool @@ -183,7 +183,7 @@ type Config struct { // // Example: // sess := session.Must(session.NewSession(aws.NewConfig() - // .WithEC2MetadataDiableTimeoutOverride(true))) + // .WithEC2MetadataDisableTimeoutOverride(true))) // // svc := s3.New(sess) // @@ -194,7 +194,7 @@ type Config struct { // both IPv4 and IPv6 addressing. // // Setting this for a service which does not support dual stack will fail - // to make requets. It is not recommended to set this value on the session + // to make requests. It is not recommended to set this value on the session // as it will apply to all service clients created with the session. Even // services which don't support dual stack endpoints. // @@ -238,6 +238,7 @@ type Config struct { // EnableEndpointDiscovery will allow for endpoint discovery on operations that // have the definition in its model. By default, endpoint discovery is off. + // To use EndpointDiscovery, Endpoint should be unset or set to an empty string. // // Example: // sess := session.Must(session.NewSession(&aws.Config{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go b/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go index 66c5945db15e..2f9446333a65 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go @@ -2,42 +2,8 @@ package aws -import "time" - -// An emptyCtx is a copy of the Go 1.7 context.emptyCtx type. This is copied to -// provide a 1.6 and 1.5 safe version of context that is compatible with Go -// 1.7's Context. -// -// An emptyCtx is never canceled, has no values, and has no deadline. It is not -// struct{}, since vars of this type must have distinct addresses. -type emptyCtx int - -func (*emptyCtx) Deadline() (deadline time.Time, ok bool) { - return -} - -func (*emptyCtx) Done() <-chan struct{} { - return nil -} - -func (*emptyCtx) Err() error { - return nil -} - -func (*emptyCtx) Value(key interface{}) interface{} { - return nil -} - -func (e *emptyCtx) String() string { - switch e { - case backgroundCtx: - return "aws.BackgroundContext" - } - return "unknown empty Context" -} - -var ( - backgroundCtx = new(emptyCtx) +import ( + "github.com/aws/aws-sdk-go/internal/context" ) // BackgroundContext returns a context that will never be canceled, has no @@ -52,5 +18,5 @@ var ( // // See https://golang.org/pkg/context for more information on Contexts. func BackgroundContext() Context { - return backgroundCtx + return context.BackgroundCtx } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go index aa902d70837f..d95a5eb54080 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go @@ -225,6 +225,8 @@ var ValidateEndpointHandler = request.NamedHandler{Name: "core.ValidateEndpointH if r.ClientInfo.SigningRegion == "" && aws.StringValue(r.Config.Region) == "" { r.Error = aws.ErrMissingRegion } else if r.ClientInfo.Endpoint == "" { + // Was any endpoint provided by the user, or one was derived by the + // SDK's endpoint resolver? r.Error = aws.ErrMissingEndpoint } }} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go new file mode 100644 index 000000000000..5852b2648703 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go @@ -0,0 +1,22 @@ +// +build !go1.7 + +package credentials + +import ( + "github.com/aws/aws-sdk-go/internal/context" +) + +// backgroundContext returns a context that will never be canceled, has no +// values, and no deadline. This context is used by the SDK to provide +// backwards compatibility with non-context API operations and functionality. +// +// Go 1.6 and before: +// This context function is equivalent to context.Background in the Go stdlib. +// +// Go 1.7 and later: +// The context returned will be the value returned by context.Background() +// +// See https://golang.org/pkg/context for more information on Contexts. +func backgroundContext() Context { + return context.BackgroundCtx +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go new file mode 100644 index 000000000000..388b2154182d --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go @@ -0,0 +1,20 @@ +// +build go1.7 + +package credentials + +import "context" + +// backgroundContext returns a context that will never be canceled, has no +// values, and no deadline. This context is used by the SDK to provide +// backwards compatibility with non-context API operations and functionality. +// +// Go 1.6 and before: +// This context function is equivalent to context.Background in the Go stdlib. +// +// Go 1.7 and later: +// The context returned will be the value returned by context.Background() +// +// See https://golang.org/pkg/context for more information on Contexts. +func backgroundContext() Context { + return context.Background() +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go new file mode 100644 index 000000000000..8152a864add6 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go @@ -0,0 +1,39 @@ +// +build !go1.9 + +package credentials + +import "time" + +// Context is an copy of the Go v1.7 stdlib's context.Context interface. +// It is represented as a SDK interface to enable you to use the "WithContext" +// API methods with Go v1.6 and a Context type such as golang.org/x/net/context. +// +// This type, aws.Context, and context.Context are equivalent. +// +// See https://golang.org/pkg/context on how to use contexts. +type Context interface { + // Deadline returns the time when work done on behalf of this context + // should be canceled. Deadline returns ok==false when no deadline is + // set. Successive calls to Deadline return the same results. + Deadline() (deadline time.Time, ok bool) + + // Done returns a channel that's closed when work done on behalf of this + // context should be canceled. Done may return nil if this context can + // never be canceled. Successive calls to Done return the same value. + Done() <-chan struct{} + + // Err returns a non-nil error value after Done is closed. Err returns + // Canceled if the context was canceled or DeadlineExceeded if the + // context's deadline passed. No other values for Err are defined. + // After Done is closed, successive calls to Err return the same value. + Err() error + + // Value returns the value associated with this context for key, or nil + // if no value is associated with key. Successive calls to Value with + // the same key returns the same result. + // + // Use context values only for request-scoped data that transits + // processes and API boundaries, not for passing optional parameters to + // functions. + Value(key interface{}) interface{} +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go new file mode 100644 index 000000000000..4356edb3d5d3 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go @@ -0,0 +1,13 @@ +// +build go1.9 + +package credentials + +import "context" + +// Context is an alias of the Go stdlib's context.Context interface. +// It can be used within the SDK's API operation "WithContext" methods. +// +// This type, aws.Context, and context.Context are equivalent. +// +// See https://golang.org/pkg/context on how to use contexts. +type Context = context.Context diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go index 4af592158144..a880a3de8fe9 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go @@ -54,6 +54,7 @@ import ( "time" "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/internal/sync/singleflight" ) // AnonymousCredentials is an empty Credential object that can be used as @@ -106,6 +107,13 @@ type Provider interface { IsExpired() bool } +// ProviderWithContext is a Provider that can retrieve credentials with a Context +type ProviderWithContext interface { + Provider + + RetrieveWithContext(Context) (Value, error) +} + // An Expirer is an interface that Providers can implement to expose the expiration // time, if known. If the Provider cannot accurately provide this info, // it should not implement this interface. @@ -165,7 +173,9 @@ type Expiry struct { // the expiration time given to ensure no requests are made with expired // tokens. func (e *Expiry) SetExpiration(expiration time.Time, window time.Duration) { - e.expiration = expiration + // Passed in expirations should have the monotonic clock values stripped. + // This ensures time comparisons will be based on wall-time. + e.expiration = expiration.Round(0) if window > 0 { e.expiration = e.expiration.Add(-window) } @@ -197,24 +207,24 @@ func (e *Expiry) ExpiresAt() time.Time { // first instance of the credentials Value. All calls to Get() after that // will return the cached credentials Value until IsExpired() returns true. type Credentials struct { - creds Value - forceRefresh bool - - m sync.RWMutex + sf singleflight.Group + m sync.RWMutex + creds Value provider Provider } // NewCredentials returns a pointer to a new Credentials with the provider set. func NewCredentials(provider Provider) *Credentials { - return &Credentials{ - provider: provider, - forceRefresh: true, + c := &Credentials{ + provider: provider, } + return c } -// Get returns the credentials value, or error if the credentials Value failed -// to be retrieved. +// GetWithContext returns the credentials value, or error if the credentials +// Value failed to be retrieved. Will return early if the passed in context is +// canceled. // // Will return the cached credentials Value if it has not expired. If the // credentials Value has expired the Provider's Retrieve() will be called @@ -222,31 +232,70 @@ func NewCredentials(provider Provider) *Credentials { // // If Credentials.Expire() was called the credentials Value will be force // expired, and the next call to Get() will cause them to be refreshed. -func (c *Credentials) Get() (Value, error) { - // Check the cached credentials first with just the read lock. - c.m.RLock() - if !c.isExpired() { - creds := c.creds - c.m.RUnlock() - return creds, nil +// +// Passed in Context is equivalent to aws.Context, and context.Context. +func (c *Credentials) GetWithContext(ctx Context) (Value, error) { + // Check if credentials are cached, and not expired. + select { + case curCreds, ok := <-c.asyncIsExpired(): + // ok will only be true, of the credentials were not expired. ok will + // be false and have no value if the credentials are expired. + if ok { + return curCreds, nil + } + case <-ctx.Done(): + return Value{}, awserr.New("RequestCanceled", + "request context canceled", ctx.Err()) + } + + // Cannot pass context down to the actual retrieve, because the first + // context would cancel the whole group when there is not direct + // association of items in the group. + resCh := c.sf.DoChan("", func() (interface{}, error) { + return c.singleRetrieve(&suppressedContext{ctx}) + }) + select { + case res := <-resCh: + return res.Val.(Value), res.Err + case <-ctx.Done(): + return Value{}, awserr.New("RequestCanceled", + "request context canceled", ctx.Err()) } - c.m.RUnlock() +} - // Credentials are expired need to retrieve the credentials taking the full - // lock. +func (c *Credentials) singleRetrieve(ctx Context) (interface{}, error) { c.m.Lock() defer c.m.Unlock() - if c.isExpired() { - creds, err := c.provider.Retrieve() - if err != nil { - return Value{}, err - } + if curCreds := c.creds; !c.isExpiredLocked(curCreds) { + return curCreds, nil + } + + var creds Value + var err error + if p, ok := c.provider.(ProviderWithContext); ok { + creds, err = p.RetrieveWithContext(ctx) + } else { + creds, err = c.provider.Retrieve() + } + if err == nil { c.creds = creds - c.forceRefresh = false } - return c.creds, nil + return creds, err +} + +// Get returns the credentials value, or error if the credentials Value failed +// to be retrieved. +// +// Will return the cached credentials Value if it has not expired. If the +// credentials Value has expired the Provider's Retrieve() will be called +// to refresh the credentials. +// +// If Credentials.Expire() was called the credentials Value will be force +// expired, and the next call to Get() will cause them to be refreshed. +func (c *Credentials) Get() (Value, error) { + return c.GetWithContext(backgroundContext()) } // Expire expires the credentials and forces them to be retrieved on the @@ -258,7 +307,7 @@ func (c *Credentials) Expire() { c.m.Lock() defer c.m.Unlock() - c.forceRefresh = true + c.creds = Value{} } // IsExpired returns if the credentials are no longer valid, and need @@ -270,12 +319,30 @@ func (c *Credentials) IsExpired() bool { c.m.RLock() defer c.m.RUnlock() - return c.isExpired() + return c.isExpiredLocked(c.creds) } -// isExpired helper method wrapping the definition of expired credentials. -func (c *Credentials) isExpired() bool { - return c.forceRefresh || c.provider.IsExpired() +// asyncIsExpired returns a channel of credentials Value. If the channel is +// closed the credentials are expired and credentials value are not empty. +func (c *Credentials) asyncIsExpired() <-chan Value { + ch := make(chan Value, 1) + go func() { + c.m.RLock() + defer c.m.RUnlock() + + if curCreds := c.creds; !c.isExpiredLocked(curCreds) { + ch <- curCreds + } + + close(ch) + }() + + return ch +} + +// isExpiredLocked helper method wrapping the definition of expired credentials. +func (c *Credentials) isExpiredLocked(creds interface{}) bool { + return creds == nil || creds.(Value) == Value{} || c.provider.IsExpired() } // ExpiresAt provides access to the functionality of the Expirer interface of @@ -288,12 +355,29 @@ func (c *Credentials) ExpiresAt() (time.Time, error) { expirer, ok := c.provider.(Expirer) if !ok { return time.Time{}, awserr.New("ProviderNotExpirer", - fmt.Sprintf("provider %s does not support ExpiresAt()", c.creds.ProviderName), + fmt.Sprintf("provider %s does not support ExpiresAt()", + c.creds.ProviderName), nil) } - if c.forceRefresh { + if c.creds == (Value{}) { // set expiration time to the distant past return time.Time{}, nil } return expirer.ExpiresAt(), nil } + +type suppressedContext struct { + Context +} + +func (s *suppressedContext) Deadline() (deadline time.Time, ok bool) { + return time.Time{}, false +} + +func (s *suppressedContext) Done() <-chan struct{} { + return nil +} + +func (s *suppressedContext) Err() error { + return nil +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go index 43d4ed386ab8..92af5b7250a8 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go @@ -7,6 +7,7 @@ import ( "strings" "time" + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/credentials" @@ -87,7 +88,14 @@ func NewCredentialsWithClient(client *ec2metadata.EC2Metadata, options ...func(* // Error will be returned if the request fails, or unable to extract // the desired credentials. func (m *EC2RoleProvider) Retrieve() (credentials.Value, error) { - credsList, err := requestCredList(m.Client) + return m.RetrieveWithContext(aws.BackgroundContext()) +} + +// RetrieveWithContext retrieves credentials from the EC2 service. +// Error will be returned if the request fails, or unable to extract +// the desired credentials. +func (m *EC2RoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { + credsList, err := requestCredList(ctx, m.Client) if err != nil { return credentials.Value{ProviderName: ProviderName}, err } @@ -97,7 +105,7 @@ func (m *EC2RoleProvider) Retrieve() (credentials.Value, error) { } credsName := credsList[0] - roleCreds, err := requestCred(m.Client, credsName) + roleCreds, err := requestCred(ctx, m.Client, credsName) if err != nil { return credentials.Value{ProviderName: ProviderName}, err } @@ -130,8 +138,8 @@ const iamSecurityCredsPath = "iam/security-credentials/" // requestCredList requests a list of credentials from the EC2 service. // If there are no credentials, or there is an error making or receiving the request -func requestCredList(client *ec2metadata.EC2Metadata) ([]string, error) { - resp, err := client.GetMetadata(iamSecurityCredsPath) +func requestCredList(ctx aws.Context, client *ec2metadata.EC2Metadata) ([]string, error) { + resp, err := client.GetMetadataWithContext(ctx, iamSecurityCredsPath) if err != nil { return nil, awserr.New("EC2RoleRequestError", "no EC2 instance role found", err) } @@ -154,8 +162,8 @@ func requestCredList(client *ec2metadata.EC2Metadata) ([]string, error) { // // If the credentials cannot be found, or there is an error reading the response // and error will be returned. -func requestCred(client *ec2metadata.EC2Metadata, credsName string) (ec2RoleCredRespBody, error) { - resp, err := client.GetMetadata(sdkuri.PathJoin(iamSecurityCredsPath, credsName)) +func requestCred(ctx aws.Context, client *ec2metadata.EC2Metadata, credsName string) (ec2RoleCredRespBody, error) { + resp, err := client.GetMetadataWithContext(ctx, sdkuri.PathJoin(iamSecurityCredsPath, credsName)) if err != nil { return ec2RoleCredRespBody{}, awserr.New("EC2RoleRequestError", diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go index 1a7af53a4da1..785f30d8e6c3 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go @@ -116,7 +116,13 @@ func (p *Provider) IsExpired() bool { // Retrieve will attempt to request the credentials from the endpoint the Provider // was configured for. And error will be returned if the retrieval fails. func (p *Provider) Retrieve() (credentials.Value, error) { - resp, err := p.getCredentials() + return p.RetrieveWithContext(aws.BackgroundContext()) +} + +// RetrieveWithContext will attempt to request the credentials from the endpoint the Provider +// was configured for. And error will be returned if the retrieval fails. +func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { + resp, err := p.getCredentials(ctx) if err != nil { return credentials.Value{ProviderName: ProviderName}, awserr.New("CredentialsEndpointError", "failed to load credentials", err) @@ -148,7 +154,7 @@ type errorOutput struct { Message string `json:"message"` } -func (p *Provider) getCredentials() (*getCredentialsOutput, error) { +func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error) { op := &request.Operation{ Name: "GetCredentials", HTTPMethod: "GET", @@ -156,6 +162,7 @@ func (p *Provider) getCredentials() (*getCredentialsOutput, error) { out := &getCredentialsOutput{} req := p.Client.NewRequest(op, nil, out) + req.SetContext(ctx) req.HTTPRequest.Header.Set("Accept", "application/json") if authToken := p.AuthorizationToken; len(authToken) != 0 { req.HTTPRequest.Header.Set("Authorization", authToken) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go index e1551495812a..22b5c5d9f322 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go @@ -17,8 +17,9 @@ var ( ErrSharedCredentialsHomeNotFound = awserr.New("UserHomeNotFound", "user home directory not found.", nil) ) -// A SharedCredentialsProvider retrieves credentials from the current user's home -// directory, and keeps track if those credentials are expired. +// A SharedCredentialsProvider retrieves access key pair (access key ID, +// secret access key, and session token if present) credentials from the current +// user's home directory, and keeps track if those credentials are expired. // // Profile ini file example: $HOME/.aws/credentials type SharedCredentialsProvider struct { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go index 531139e3971a..cbba1e3d560c 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go @@ -19,7 +19,9 @@ type StaticProvider struct { } // NewStaticCredentials returns a pointer to a new Credentials object -// wrapping a static credentials value provider. +// wrapping a static credentials value provider. Token is only required +// for temporary security credentials retrieved via STS, otherwise an empty +// string can be passed for this parameter. func NewStaticCredentials(id, secret, token string) *Credentials { return NewCredentials(&StaticProvider{Value: Value{ AccessKeyID: id, diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go index 9f37f44bcfa3..6846ef6f8085 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go @@ -87,6 +87,7 @@ import ( "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/internal/sdkrand" "github.com/aws/aws-sdk-go/service/sts" ) @@ -118,6 +119,10 @@ type AssumeRoler interface { AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) } +type assumeRolerWithContext interface { + AssumeRoleWithContext(aws.Context, *sts.AssumeRoleInput, ...request.Option) (*sts.AssumeRoleOutput, error) +} + // DefaultDuration is the default amount of time in minutes that the credentials // will be valid for. var DefaultDuration = time.Duration(15) * time.Minute @@ -164,6 +169,29 @@ type AssumeRoleProvider struct { // size. Policy *string + // The ARNs of IAM managed policies you want to use as managed session policies. + // The policies must exist in the same account as the role. + // + // This parameter is optional. You can provide up to 10 managed policy ARNs. + // However, the plain text that you use for both inline and managed session + // policies can't exceed 2,048 characters. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. + // + // Passing policies to this operation returns new temporary credentials. The + // resulting session's permissions are the intersection of the role's identity-based + // policy and the session policies. You can use the role's temporary credentials + // in subsequent AWS API calls to access resources in the account that owns + // the role. You cannot use session policies to grant more permissions than + // those allowed by the identity-based policy of the role that is being assumed. + // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // in the IAM User Guide. + PolicyArns []*sts.PolicyDescriptorType + // The identification number of the MFA device that is associated with the user // who is making the AssumeRole call. Specify this value if the trust policy // of the role being assumed includes a condition that requires MFA authentication. @@ -265,6 +293,11 @@ func NewCredentialsWithClient(svc AssumeRoler, roleARN string, options ...func(* // Retrieve generates a new set of temporary credentials using STS. func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) { + return p.RetrieveWithContext(aws.BackgroundContext()) +} + +// RetrieveWithContext generates a new set of temporary credentials using STS. +func (p *AssumeRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { // Apply defaults where parameters are not set. if p.RoleSessionName == "" { // Try to work out a role name that will hopefully end up unique. @@ -281,6 +314,7 @@ func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) { RoleSessionName: aws.String(p.RoleSessionName), ExternalId: p.ExternalID, Tags: p.Tags, + PolicyArns: p.PolicyArns, TransitiveTagKeys: p.TransitiveTagKeys, } if p.Policy != nil { @@ -304,7 +338,15 @@ func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) { } } - roleOutput, err := p.Client.AssumeRole(input) + var roleOutput *sts.AssumeRoleOutput + var err error + + if c, ok := p.Client.(assumeRolerWithContext); ok { + roleOutput, err = c.AssumeRoleWithContext(ctx, input) + } else { + roleOutput, err = p.Client.AssumeRole(input) + } + if err != nil { return credentials.Value{ProviderName: ProviderName}, err } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go index b20b63394847..cefe2a76d4de 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go @@ -28,15 +28,46 @@ const ( // compare test values. var now = time.Now +// TokenFetcher shuold return WebIdentity token bytes or an error +type TokenFetcher interface { + FetchToken(credentials.Context) ([]byte, error) +} + +// FetchTokenPath is a path to a WebIdentity token file +type FetchTokenPath string + +// FetchToken returns a token by reading from the filesystem +func (f FetchTokenPath) FetchToken(ctx credentials.Context) ([]byte, error) { + data, err := ioutil.ReadFile(string(f)) + if err != nil { + errMsg := fmt.Sprintf("unable to read file at %s", f) + return nil, awserr.New(ErrCodeWebIdentity, errMsg, err) + } + return data, nil +} + // WebIdentityRoleProvider is used to retrieve credentials using // an OIDC token. type WebIdentityRoleProvider struct { credentials.Expiry + PolicyArns []*sts.PolicyDescriptorType + + // Duration the STS credentials will be valid for. Truncated to seconds. + // If unset, the assumed role will use AssumeRoleWithWebIdentity's default + // expiry duration. See + // https://docs.aws.amazon.com/sdk-for-go/api/service/sts/#STS.AssumeRoleWithWebIdentity + // for more information. + Duration time.Duration - client stsiface.STSAPI + // The amount of time the credentials will be refreshed before they expire. + // This is useful refresh credentials before they expire to reduce risk of + // using credentials as they expire. If unset, will default to no expiry + // window. ExpiryWindow time.Duration - tokenFilePath string + client stsiface.STSAPI + + tokenFetcher TokenFetcher roleARN string roleSessionName string } @@ -52,9 +83,15 @@ func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName // NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the // provided stsiface.STSAPI func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, path string) *WebIdentityRoleProvider { + return NewWebIdentityRoleProviderWithToken(svc, roleARN, roleSessionName, FetchTokenPath(path)) +} + +// NewWebIdentityRoleProviderWithToken will return a new WebIdentityRoleProvider with the +// provided stsiface.STSAPI and a TokenFetcher +func NewWebIdentityRoleProviderWithToken(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher) *WebIdentityRoleProvider { return &WebIdentityRoleProvider{ client: svc, - tokenFilePath: path, + tokenFetcher: tokenFetcher, roleARN: roleARN, roleSessionName: roleSessionName, } @@ -64,10 +101,16 @@ func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, p // 'WebIdentityTokenFilePath' specified destination and if that is empty an // error will be returned. func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) { - b, err := ioutil.ReadFile(p.tokenFilePath) + return p.RetrieveWithContext(aws.BackgroundContext()) +} + +// RetrieveWithContext will attempt to assume a role from a token which is located at +// 'WebIdentityTokenFilePath' specified destination and if that is empty an +// error will be returned. +func (p *WebIdentityRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { + b, err := p.tokenFetcher.FetchToken(ctx) if err != nil { - errMsg := fmt.Sprintf("unable to read file at %s", p.tokenFilePath) - return credentials.Value{}, awserr.New(ErrCodeWebIdentity, errMsg, err) + return credentials.Value{}, awserr.New(ErrCodeWebIdentity, "failed fetching WebIdentity token: ", err) } sessionName := p.roleSessionName @@ -76,11 +119,22 @@ func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) { // uses unix time in nanoseconds to uniquely identify sessions. sessionName = strconv.FormatInt(now().UnixNano(), 10) } + + var duration *int64 + if p.Duration != 0 { + duration = aws.Int64(int64(p.Duration / time.Second)) + } + req, resp := p.client.AssumeRoleWithWebIdentityRequest(&sts.AssumeRoleWithWebIdentityInput{ + PolicyArns: p.PolicyArns, RoleArn: &p.roleARN, RoleSessionName: &sessionName, WebIdentityToken: aws.String(string(b)), + DurationSeconds: duration, }) + + req.SetContext(ctx) + // InvalidIdentityToken error is a temporary error that can occur // when assuming an Role with a JWT web identity token. req.RetryErrorCodes = append(req.RetryErrorCodes, sts.ErrCodeInvalidIdentityTokenException) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go index 12897eef6265..69fa63dc08f3 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go @@ -8,6 +8,7 @@ import ( "strings" "time" + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/internal/sdkuri" @@ -15,15 +16,16 @@ import ( // getToken uses the duration to return a token for EC2 metadata service, // or an error if the request failed. -func (c *EC2Metadata) getToken(duration time.Duration) (tokenOutput, error) { +func (c *EC2Metadata) getToken(ctx aws.Context, duration time.Duration) (tokenOutput, error) { op := &request.Operation{ Name: "GetToken", HTTPMethod: "PUT", - HTTPPath: "/api/token", + HTTPPath: "/latest/api/token", } var output tokenOutput req := c.NewRequest(op, nil, &output) + req.SetContext(ctx) // remove the fetch token handler from the request handlers to avoid infinite recursion req.Handlers.Sign.RemoveByName(fetchTokenHandlerName) @@ -50,15 +52,24 @@ func (c *EC2Metadata) getToken(duration time.Duration) (tokenOutput, error) { // instance metadata service. The content will be returned as a string, or // error if the request failed. func (c *EC2Metadata) GetMetadata(p string) (string, error) { + return c.GetMetadataWithContext(aws.BackgroundContext(), p) +} + +// GetMetadataWithContext uses the path provided to request information from the EC2 +// instance metadata service. The content will be returned as a string, or +// error if the request failed. +func (c *EC2Metadata) GetMetadataWithContext(ctx aws.Context, p string) (string, error) { op := &request.Operation{ Name: "GetMetadata", HTTPMethod: "GET", - HTTPPath: sdkuri.PathJoin("/meta-data", p), + HTTPPath: sdkuri.PathJoin("/latest/meta-data", p), } output := &metadataOutput{} req := c.NewRequest(op, nil, output) + req.SetContext(ctx) + err := req.Send() return output.Content, err } @@ -67,14 +78,22 @@ func (c *EC2Metadata) GetMetadata(p string) (string, error) { // there is no user-data setup for the EC2 instance a "NotFoundError" error // code will be returned. func (c *EC2Metadata) GetUserData() (string, error) { + return c.GetUserDataWithContext(aws.BackgroundContext()) +} + +// GetUserDataWithContext returns the userdata that was configured for the service. If +// there is no user-data setup for the EC2 instance a "NotFoundError" error +// code will be returned. +func (c *EC2Metadata) GetUserDataWithContext(ctx aws.Context) (string, error) { op := &request.Operation{ Name: "GetUserData", HTTPMethod: "GET", - HTTPPath: "/user-data", + HTTPPath: "/latest/user-data", } output := &metadataOutput{} req := c.NewRequest(op, nil, output) + req.SetContext(ctx) err := req.Send() return output.Content, err @@ -84,14 +103,22 @@ func (c *EC2Metadata) GetUserData() (string, error) { // instance metadata service for dynamic data. The content will be returned // as a string, or error if the request failed. func (c *EC2Metadata) GetDynamicData(p string) (string, error) { + return c.GetDynamicDataWithContext(aws.BackgroundContext(), p) +} + +// GetDynamicDataWithContext uses the path provided to request information from the EC2 +// instance metadata service for dynamic data. The content will be returned +// as a string, or error if the request failed. +func (c *EC2Metadata) GetDynamicDataWithContext(ctx aws.Context, p string) (string, error) { op := &request.Operation{ Name: "GetDynamicData", HTTPMethod: "GET", - HTTPPath: sdkuri.PathJoin("/dynamic", p), + HTTPPath: sdkuri.PathJoin("/latest/dynamic", p), } output := &metadataOutput{} req := c.NewRequest(op, nil, output) + req.SetContext(ctx) err := req.Send() return output.Content, err @@ -101,7 +128,14 @@ func (c *EC2Metadata) GetDynamicData(p string) (string, error) { // instance. Error is returned if the request fails or is unable to parse // the response. func (c *EC2Metadata) GetInstanceIdentityDocument() (EC2InstanceIdentityDocument, error) { - resp, err := c.GetDynamicData("instance-identity/document") + return c.GetInstanceIdentityDocumentWithContext(aws.BackgroundContext()) +} + +// GetInstanceIdentityDocumentWithContext retrieves an identity document describing an +// instance. Error is returned if the request fails or is unable to parse +// the response. +func (c *EC2Metadata) GetInstanceIdentityDocumentWithContext(ctx aws.Context) (EC2InstanceIdentityDocument, error) { + resp, err := c.GetDynamicDataWithContext(ctx, "instance-identity/document") if err != nil { return EC2InstanceIdentityDocument{}, awserr.New("EC2MetadataRequestError", @@ -120,7 +154,12 @@ func (c *EC2Metadata) GetInstanceIdentityDocument() (EC2InstanceIdentityDocument // IAMInfo retrieves IAM info from the metadata API func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) { - resp, err := c.GetMetadata("iam/info") + return c.IAMInfoWithContext(aws.BackgroundContext()) +} + +// IAMInfoWithContext retrieves IAM info from the metadata API +func (c *EC2Metadata) IAMInfoWithContext(ctx aws.Context) (EC2IAMInfo, error) { + resp, err := c.GetMetadataWithContext(ctx, "iam/info") if err != nil { return EC2IAMInfo{}, awserr.New("EC2MetadataRequestError", @@ -145,7 +184,12 @@ func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) { // Region returns the region the instance is running in. func (c *EC2Metadata) Region() (string, error) { - ec2InstanceIdentityDocument, err := c.GetInstanceIdentityDocument() + return c.RegionWithContext(aws.BackgroundContext()) +} + +// RegionWithContext returns the region the instance is running in. +func (c *EC2Metadata) RegionWithContext(ctx aws.Context) (string, error) { + ec2InstanceIdentityDocument, err := c.GetInstanceIdentityDocumentWithContext(ctx) if err != nil { return "", err } @@ -162,7 +206,14 @@ func (c *EC2Metadata) Region() (string, error) { // Can be used to determine if application is running within an EC2 Instance and // the metadata service is available. func (c *EC2Metadata) Available() bool { - if _, err := c.GetMetadata("instance-id"); err != nil { + return c.AvailableWithContext(aws.BackgroundContext()) +} + +// AvailableWithContext returns if the application has access to the EC2 Metadata service. +// Can be used to determine if application is running within an EC2 Instance and +// the metadata service is available. +func (c *EC2Metadata) AvailableWithContext(ctx aws.Context) bool { + if _, err := c.GetMetadataWithContext(ctx, "instance-id"); err != nil { return false } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go index b8b2940d7446..8f35b3464ba1 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go @@ -5,6 +5,10 @@ // variable "AWS_EC2_METADATA_DISABLED=true". This environment variable set to // true instructs the SDK to disable the EC2 Metadata client. The client cannot // be used while the environment variable is set to true, (case insensitive). +// +// The endpoint of the EC2 IMDS client can be configured via the environment +// variable, AWS_EC2_METADATA_SERVICE_ENDPOINT when creating the client with a +// Session. See aws/session#Options.EC2IMDSEndpoint for more details. package ec2metadata import ( @@ -12,6 +16,7 @@ import ( "errors" "io" "net/http" + "net/url" "os" "strconv" "strings" @@ -41,7 +46,7 @@ const ( enableTokenProviderHandlerName = "enableTokenProviderHandler" // TTL constants - defaultTTL = 21600 * time.Second + defaultTTL = 21600 * time.Second ttlExpirationWindow = 30 * time.Second ) @@ -69,6 +74,9 @@ func New(p client.ConfigProvider, cfgs ...*aws.Config) *EC2Metadata { // a client when not using a session. Generally using just New with a session // is preferred. // +// Will remove the URL path from the endpoint provided to ensure the EC2 IMDS +// client is able to communicate with the EC2 IMDS API. +// // If an unmodified HTTP client is provided from the stdlib default, or no client // the EC2RoleProvider's EC2Metadata HTTP client's timeout will be shortened. // To disable this set Config.EC2MetadataDisableTimeoutOverride to false. Enabled by default. @@ -86,6 +94,15 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio cfg.MaxRetries = aws.Int(2) } + if u, err := url.Parse(endpoint); err == nil { + // Remove path from the endpoint since it will be added by requests. + // This is an artifact of the SDK adding `/latest` to the endpoint for + // EC2 IMDS, but this is now moved to the operation definition. + u.Path = "" + u.RawPath = "" + endpoint = u.String() + } + svc := &EC2Metadata{ Client: client.New( cfg, diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go index 663372a9154e..4b29f190bf94 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go @@ -46,7 +46,7 @@ func (t *tokenProvider) fetchTokenHandler(r *request.Request) { return } - output, err := t.client.getToken(t.configuredTTL) + output, err := t.client.getToken(r.Context(), t.configuredTTL) if err != nil { @@ -87,6 +87,7 @@ func (t *tokenProvider) enableTokenProviderHandler(r *request.Request) { // If the error code status is 401, we enable the token provider if e, ok := r.Error.(awserr.RequestFailure); ok && e != nil && e.StatusCode() == http.StatusUnauthorized { + t.token.Store(ec2Token{}) atomic.StoreUint32(&t.disabled, 0) } } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go index 343a2106f81a..654fb1ad52d0 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go @@ -93,7 +93,7 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol } func custAddS3DualStack(p *partition) { - if p.ID != "aws" { + if !(p.ID == "aws" || p.ID == "aws-cn" || p.ID == "aws-us-gov") { return } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 03f035702046..c303910847cd 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -17,6 +17,7 @@ const ( // AWS Standard partition's regions. const ( + AfSouth1RegionID = "af-south-1" // Africa (Cape Town). ApEast1RegionID = "ap-east-1" // Asia Pacific (Hong Kong). ApNortheast1RegionID = "ap-northeast-1" // Asia Pacific (Tokyo). ApNortheast2RegionID = "ap-northeast-2" // Asia Pacific (Seoul). @@ -24,11 +25,12 @@ const ( ApSoutheast1RegionID = "ap-southeast-1" // Asia Pacific (Singapore). ApSoutheast2RegionID = "ap-southeast-2" // Asia Pacific (Sydney). CaCentral1RegionID = "ca-central-1" // Canada (Central). - EuCentral1RegionID = "eu-central-1" // EU (Frankfurt). - EuNorth1RegionID = "eu-north-1" // EU (Stockholm). - EuWest1RegionID = "eu-west-1" // EU (Ireland). - EuWest2RegionID = "eu-west-2" // EU (London). - EuWest3RegionID = "eu-west-3" // EU (Paris). + EuCentral1RegionID = "eu-central-1" // Europe (Frankfurt). + EuNorth1RegionID = "eu-north-1" // Europe (Stockholm). + EuSouth1RegionID = "eu-south-1" // Europe (Milan). + EuWest1RegionID = "eu-west-1" // Europe (Ireland). + EuWest2RegionID = "eu-west-2" // Europe (London). + EuWest3RegionID = "eu-west-3" // Europe (Paris). MeSouth1RegionID = "me-south-1" // Middle East (Bahrain). SaEast1RegionID = "sa-east-1" // South America (Sao Paulo). UsEast1RegionID = "us-east-1" // US East (N. Virginia). @@ -46,7 +48,7 @@ const ( // AWS GovCloud (US) partition's regions. const ( UsGovEast1RegionID = "us-gov-east-1" // AWS GovCloud (US-East). - UsGovWest1RegionID = "us-gov-west-1" // AWS GovCloud (US). + UsGovWest1RegionID = "us-gov-west-1" // AWS GovCloud (US-West). ) // AWS ISO (US) partition's regions. @@ -97,7 +99,7 @@ var awsPartition = partition{ DNSSuffix: "amazonaws.com", RegionRegex: regionRegex{ Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me)\\-\\w+\\-\\d+$") + reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me|af)\\-\\w+\\-\\d+$") return reg }(), }, @@ -107,6 +109,9 @@ var awsPartition = partition{ SignatureVersions: []string{"v4"}, }, Regions: regions{ + "af-south-1": region{ + Description: "Africa (Cape Town)", + }, "ap-east-1": region{ Description: "Asia Pacific (Hong Kong)", }, @@ -129,19 +134,22 @@ var awsPartition = partition{ Description: "Canada (Central)", }, "eu-central-1": region{ - Description: "EU (Frankfurt)", + Description: "Europe (Frankfurt)", }, "eu-north-1": region{ - Description: "EU (Stockholm)", + Description: "Europe (Stockholm)", + }, + "eu-south-1": region{ + Description: "Europe (Milan)", }, "eu-west-1": region{ - Description: "EU (Ireland)", + Description: "Europe (Ireland)", }, "eu-west-2": region{ - Description: "EU (London)", + Description: "Europe (London)", }, "eu-west-3": region{ - Description: "EU (Paris)", + Description: "Europe (Paris)", }, "me-south-1": region{ Description: "Middle East (Bahrain)", @@ -169,9 +177,65 @@ var awsPartition = partition{ "us-east-1": endpoint{}, }, }, + "access-analyzer": service{ + + Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "access-analyzer-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "access-analyzer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "access-analyzer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "access-analyzer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "access-analyzer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "acm": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -187,6 +251,7 @@ var awsPartition = partition{ }, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -227,6 +292,7 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -236,6 +302,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -277,9 +344,42 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "api.detective": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "api.ecr": service{ Endpoints: endpoints{ + "af-south-1": endpoint{ + Hostname: "api.ecr.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, "ap-east-1": endpoint{ Hostname: "api.ecr.ap-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -334,6 +434,12 @@ var awsPartition = partition{ Region: "eu-north-1", }, }, + "eu-south-1": endpoint{ + Hostname: "api.ecr.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, "eu-west-1": endpoint{ Hostname: "api.ecr.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ @@ -352,6 +458,54 @@ var awsPartition = partition{ Region: "eu-west-3", }, }, + "fips-dkr-us-east-1": endpoint{ + Hostname: "ecr-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-dkr-us-east-2": endpoint{ + Hostname: "ecr-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-dkr-us-west-1": endpoint{ + Hostname: "ecr-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-dkr-us-west-2": endpoint{ + Hostname: "ecr-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "ecr-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "ecr-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "ecr-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "ecr-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, "me-south-1": endpoint{ Hostname: "api.ecr.me-south-1.amazonaws.com", CredentialScope: credentialScope{ @@ -390,6 +544,29 @@ var awsPartition = partition{ }, }, }, + "api.elastic-inference": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{ + Hostname: "api.elastic-inference.ap-northeast-1.amazonaws.com", + }, + "ap-northeast-2": endpoint{ + Hostname: "api.elastic-inference.ap-northeast-2.amazonaws.com", + }, + "eu-west-1": endpoint{ + Hostname: "api.elastic-inference.eu-west-1.amazonaws.com", + }, + "us-east-1": endpoint{ + Hostname: "api.elastic-inference.us-east-1.amazonaws.com", + }, + "us-east-2": endpoint{ + Hostname: "api.elastic-inference.us-east-2.amazonaws.com", + }, + "us-west-2": endpoint{ + Hostname: "api.elastic-inference.us-west-2.amazonaws.com", + }, + }, + }, "api.mediatailor": service{ Endpoints: endpoints{ @@ -416,6 +593,7 @@ var awsPartition = partition{ "api.sagemaker": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -425,6 +603,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -463,6 +642,7 @@ var awsPartition = partition{ "apigateway": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -472,6 +652,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -483,11 +664,32 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "appflow": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "application-autoscaling": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -497,6 +699,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -511,6 +714,7 @@ var awsPartition = partition{ "appmesh": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -518,9 +722,13 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -537,6 +745,7 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, @@ -559,11 +768,17 @@ var awsPartition = partition{ "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -579,6 +794,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -595,6 +811,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -604,6 +821,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -620,6 +838,8 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -627,8 +847,13 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -638,6 +863,7 @@ var awsPartition = partition{ "backup": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -647,6 +873,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -670,15 +897,40 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "fips.batch.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "fips.batch.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "fips.batch.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "fips.batch.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "budgets": service{ @@ -727,6 +979,7 @@ var awsPartition = partition{ "cloud9": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -735,10 +988,15 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -759,6 +1017,7 @@ var awsPartition = partition{ "cloudformation": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -768,15 +1027,40 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "cloudformation-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "cloudformation-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "cloudformation-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "cloudformation-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "cloudfront": service{ @@ -815,6 +1099,7 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -824,6 +1109,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -853,6 +1139,7 @@ var awsPartition = partition{ "cloudtrail": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -862,37 +1149,78 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "codebuild": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "codebuild-fips.us-east-1.amazonaws.com", + "fips-us-east-1": endpoint{ + Hostname: "cloudtrail-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "cloudtrail-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "cloudtrail-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "cloudtrail-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "codeartifact": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "codebuild": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "codebuild-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, @@ -932,6 +1260,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -952,6 +1281,7 @@ var awsPartition = partition{ "codedeploy": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -961,6 +1291,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -1010,24 +1341,76 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "codepipeline-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "codepipeline-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "codepipeline-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "codepipeline-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "codepipeline-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "codestar": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, - "codestar": service{ + "codestar-connections": service{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1046,9 +1429,27 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "cognito-identity-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "cognito-identity-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "cognito-identity-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, }, }, "cognito-idp": service{ @@ -1063,9 +1464,27 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "cognito-idp-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "cognito-idp-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "cognito-idp-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, }, }, "cognito-sync": service{ @@ -1089,15 +1508,36 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "comprehend-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "comprehend-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "comprehend-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, }, }, "comprehendmedical": service{ @@ -1107,9 +1547,27 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "comprehendmedical-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "comprehendmedical-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "comprehendmedical-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, }, }, "config": service{ @@ -1162,6 +1620,7 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-west-2": endpoint{}, }, @@ -1195,6 +1654,7 @@ var awsPartition = partition{ "datasync": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1204,9 +1664,16 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "datasync-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, "fips-us-east-1": endpoint{ Hostname: "datasync-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1266,6 +1733,7 @@ var awsPartition = partition{ "directconnect": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1275,27 +1743,58 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "directconnect-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "directconnect-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "directconnect-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "directconnect-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "discovery": service{ Endpoints: endpoints{ - "eu-central-1": endpoint{}, - "us-west-2": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "dms": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1303,17 +1802,24 @@ var awsPartition = partition{ "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "dms-fips": endpoint{ + Hostname: "dms-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "docdb": service{ @@ -1402,6 +1908,7 @@ var awsPartition = partition{ "ds": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1411,14 +1918,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "ds-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "ds-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "ds-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "ds-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "ds-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "dynamodb": service{ @@ -1426,6 +1965,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1441,6 +1981,7 @@ var awsPartition = partition{ }, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -1483,11 +2024,67 @@ var awsPartition = partition{ }, }, }, + "ebs": service{ + + Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "ebs-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "ebs-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "ebs-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "ebs-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "ebs-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "ec2": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1497,15 +2094,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "ec2-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "ec2-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "ec2-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "ec2-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "ec2-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "ec2metadata": service{ @@ -1522,6 +2150,7 @@ var awsPartition = partition{ "ecs": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1531,20 +2160,48 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "ecs-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "ecs-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "ecs-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "ecs-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, - "elasticache": service{ - + "eks": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1554,15 +2211,34 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "fips": endpoint{ - Hostname: "elasticache-fips.us-west-1.amazonaws.com", + "fips-us-east-1": endpoint{ + Hostname: "fips.eks.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "fips.eks.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "fips.eks.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, }, + "fips-us-west-2": endpoint{ + Hostname: "fips.eks.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, @@ -1571,9 +2247,10 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, - "elasticbeanstalk": service{ + "elasticache": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1583,20 +2260,28 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips": endpoint{ + Hostname: "elasticache-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, - "elasticfilesystem": service{ + "elasticbeanstalk": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1606,22 +2291,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "elasticbeanstalk-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "elasticbeanstalk-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "elasticbeanstalk-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "elasticbeanstalk-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, - "elasticloadbalancing": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, + "elasticfilesystem": service{ + Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1631,16 +2340,188 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, + "fips-af-south-1": endpoint{ + Hostname: "elasticfilesystem-fips.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + "fips-ap-east-1": endpoint{ + Hostname: "elasticfilesystem-fips.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + "fips-ap-northeast-1": endpoint{ + Hostname: "elasticfilesystem-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "fips-ap-northeast-2": endpoint{ + Hostname: "elasticfilesystem-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "fips-ap-south-1": endpoint{ + Hostname: "elasticfilesystem-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + "fips-ap-southeast-1": endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "fips-ap-southeast-2": endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "fips-ca-central-1": endpoint{ + Hostname: "elasticfilesystem-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-eu-central-1": endpoint{ + Hostname: "elasticfilesystem-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "fips-eu-north-1": endpoint{ + Hostname: "elasticfilesystem-fips.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + "fips-eu-south-1": endpoint{ + Hostname: "elasticfilesystem-fips.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + "fips-eu-west-1": endpoint{ + Hostname: "elasticfilesystem-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "fips-eu-west-2": endpoint{ + Hostname: "elasticfilesystem-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "fips-eu-west-3": endpoint{ + Hostname: "elasticfilesystem-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + "fips-me-south-1": endpoint{ + Hostname: "elasticfilesystem-fips.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + "fips-sa-east-1": endpoint{ + Hostname: "elasticfilesystem-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "elasticfilesystem-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "elasticfilesystem-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "elasticfilesystem-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "elasticfilesystem-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "elasticloadbalancing": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "elasticloadbalancing-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "elasticloadbalancing-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "elasticloadbalancing-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "elasticloadbalancing-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, }, "elasticmapreduce": service{ Defaults: endpoint{ @@ -1648,6 +2529,7 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1659,9 +2541,40 @@ var awsPartition = partition{ SSLCommonName: "{service}.{region}.{dnsSuffix}", }, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "elasticmapreduce-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "elasticmapreduce-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "elasticmapreduce-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "elasticmapreduce-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "elasticmapreduce-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{ @@ -1709,6 +2622,7 @@ var awsPartition = partition{ "es": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1718,6 +2632,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -1738,6 +2653,7 @@ var awsPartition = partition{ "events": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1747,20 +2663,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "events-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "events-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "events-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "events-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "firehose": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1770,15 +2712,40 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "firehose-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "firehose-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "firehose-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "firehose-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "fms": service{ @@ -1786,6 +2753,8 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1794,21 +2763,117 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ap-northeast-1": endpoint{ + Hostname: "fms-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "fips-ap-northeast-2": endpoint{ + Hostname: "fms-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "fips-ap-south-1": endpoint{ + Hostname: "fms-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + "fips-ap-southeast-1": endpoint{ + Hostname: "fms-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "fips-ap-southeast-2": endpoint{ + Hostname: "fms-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "fips-ca-central-1": endpoint{ + Hostname: "fms-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-eu-central-1": endpoint{ + Hostname: "fms-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "fips-eu-west-1": endpoint{ + Hostname: "fms-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "fips-eu-west-2": endpoint{ + Hostname: "fms-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "fips-eu-west-3": endpoint{ + Hostname: "fms-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + "fips-sa-east-1": endpoint{ + Hostname: "fms-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "fms-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "fms-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "fms-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "fms-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "forecast": service{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1819,7 +2884,11 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1829,13 +2898,19 @@ var awsPartition = partition{ "fsx": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1866,6 +2941,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1874,16 +2950,47 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "glacier-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "glacier-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "glacier-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "glacier-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "glacier-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "glue": service{ @@ -1898,15 +3005,40 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "glue-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "glue-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "glue-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "glue-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "greengrass": service{ @@ -1931,7 +3063,22 @@ var awsPartition = partition{ "groundstation": service{ Endpoints: endpoints{ - "eu-north-1": endpoint{}, + "af-south-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "fips-us-east-2": endpoint{ + Hostname: "groundstation-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "groundstation-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, "me-south-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -1943,6 +3090,7 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1952,6 +3100,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -1990,7 +3139,18 @@ var awsPartition = partition{ "health": service{ Endpoints: endpoints{ - "us-east-1": endpoint{}, + "fips-us-east-2": endpoint{ + Hostname: "health-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + }, + }, + "honeycode": service{ + + Endpoints: endpoints{ + "us-west-2": endpoint{}, }, }, "iam": service{ @@ -2004,6 +3164,30 @@ var awsPartition = partition{ Region: "us-east-1", }, }, + "iam-fips": endpoint{ + Hostname: "iam-fips.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, + "identitystore": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, }, }, "importexport": service{ @@ -2032,10 +3216,34 @@ var awsPartition = partition{ "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "inspector-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "inspector-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "inspector-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "inspector-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "iot": service{ @@ -2069,6 +3277,7 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, @@ -2159,6 +3368,7 @@ var awsPartition = partition{ "iotsecuredtunneling": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2170,6 +3380,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2204,9 +3415,11 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2217,6 +3430,7 @@ var awsPartition = partition{ "kinesis": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -2226,20 +3440,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "kinesis-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "kinesis-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "kinesis-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "kinesis-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "kinesisanalytics": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2248,12 +3488,15 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2280,6 +3523,7 @@ var awsPartition = partition{ "kms": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -2289,6 +3533,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2300,9 +3545,106 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, - "lakeformation": service{ + "lakeformation": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "lakeformation-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "lakeformation-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "lakeformation-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "lakeformation-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "lambda": service{ + + Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "lambda-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "lambda-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "lambda-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "lambda-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "license-manager": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2310,18 +3652,46 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "license-manager-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "license-manager-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "license-manager-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "license-manager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, - "lambda": service{ + "lightsail": service{ Endpoints: endpoints{ - "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2329,21 +3699,18 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, - "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, - "license-manager": service{ + "logs": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -2353,36 +3720,69 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "logs-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "logs-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "logs-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "logs-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, - "lightsail": service{ + "machinelearning": service{ Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, }, }, - "logs": service{ + "macie": service{ + + Endpoints: endpoints{ + "fips-us-east-1": endpoint{ + Hostname: "macie-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "macie-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "macie2": service{ Endpoints: endpoints{ "ap-east-1": endpoint{}, @@ -2397,19 +3797,46 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "macie2-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "macie2-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "macie2-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "macie2-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, - "machinelearning": service{ + "managedblockchain": service{ Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, }, }, "marketplacecommerceanalytics": service{ @@ -2421,6 +3848,7 @@ var awsPartition = partition{ "mediaconnect": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2448,14 +3876,45 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "mediaconvert-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "mediaconvert-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "mediaconvert-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "mediaconvert-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "mediaconvert-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "medialive": service{ @@ -2471,10 +3930,28 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "medialive-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "medialive-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "medialive-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, }, }, "mediapackage": service{ @@ -2486,6 +3963,7 @@ var awsPartition = partition{ "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2504,6 +3982,7 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-west-2": endpoint{}, }, @@ -2515,6 +3994,7 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -2524,6 +4004,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2538,8 +4019,13 @@ var awsPartition = partition{ "mgh": service{ Endpoints: endpoints{ - "eu-central-1": endpoint{}, - "us-west-2": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "mobileanalytics": service{ @@ -2555,8 +4041,12 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-west-2": endpoint{}, }, @@ -2566,6 +4056,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -2575,20 +4066,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "monitoring-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "monitoring-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "monitoring-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "monitoring-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "mq": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2597,6 +4114,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2624,11 +4142,12 @@ var awsPartition = partition{ Region: "us-west-2", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "mturk-requester": service{ @@ -2644,6 +4163,12 @@ var awsPartition = partition{ "neptune": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{ + Hostname: "rds.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, "ap-northeast-1": endpoint{ Hostname: "rds.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2704,12 +4229,24 @@ var awsPartition = partition{ Region: "eu-west-2", }, }, + "eu-west-3": endpoint{ + Hostname: "rds.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, "me-south-1": endpoint{ Hostname: "rds.me-south-1.amazonaws.com", CredentialScope: credentialScope{ Region: "me-south-1", }, }, + "sa-east-1": endpoint{ + Hostname: "rds.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, "us-east-1": endpoint{ Hostname: "rds.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2722,6 +4259,12 @@ var awsPartition = partition{ Region: "us-east-2", }, }, + "us-west-1": endpoint{ + Hostname: "rds.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, "us-west-2": endpoint{ Hostname: "rds.us-west-2.amazonaws.com", CredentialScope: credentialScope{ @@ -2733,6 +4276,24 @@ var awsPartition = partition{ "oidc": service{ Endpoints: endpoints{ + "ap-northeast-1": endpoint{ + Hostname: "oidc.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "ap-northeast-2": endpoint{ + Hostname: "oidc.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "ap-south-1": endpoint{ + Hostname: "oidc.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, "ap-southeast-1": endpoint{ Hostname: "oidc.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2757,6 +4318,12 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + "eu-north-1": endpoint{ + Hostname: "oidc.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, "eu-west-1": endpoint{ Hostname: "oidc.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2834,20 +4401,67 @@ var awsPartition = partition{ Region: "us-east-1", }, }, + "fips-aws-global": endpoint{ + Hostname: "organizations-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, }, }, "outposts": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "outposts-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "outposts-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "outposts-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "outposts-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "outposts-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "pinpoint": service{ @@ -2857,10 +4471,15 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "fips-us-east-1": endpoint{ Hostname: "pinpoint-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2890,6 +4509,7 @@ var awsPartition = partition{ "polly": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2901,11 +4521,36 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "polly-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "polly-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "polly-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "polly-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "portal.sso": service{ @@ -2996,6 +4641,7 @@ var awsPartition = partition{ "ram": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3005,6 +4651,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -3019,6 +4666,7 @@ var awsPartition = partition{ "rds": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3028,11 +4676,42 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, + "rds-fips.ca-central-1": endpoint{ + Hostname: "rds-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "rds-fips.us-east-1": endpoint{ + Hostname: "rds-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "rds-fips.us-east-2": endpoint{ + Hostname: "rds-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "rds-fips.us-west-1": endpoint{ + Hostname: "rds-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "rds-fips.us-west-2": endpoint{ + Hostname: "rds-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, "us-east-1": endpoint{ SSLCommonName: "{service}.{dnsSuffix}", }, @@ -3044,6 +4723,7 @@ var awsPartition = partition{ "redshift": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3053,15 +4733,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "redshift-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "redshift-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "redshift-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "redshift-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "redshift-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "rekognition": service{ @@ -3072,18 +4783,50 @@ var awsPartition = partition{ "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "rekognition-fips.ca-central-1": endpoint{ + Hostname: "rekognition-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "rekognition-fips.us-east-1": endpoint{ + Hostname: "rekognition-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "rekognition-fips.us-east-2": endpoint{ + Hostname: "rekognition-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "rekognition-fips.us-west-1": endpoint{ + Hostname: "rekognition-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "rekognition-fips.us-west-2": endpoint{ + Hostname: "rekognition-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "resource-groups": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3093,6 +4836,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -3151,6 +4895,12 @@ var awsPartition = partition{ Region: "us-east-1", }, }, + "fips-aws-global": endpoint{ + Hostname: "route53-fips.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, }, }, "route53domains": service{ @@ -3164,6 +4914,7 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3173,9 +4924,12 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -3189,8 +4943,12 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-west-2": endpoint{}, }, @@ -3198,6 +4956,7 @@ var awsPartition = partition{ "runtime.sagemaker": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3207,6 +4966,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -3253,7 +5013,8 @@ var awsPartition = partition{ DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", }, Endpoints: endpoints{ - "ap-east-1": endpoint{}, + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{ Hostname: "s3.ap-northeast-1.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, @@ -3278,6 +5039,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{ Hostname: "s3.eu-west-1.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, @@ -3362,6 +5124,13 @@ var awsPartition = partition{ Region: "ca-central-1", }, }, + "ca-central-1-fips": endpoint{ + Hostname: "s3-control-fips.ca-central-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, "eu-central-1": endpoint{ Hostname: "s3-control.eu-central-1.amazonaws.com", SignatureVersions: []string{"s3v4"}, @@ -3478,10 +5247,22 @@ var awsPartition = partition{ "schemas": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -3506,6 +5287,7 @@ var awsPartition = partition{ "secretsmanager": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3515,6 +5297,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -3553,6 +5336,7 @@ var awsPartition = partition{ "securityhub": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3562,15 +5346,40 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "securityhub-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "securityhub-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "securityhub-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "securityhub-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "serverlessrepo": service{ @@ -3637,6 +5446,8 @@ var awsPartition = partition{ "servicecatalog": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -3645,9 +5456,11 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ @@ -3696,6 +5509,39 @@ var awsPartition = partition{ "eu-west-3": endpoint{}, "me-south-1": endpoint{}, "sa-east-1": endpoint{}, + "servicediscovery-fips": endpoint{ + Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "servicequotas": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "af-south-1": endpoint{}, + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -3717,18 +5563,31 @@ var awsPartition = partition{ }, }, "shield": service{ - IsRegionalized: boxedFalse, + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, Defaults: endpoint{ SSLCommonName: "shield.us-east-1.amazonaws.com", Protocols: []string{"https"}, }, Endpoints: endpoints{ - "us-east-1": endpoint{}, + "aws-global": endpoint{ + Hostname: "shield.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-aws-global": endpoint{ + Hostname: "shield-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, }, }, "sms": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3738,20 +5597,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "sms-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "sms-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "sms-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "sms-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "snowball": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -3759,14 +5644,112 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ap-northeast-1": endpoint{ + Hostname: "snowball-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "fips-ap-northeast-2": endpoint{ + Hostname: "snowball-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "fips-ap-northeast-3": endpoint{ + Hostname: "snowball-fips.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + "fips-ap-south-1": endpoint{ + Hostname: "snowball-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + "fips-ap-southeast-1": endpoint{ + Hostname: "snowball-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "fips-ap-southeast-2": endpoint{ + Hostname: "snowball-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "fips-ca-central-1": endpoint{ + Hostname: "snowball-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-eu-central-1": endpoint{ + Hostname: "snowball-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "fips-eu-west-1": endpoint{ + Hostname: "snowball-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "fips-eu-west-2": endpoint{ + Hostname: "snowball-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "fips-eu-west-3": endpoint{ + Hostname: "snowball-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + "fips-sa-east-1": endpoint{ + Hostname: "snowball-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "snowball-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "snowball-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "snowball-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "snowball-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "sns": service{ @@ -3774,6 +5757,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3783,15 +5767,40 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "sns-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "sns-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "sns-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "sns-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "sqs": service{ @@ -3800,6 +5809,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3809,6 +5819,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -3849,6 +5860,7 @@ var awsPartition = partition{ "ssm": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3858,20 +5870,52 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "ssm-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "ssm-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "ssm-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "ssm-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "ssm-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "states": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3881,20 +5925,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "states-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "states-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "states-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "states-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "storagegateway": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3904,15 +5974,22 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips": endpoint{ + Hostname: "storagegateway-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "streams.dynamodb": service{ @@ -3983,6 +6060,7 @@ var awsPartition = partition{ PartitionEndpoint: "aws-global", Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3998,6 +6076,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -4048,6 +6127,7 @@ var awsPartition = partition{ "swf": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -4057,20 +6137,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "swf-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "swf-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "swf-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "swf-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "tagging": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -4080,6 +6186,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -4107,12 +6214,36 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "fips.transcribe.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "fips.transcribe.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "fips.transcribe.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "fips.transcribe.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "transcribestreaming": service{ @@ -4120,7 +6251,9 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -4140,11 +6273,41 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "transfer-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "transfer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "transfer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "transfer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "transfer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "translate": service{ @@ -4171,55 +6334,285 @@ var awsPartition = partition{ Region: "us-east-1", }, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "translate-fips.us-east-2.amazonaws.com", + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "translate-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "translate-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "waf": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-fips": endpoint{ + Hostname: "waf-fips.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "aws-global": endpoint{ + Hostname: "waf.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, + "waf-regional": service{ + + Endpoints: endpoints{ + "af-south-1": endpoint{ + Hostname: "waf-regional.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + "ap-east-1": endpoint{ + Hostname: "waf-regional.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + "ap-northeast-1": endpoint{ + Hostname: "waf-regional.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "ap-northeast-2": endpoint{ + Hostname: "waf-regional.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "ap-south-1": endpoint{ + Hostname: "waf-regional.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + "ap-southeast-1": endpoint{ + Hostname: "waf-regional.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "ap-southeast-2": endpoint{ + Hostname: "waf-regional.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "ca-central-1": endpoint{ + Hostname: "waf-regional.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{ + Hostname: "waf-regional.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "eu-north-1": endpoint{ + Hostname: "waf-regional.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + "eu-south-1": endpoint{ + Hostname: "waf-regional.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + "eu-west-1": endpoint{ + Hostname: "waf-regional.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "eu-west-2": endpoint{ + Hostname: "waf-regional.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "eu-west-3": endpoint{ + Hostname: "waf-regional.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + "fips-af-south-1": endpoint{ + Hostname: "waf-regional-fips.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + "fips-ap-east-1": endpoint{ + Hostname: "waf-regional-fips.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + "fips-ap-northeast-1": endpoint{ + Hostname: "waf-regional-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "fips-ap-northeast-2": endpoint{ + Hostname: "waf-regional-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "fips-ap-south-1": endpoint{ + Hostname: "waf-regional-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + "fips-ap-southeast-1": endpoint{ + Hostname: "waf-regional-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "fips-ap-southeast-2": endpoint{ + Hostname: "waf-regional-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "fips-ca-central-1": endpoint{ + Hostname: "waf-regional-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-eu-central-1": endpoint{ + Hostname: "waf-regional-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "fips-eu-north-1": endpoint{ + Hostname: "waf-regional-fips.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + "fips-eu-south-1": endpoint{ + Hostname: "waf-regional-fips.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + "fips-eu-west-1": endpoint{ + Hostname: "waf-regional-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "fips-eu-west-2": endpoint{ + Hostname: "waf-regional-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "fips-eu-west-3": endpoint{ + Hostname: "waf-regional-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + "fips-me-south-1": endpoint{ + Hostname: "waf-regional-fips.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + "fips-sa-east-1": endpoint{ + Hostname: "waf-regional-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "waf-regional-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "waf-regional-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, }, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "translate-fips.us-west-2.amazonaws.com", + "fips-us-west-1": endpoint{ + Hostname: "waf-regional-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "waf-regional-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, }, - }, - }, - "waf": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "waf.amazonaws.com", + "me-south-1": endpoint{ + Hostname: "waf-regional.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + "sa-east-1": endpoint{ + Hostname: "waf-regional.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + "us-east-1": endpoint{ + Hostname: "waf-regional.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - }, - }, - "waf-regional": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-2": endpoint{ + Hostname: "waf-regional.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{ + Hostname: "waf-regional.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{ + Hostname: "waf-regional.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "workdocs": service{ @@ -4229,8 +6622,20 @@ var awsPartition = partition{ "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "workdocs-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "workdocs-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "workmail": service{ @@ -4254,14 +6659,27 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "workspaces-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "workspaces-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "xray": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -4271,6 +6689,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -4314,6 +6733,20 @@ var awscnPartition = partition{ }, }, Services: services{ + "access-analyzer": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, + "acm": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "api.ecr": service{ Endpoints: endpoints{ @@ -4331,6 +6764,13 @@ var awscnPartition = partition{ }, }, }, + "api.sagemaker": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "apigateway": service{ Endpoints: endpoints{ @@ -4347,6 +6787,19 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "appsync": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + }, + }, + "athena": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "autoscaling": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -4356,6 +6809,22 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "autoscaling-plans": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, + "backup": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "batch": service{ Endpoints: endpoints{ @@ -4363,6 +6832,32 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "budgets": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-cn-global": endpoint{ + Hostname: "budgets.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "ce": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-cn-global": endpoint{ + Hostname: "ce.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, "cloudformation": service{ Endpoints: endpoints{ @@ -4398,6 +6893,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "codecommit": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "codedeploy": service{ Endpoints: endpoints{ @@ -4418,6 +6920,12 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "cur": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{}, + }, + }, "dax": service{ Endpoints: endpoints{ @@ -4454,6 +6962,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "ebs": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "ec2": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -4481,6 +6996,15 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "eks": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "elasticache": service{ Endpoints: endpoints{ @@ -4495,6 +7019,25 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "elasticfilesystem": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + "fips-cn-north-1": endpoint{ + Hostname: "elasticfilesystem-fips.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + "fips-cn-northwest-1": endpoint{ + Hostname: "elasticfilesystem-fips.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, "elasticloadbalancing": service{ Defaults: endpoint{ Protocols: []string{"https"}, @@ -4534,6 +7077,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "fsx": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "gamelift": service{ Endpoints: endpoints{ @@ -4552,6 +7102,7 @@ var awscnPartition = partition{ "glue": service{ Endpoints: endpoints{ + "cn-north-1": endpoint{}, "cn-northwest-1": endpoint{}, }, }, @@ -4595,6 +7146,43 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "iotanalytics": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + }, + }, + "iotevents": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + }, + }, + "ioteventsdata": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{ + Hostname: "data.iotevents.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + }, + }, + "iotsecuredtunneling": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, + "kafka": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "kinesis": service{ Endpoints: endpoints{ @@ -4602,6 +7190,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "kinesisanalytics": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "kms": service{ Endpoints: endpoints{ @@ -4609,6 +7204,12 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "lakeformation": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + }, + }, "lambda": service{ Endpoints: endpoints{ @@ -4650,6 +7251,36 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "neptune": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{ + Hostname: "rds.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "organizations": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-cn-global": endpoint{ + Hostname: "organizations.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + "fips-aws-cn-global": endpoint{ + Hostname: "organizations.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, "polly": service{ Endpoints: endpoints{ @@ -4670,10 +7301,40 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "resource-groups": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, + "route53": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-cn-global": endpoint{ + Hostname: "route53.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "runtime.sagemaker": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "s3": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, SignatureVersions: []string{"s3v4"}, + + HasDualStack: boxedTrue, + DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", }, Endpoints: endpoints{ "cn-north-1": endpoint{}, @@ -4684,6 +7345,9 @@ var awscnPartition = partition{ Defaults: endpoint{ Protocols: []string{"https"}, SignatureVersions: []string{"s3v4"}, + + HasDualStack: boxedTrue, + DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", }, Endpoints: endpoints{ "cn-north-1": endpoint{ @@ -4709,6 +7373,33 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "securityhub": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, + "serverlessrepo": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{ + Protocols: []string{"https"}, + }, + "cn-northwest-1": endpoint{ + Protocols: []string{"https"}, + }, + }, + }, + "servicediscovery": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "sms": service{ Endpoints: endpoints{ @@ -4719,7 +7410,20 @@ var awscnPartition = partition{ "snowball": service{ Endpoints: endpoints{ - "cn-north-1": endpoint{}, + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + "fips-cn-north-1": endpoint{ + Hostname: "snowball-fips.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + "fips-cn-northwest-1": endpoint{ + Hostname: "snowball-fips.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, }, }, "sns": service{ @@ -4758,7 +7462,8 @@ var awscnPartition = partition{ "storagegateway": service{ Endpoints: endpoints{ - "cn-north-1": endpoint{}, + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, }, }, "streams.dynamodb": service{ @@ -4866,15 +7571,42 @@ var awsusgovPartition = partition{ Description: "AWS GovCloud (US-East)", }, "us-gov-west-1": region{ - Description: "AWS GovCloud (US)", + Description: "AWS GovCloud (US-West)", }, }, Services: services{ + "access-analyzer": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "acm": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "acm.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "acm.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "acm-pca": service{ @@ -4882,6 +7614,18 @@ var awsusgovPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "acm-pca.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "acm-pca.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -4889,6 +7633,30 @@ var awsusgovPartition = partition{ "api.ecr": service{ Endpoints: endpoints{ + "fips-dkr-us-gov-east-1": endpoint{ + Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-dkr-us-gov-west-1": endpoint{ + Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "fips-us-gov-east-1": endpoint{ + Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{ Hostname: "api.ecr.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -4907,6 +7675,18 @@ var awsusgovPartition = partition{ Endpoints: endpoints{ "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "api-fips.sagemaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1-fips-secondary": endpoint{ + Hostname: "api.sagemaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "apigateway": service{ @@ -4925,8 +7705,12 @@ var awsusgovPartition = partition{ }, }, Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + "us-gov-west-1": endpoint{ + Protocols: []string{"http", "https"}, + }, }, }, "appstream2": service{ @@ -4949,6 +7733,18 @@ var awsusgovPartition = partition{ "athena": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "athena-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "athena-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -4956,25 +7752,76 @@ var awsusgovPartition = partition{ "autoscaling": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, + "us-gov-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, "us-gov-west-1": endpoint{ Protocols: []string{"http", "https"}, }, }, }, - "clouddirectory": service{ + "autoscaling-plans": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + "us-gov-west-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "backup": service{ Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, - "cloudformation": service{ + "batch": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "batch.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "batch.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, + "clouddirectory": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, + "cloudformation": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "cloudhsm": service{ Endpoints: endpoints{ @@ -4995,20 +7842,48 @@ var awsusgovPartition = partition{ "cloudtrail": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "cloudtrail.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "cloudtrail.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "codebuild": service{ Endpoints: endpoints{ "us-gov-east-1": endpoint{}, + "us-gov-east-1-fips": endpoint{ + Hostname: "codebuild-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "codebuild-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "codecommit": service{ Endpoints: endpoints{ + "fips": endpoint{ + Hostname: "codecommit-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5032,11 +7907,65 @@ var awsusgovPartition = partition{ }, }, }, + "codepipeline": service{ + + Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "codepipeline-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, + "cognito-identity": service{ + + Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "cognito-identity-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, + "cognito-idp": service{ + + Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "cognito-idp-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, "comprehend": service{ Defaults: endpoint{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "comprehend-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, + "comprehendmedical": service{ + + Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "comprehendmedical-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-west-1": endpoint{}, }, }, @@ -5050,6 +7979,12 @@ var awsusgovPartition = partition{ "datasync": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "datasync-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "fips-us-gov-west-1": endpoint{ Hostname: "datasync-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ @@ -5063,20 +7998,59 @@ var awsusgovPartition = partition{ "directconnect": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "directconnect.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "directconnect.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "dms": service{ Endpoints: endpoints{ + "dms-fips": endpoint{ + Hostname: "dms.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, + "docdb": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{ + Hostname: "rds.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "ds": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "ds-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "ds-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5100,13 +8074,30 @@ var awsusgovPartition = partition{ }, }, }, - "ec2": service{ + "ebs": service{ Endpoints: endpoints{ "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, + "ec2": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Hostname: "ec2.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "ec2.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "ec2metadata": service{ PartitionEndpoint: "aws-global", IsRegionalized: boxedFalse, @@ -5121,6 +8112,39 @@ var awsusgovPartition = partition{ "ecs": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "ecs-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "ecs-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, + "eks": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "eks.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "eks.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5129,7 +8153,7 @@ var awsusgovPartition = partition{ Endpoints: endpoints{ "fips": endpoint{ - Hostname: "elasticache-fips.us-gov-west-1.amazonaws.com", + Hostname: "elasticache.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, @@ -5141,19 +8165,54 @@ var awsusgovPartition = partition{ "elasticbeanstalk": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "elasticfilesystem": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "elasticfilesystem-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "elasticfilesystem-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, "elasticloadbalancing": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "elasticloadbalancing.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "elasticloadbalancing.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{ Protocols: []string{"http", "https"}, @@ -5163,12 +8222,36 @@ var awsusgovPartition = partition{ "elasticmapreduce": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "elasticmapreduce.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "elasticmapreduce.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{ Protocols: []string{"https"}, }, }, }, + "email": service{ + + Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "email-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, "es": service{ Endpoints: endpoints{ @@ -5185,13 +8268,35 @@ var awsusgovPartition = partition{ "events": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "events.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "events.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "firehose": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "firehose-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "firehose-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5199,15 +8304,36 @@ var awsusgovPartition = partition{ "glacier": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "glacier.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{ + Hostname: "glacier.us-gov-west-1.amazonaws.com", Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, }, }, }, "glue": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "glue-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "glue-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5218,7 +8344,18 @@ var awsusgovPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, + "dataplane-us-gov-west-1": endpoint{ + Hostname: "greengrass-ats.iot.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "greengrass.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "guardduty": service{ @@ -5227,13 +8364,25 @@ var awsusgovPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "guardduty.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "health": service{ Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, + "fips-us-gov-west-1": endpoint{ + Hostname: "health-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "iam": service{ @@ -5247,11 +8396,29 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + "iam-govcloud-fips": endpoint{ + Hostname: "iam.us-gov.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "inspector": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "inspector-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "inspector-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5263,11 +8430,43 @@ var awsusgovPartition = partition{ }, }, Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, + "iotsecuredtunneling": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, + "kafka": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, "kinesis": service{ + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Hostname: "kinesis.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "kinesis.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "kinesisanalytics": service{ + Endpoints: endpoints{ "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, @@ -5289,6 +8488,18 @@ var awsusgovPartition = partition{ "lambda": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "lambda-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "lambda-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5296,6 +8507,18 @@ var awsusgovPartition = partition{ "license-manager": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "license-manager-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "license-manager-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5303,14 +8526,29 @@ var awsusgovPartition = partition{ "logs": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "logs.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "logs.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "mediaconvert": service{ Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, + "us-gov-west-1": endpoint{ + Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "metering.marketplace": service{ @@ -5327,6 +8565,18 @@ var awsusgovPartition = partition{ "monitoring": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "monitoring.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "monitoring.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5359,11 +8609,61 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + "fips-aws-us-gov-global": endpoint{ + Hostname: "organizations.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "outposts": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Hostname: "outposts.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "outposts.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "pinpoint": service{ + Defaults: endpoint{ + CredentialScope: credentialScope{ + Service: "mobiletargeting", + }, + }, + Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "pinpoint-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "pinpoint.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "polly": service{ Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "polly-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-west-1": endpoint{}, }, }, @@ -5377,6 +8677,18 @@ var awsusgovPartition = partition{ "rds": service{ Endpoints: endpoints{ + "rds.us-gov-east-1": endpoint{ + Hostname: "rds.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "rds.us-gov-west-1": endpoint{ + Hostname: "rds.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5384,13 +8696,29 @@ var awsusgovPartition = partition{ "redshift": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "redshift.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "redshift.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "rekognition": service{ Endpoints: endpoints{ + "rekognition-fips.us-gov-west-1": endpoint{ + Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-west-1": endpoint{}, }, }, @@ -5424,6 +8752,12 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + "fips-aws-us-gov-global": endpoint{ + Hostname: "route53.us-gov.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "route53resolver": service{ @@ -5442,10 +8776,13 @@ var awsusgovPartition = partition{ "s3": service{ Defaults: endpoint{ SignatureVersions: []string{"s3", "s3v4"}, + + HasDualStack: boxedTrue, + DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", }, Endpoints: endpoints{ "fips-us-gov-west-1": endpoint{ - Hostname: "s3-fips-us-gov-west-1.amazonaws.com", + Hostname: "s3-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, @@ -5464,6 +8801,9 @@ var awsusgovPartition = partition{ Defaults: endpoint{ Protocols: []string{"https"}, SignatureVersions: []string{"s3v4"}, + + HasDualStack: boxedTrue, + DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", }, Endpoints: endpoints{ "us-gov-east-1": endpoint{ @@ -5515,22 +8855,56 @@ var awsusgovPartition = partition{ }, }, }, + "securityhub": service{ + + Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "securityhub-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "securityhub-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "serverlessrepo": service{ Defaults: endpoint{ Protocols: []string{"https"}, }, Endpoints: endpoints{ "us-gov-east-1": endpoint{ + Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", Protocols: []string{"https"}, + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, }, "us-gov-west-1": endpoint{ + Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", Protocols: []string{"https"}, + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, }, }, }, "servicecatalog": service{ Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-east-1-fips": endpoint{ + Hostname: "servicecatalog-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{}, "us-gov-west-1-fips": endpoint{ Hostname: "servicecatalog-fips.us-gov-west-1.amazonaws.com", @@ -5543,6 +8917,18 @@ var awsusgovPartition = partition{ "sms": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "sms-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "sms-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5550,6 +8936,18 @@ var awsusgovPartition = partition{ "snowball": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "snowball-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "snowball-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5557,25 +8955,55 @@ var awsusgovPartition = partition{ "sns": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "sns.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{ + Hostname: "sns.us-gov-west-1.amazonaws.com", Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, }, }, }, "sqs": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "sqs.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{ + Hostname: "sqs.us-gov-west-1.amazonaws.com", SSLCommonName: "{region}.queue.{dnsSuffix}", Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, }, }, }, "ssm": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "ssm.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "ssm.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5583,6 +9011,18 @@ var awsusgovPartition = partition{ "states": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "states-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "states.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -5590,6 +9030,13 @@ var awsusgovPartition = partition{ "storagegateway": service{ Endpoints: endpoints{ + "fips": endpoint{ + Hostname: "storagegateway-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -5620,14 +9067,54 @@ var awsusgovPartition = partition{ Endpoints: endpoints{ "us-gov-east-1": endpoint{}, + "us-gov-east-1-fips": endpoint{ + Hostname: "sts.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "sts.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "support": service{ + PartitionEndpoint: "aws-us-gov-global", + + Endpoints: endpoints{ + "aws-us-gov-global": endpoint{ + Hostname: "support.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "support.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "swf": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "swf.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "swf.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "tagging": service{ @@ -5642,6 +9129,38 @@ var awsusgovPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "fips.transcribe.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "fips.transcribe.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, + "transfer": service{ + + Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "transfer-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "transfer-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -5662,12 +9181,36 @@ var awsusgovPartition = partition{ "waf-regional": service{ Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, + "fips-us-gov-west-1": endpoint{ + Hostname: "waf-regional-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "waf-regional.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "workspaces": service{ Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "workspaces-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, + "xray": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -5757,6 +9300,14 @@ var awsisoPartition = partition{ "us-iso-east-1": endpoint{}, }, }, + "comprehend": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "config": service{ Endpoints: endpoints{ @@ -5778,6 +9329,12 @@ var awsisoPartition = partition{ "dms": service{ Endpoints: endpoints{ + "dms-fips": endpoint{ + Hostname: "dms.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, "us-iso-east-1": endpoint{}, }, }, @@ -5840,6 +9397,12 @@ var awsisoPartition = partition{ }, }, }, + "es": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "events": service{ Endpoints: endpoints{ @@ -6016,6 +9579,20 @@ var awsisoPartition = partition{ "us-iso-east-1": endpoint{}, }, }, + "transcribe": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "transcribestreaming": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "workspaces": service{ Endpoints: endpoints{ @@ -6051,6 +9628,17 @@ var awsisobPartition = partition{ }, }, Services: services{ + "api.ecr": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{ + Hostname: "api.ecr.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + }, + }, + }, "application-autoscaling": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -6094,6 +9682,12 @@ var awsisobPartition = partition{ "dms": service{ Endpoints: endpoints{ + "dms-fips": endpoint{ + Hostname: "dms.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + }, "us-isob-east-1": endpoint{}, }, }, @@ -6124,6 +9718,12 @@ var awsisobPartition = partition{ }, }, }, + "ecs": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, "elasticache": service{ Endpoints: endpoints{ @@ -6193,6 +9793,18 @@ var awsisobPartition = partition{ "us-isob-east-1": endpoint{}, }, }, + "lambda": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "license-manager": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, "logs": service{ Endpoints: endpoints{ @@ -6249,6 +9861,12 @@ var awsisobPartition = partition{ "us-isob-east-1": endpoint{}, }, }, + "ssm": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, "states": service{ Endpoints: endpoints{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go index eb2ac83c9927..773613722f49 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go @@ -7,6 +7,8 @@ import ( "strings" ) +var regionValidationRegex = regexp.MustCompile(`^[[:alnum:]]([[:alnum:]\-]*[[:alnum:]])?$`) + type partitions []partition func (ps partitions) EndpointFor(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) { @@ -124,7 +126,7 @@ func (p partition) EndpointFor(service, region string, opts ...func(*Options)) ( defs := []endpoint{p.Defaults, s.Defaults} - return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt), nil + return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt) } func serviceList(ss services) []string { @@ -233,7 +235,7 @@ func getByPriority(s []string, p []string, def string) string { return s[0] } -func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) ResolvedEndpoint { +func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) (ResolvedEndpoint, error) { var merged endpoint for _, def := range defs { merged.mergeIn(def) @@ -260,6 +262,10 @@ func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs [ region = signingRegion } + if !validateInputRegion(region) { + return ResolvedEndpoint{}, fmt.Errorf("invalid region identifier format provided") + } + u := strings.Replace(hostname, "{service}", service, 1) u = strings.Replace(u, "{region}", region, 1) u = strings.Replace(u, "{dnsSuffix}", dnsSuffix, 1) @@ -274,7 +280,7 @@ func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs [ SigningName: signingName, SigningNameDerived: signingNameDerived, SigningMethod: getByPriority(e.SignatureVersions, signerPriority, defaultSigner), - } + }, nil } func getEndpointScheme(protocols []string, disableSSL bool) string { @@ -339,3 +345,7 @@ const ( boxedFalse boxedTrue ) + +func validateInputRegion(region string) bool { + return regionValidationRegex.MatchString(region) +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go b/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go index d9b37f4d32ad..2ba3c56c11fb 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go @@ -9,7 +9,8 @@ func isErrConnectionReset(err error) bool { return false } - if strings.Contains(err.Error(), "connection reset") || + if strings.Contains(err.Error(), "use of closed network connection") || + strings.Contains(err.Error(), "connection reset") || strings.Contains(err.Error(), "broken pipe") { return true } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go index 59da73ed408c..d597c6ead555 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go @@ -135,8 +135,6 @@ func New(cfg aws.Config, clientInfo metadata.ClientInfo, handlers Handlers, err = awserr.New("InvalidEndpointURL", "invalid endpoint uri", err) } - SanitizeHostForHeader(httpReq) - r := &Request{ Config: cfg, ClientInfo: clientInfo, @@ -426,6 +424,8 @@ func (r *Request) Sign() error { return r.Error } + SanitizeHostForHeader(r.HTTPRequest) + r.Handlers.Sign.Run(r) return r.Error } @@ -639,6 +639,10 @@ func getHost(r *http.Request) string { return r.Host } + if r.URL == nil { + return "" + } + return r.URL.Host } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go index 1b61dec9c21b..752ae47f8459 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go @@ -92,6 +92,7 @@ var throttleCodes = map[string]struct{}{ "TooManyRequestsException": {}, // Lambda functions "PriorRequestNotComplete": {}, // Route53 "TransactionInProgressException": {}, + "EC2ThrottledException": {}, // EC2 } // credsExpiredCodes is a collection of error codes which signify the credentials diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go index cc64e24f1d56..fe6dac1f4764 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go @@ -3,6 +3,7 @@ package session import ( "fmt" "os" + "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" @@ -206,7 +207,14 @@ func credsFromAssumeRole(cfg aws.Config, sharedCfg.RoleARN, func(opt *stscreds.AssumeRoleProvider) { opt.RoleSessionName = sharedCfg.RoleSessionName - opt.Duration = sessOpts.AssumeRoleDuration + + if sessOpts.AssumeRoleDuration == 0 && + sharedCfg.AssumeRoleDuration != nil && + *sharedCfg.AssumeRoleDuration/time.Minute > 15 { + opt.Duration = *sharedCfg.AssumeRoleDuration + } else if sessOpts.AssumeRoleDuration != 0 { + opt.Duration = sessOpts.AssumeRoleDuration + } // Assume role with external ID if len(sharedCfg.ExternalID) > 0 { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go index 7ec66e7e589a..cc461bd3230d 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go @@ -241,5 +241,22 @@ over the AWS_CA_BUNDLE environment variable, and will be used if both are set. Setting a custom HTTPClient in the aws.Config options will override this setting. To use this option and custom HTTP client, the HTTP client needs to be provided when creating the session. Not the service client. + +The endpoint of the EC2 IMDS client can be configured via the environment +variable, AWS_EC2_METADATA_SERVICE_ENDPOINT when creating the client with a +Session. See Options.EC2IMDSEndpoint for more details. + + AWS_EC2_METADATA_SERVICE_ENDPOINT=http://169.254.169.254 + +If using an URL with an IPv6 address literal, the IPv6 address +component must be enclosed in square brackets. + + AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1] + +The custom EC2 IMDS endpoint can also be specified via the Session options. + + sess, err := session.NewSessionWithOptions(session.Options{ + EC2IMDSEndpoint: "http://[::1]", + }) */ package session diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go index c1e0e9c9543d..d67c261d74f7 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go @@ -148,6 +148,11 @@ type envConfig struct { // // AWS_S3_USE_ARN_REGION=true S3UseARNRegion bool + + // Specifies the alternative endpoint to use for EC2 IMDS. + // + // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1] + EC2IMDSEndpoint string } var ( @@ -211,6 +216,9 @@ var ( s3UseARNRegionEnvKey = []string{ "AWS_S3_USE_ARN_REGION", } + ec2IMDSEndpointEnvKey = []string{ + "AWS_EC2_METADATA_SERVICE_ENDPOINT", + } ) // loadEnvConfig retrieves the SDK's environment configuration. @@ -332,6 +340,8 @@ func envConfigLoad(enableSharedConfig bool) (envConfig, error) { } } + setFromEnvVal(&cfg.EC2IMDSEndpoint, ec2IMDSEndpointEnvKey) + return cfg, nil } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go index 0ff499605101..6430a7f15261 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go @@ -48,6 +48,8 @@ var ErrSharedConfigInvalidCredSource = awserr.New(ErrCodeSharedConfig, "credenti type Session struct { Config *aws.Config Handlers request.Handlers + + options Options } // New creates a new instance of the handlers merging in the provided configs @@ -99,7 +101,7 @@ func New(cfgs ...*aws.Config) *Session { return s } - s := deprecatedNewSession(cfgs...) + s := deprecatedNewSession(envCfg, cfgs...) if envErr != nil { msg := "failed to load env config" s.logDeprecatedNewSessionError(msg, envErr, cfgs) @@ -243,6 +245,23 @@ type Options struct { // function to initialize this value before changing the handlers to be // used by the SDK. Handlers request.Handlers + + // Allows specifying a custom endpoint to be used by the EC2 IMDS client + // when making requests to the EC2 IMDS API. The must endpoint value must + // include protocol prefix. + // + // If unset, will the EC2 IMDS client will use its default endpoint. + // + // Can also be specified via the environment variable, + // AWS_EC2_METADATA_SERVICE_ENDPOINT. + // + // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://169.254.169.254 + // + // If using an URL with an IPv6 address literal, the IPv6 address + // component must be enclosed in square brackets. + // + // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1] + EC2IMDSEndpoint string } // NewSessionWithOptions returns a new Session created from SDK defaults, config files, @@ -329,7 +348,25 @@ func Must(sess *Session, err error) *Session { return sess } -func deprecatedNewSession(cfgs ...*aws.Config) *Session { +// Wraps the endpoint resolver with a resolver that will return a custom +// endpoint for EC2 IMDS. +func wrapEC2IMDSEndpoint(resolver endpoints.Resolver, endpoint string) endpoints.Resolver { + return endpoints.ResolverFunc( + func(service, region string, opts ...func(*endpoints.Options)) ( + endpoints.ResolvedEndpoint, error, + ) { + if service == ec2MetadataServiceID { + return endpoints.ResolvedEndpoint{ + URL: endpoint, + SigningName: ec2MetadataServiceID, + SigningRegion: region, + }, nil + } + return resolver.EndpointFor(service, region) + }) +} + +func deprecatedNewSession(envCfg envConfig, cfgs ...*aws.Config) *Session { cfg := defaults.Config() handlers := defaults.Handlers() @@ -341,6 +378,11 @@ func deprecatedNewSession(cfgs ...*aws.Config) *Session { // endpoints for service client configurations. cfg.EndpointResolver = endpoints.DefaultResolver() } + + if len(envCfg.EC2IMDSEndpoint) != 0 { + cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, envCfg.EC2IMDSEndpoint) + } + cfg.Credentials = defaults.CredChain(cfg, handlers) // Reapply any passed in configs to override credentials if set @@ -349,6 +391,9 @@ func deprecatedNewSession(cfgs ...*aws.Config) *Session { s := &Session{ Config: cfg, Handlers: handlers, + options: Options{ + EC2IMDSEndpoint: envCfg.EC2IMDSEndpoint, + }, } initHandlers(s) @@ -418,6 +463,7 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, s := &Session{ Config: cfg, Handlers: handlers, + options: opts, } initHandlers(s) @@ -570,6 +616,14 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, endpoints.LegacyS3UsEast1Endpoint, }) + ec2IMDSEndpoint := sessOpts.EC2IMDSEndpoint + if len(ec2IMDSEndpoint) == 0 { + ec2IMDSEndpoint = envCfg.EC2IMDSEndpoint + } + if len(ec2IMDSEndpoint) != 0 { + cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint) + } + // Configure credentials if not already set by the user when creating the // Session. if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { @@ -627,6 +681,7 @@ func (s *Session) Copy(cfgs ...*aws.Config) *Session { newSession := &Session{ Config: s.Config.Copy(cfgs...), Handlers: s.Handlers.Copy(), + options: s.options, } initHandlers(newSession) @@ -665,6 +720,8 @@ func (s *Session) ClientConfig(service string, cfgs ...*aws.Config) client.Confi } } +const ec2MetadataServiceID = "ec2metadata" + func (s *Session) resolveEndpoint(service, region string, cfg *aws.Config) (endpoints.ResolvedEndpoint, error) { if ep := aws.StringValue(cfg.Endpoint); len(ep) != 0 { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go index a8ed88076007..680805a38add 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go @@ -2,6 +2,7 @@ package session import ( "fmt" + "time" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" @@ -16,12 +17,13 @@ const ( sessionTokenKey = `aws_session_token` // optional // Assume Role Credentials group - roleArnKey = `role_arn` // group required - sourceProfileKey = `source_profile` // group required (or credential_source) - credentialSourceKey = `credential_source` // group required (or source_profile) - externalIDKey = `external_id` // optional - mfaSerialKey = `mfa_serial` // optional - roleSessionNameKey = `role_session_name` // optional + roleArnKey = `role_arn` // group required + sourceProfileKey = `source_profile` // group required (or credential_source) + credentialSourceKey = `credential_source` // group required (or source_profile) + externalIDKey = `external_id` // optional + mfaSerialKey = `mfa_serial` // optional + roleSessionNameKey = `role_session_name` // optional + roleDurationSecondsKey = "duration_seconds" // optional // CSM options csmEnabledKey = `csm_enabled` @@ -73,10 +75,11 @@ type sharedConfig struct { CredentialProcess string WebIdentityTokenFile string - RoleARN string - RoleSessionName string - ExternalID string - MFASerial string + RoleARN string + RoleSessionName string + ExternalID string + MFASerial string + AssumeRoleDuration *time.Duration SourceProfileName string SourceProfile *sharedConfig @@ -274,6 +277,11 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e updateString(&cfg.CredentialSource, section, credentialSourceKey) updateString(&cfg.Region, section, regionKey) + if section.Has(roleDurationSecondsKey) { + d := time.Duration(section.Int(roleDurationSecondsKey)) * time.Second + cfg.AssumeRoleDuration = &d + } + if v := section.String(stsRegionalEndpointSharedKey); len(v) != 0 { sre, err := endpoints.GetSTSRegionalEndpoint(v) if err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go new file mode 100644 index 000000000000..f35fc860b3b7 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go @@ -0,0 +1,13 @@ +// +build !go1.7 + +package v4 + +import ( + "net/http" + + "github.com/aws/aws-sdk-go/aws" +) + +func requestContext(r *http.Request) aws.Context { + return aws.BackgroundContext() +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go new file mode 100644 index 000000000000..fed5c859ca66 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go @@ -0,0 +1,13 @@ +// +build go1.7 + +package v4 + +import ( + "net/http" + + "github.com/aws/aws-sdk-go/aws" +) + +func requestContext(r *http.Request) aws.Context { + return r.Context() +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go index b97334c7f28e..d71f7b3f4fa0 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go @@ -340,7 +340,7 @@ func (v4 Signer) signWithBody(r *http.Request, body io.ReadSeeker, service, regi } var err error - ctx.credValues, err = v4.Credentials.Get() + ctx.credValues, err = v4.Credentials.GetWithContext(requestContext(r)) if err != nil { return http.Header{}, err } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/types.go b/vendor/github.com/aws/aws-sdk-go/aws/types.go index d542ef01bc89..98751ee84f24 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/types.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/types.go @@ -239,3 +239,26 @@ func (es errors) Error() string { return strings.Join(parts, "\n") } + +// CopySeekableBody copies the seekable body to an io.Writer +func CopySeekableBody(dst io.Writer, src io.ReadSeeker) (int64, error) { + curPos, err := src.Seek(0, sdkio.SeekCurrent) + if err != nil { + return 0, err + } + + // copy errors may be assumed to be from the body. + n, err := io.Copy(dst, src) + if err != nil { + return n, err + } + + // seek back to the first position after reading to reset + // the body for transmission. + _, err = src.Seek(curPos, sdkio.SeekStart) + if err != nil { + return n, err + } + + return n, nil +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index 94f6d68caaa4..cc41ca0bcda8 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.28.2" +const SDKVersion = "1.35.24" diff --git a/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go b/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go new file mode 100644 index 000000000000..876dcb3fde28 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go @@ -0,0 +1,40 @@ +// +build !go1.7 + +package context + +import "time" + +// An emptyCtx is a copy of the Go 1.7 context.emptyCtx type. This is copied to +// provide a 1.6 and 1.5 safe version of context that is compatible with Go +// 1.7's Context. +// +// An emptyCtx is never canceled, has no values, and has no deadline. It is not +// struct{}, since vars of this type must have distinct addresses. +type emptyCtx int + +func (*emptyCtx) Deadline() (deadline time.Time, ok bool) { + return +} + +func (*emptyCtx) Done() <-chan struct{} { + return nil +} + +func (*emptyCtx) Err() error { + return nil +} + +func (*emptyCtx) Value(key interface{}) interface{} { + return nil +} + +func (e *emptyCtx) String() string { + switch e { + case BackgroundCtx: + return "aws.BackgroundContext" + } + return "unknown empty Context" +} + +// BackgroundCtx is the common base context. +var BackgroundCtx = new(emptyCtx) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go index cf9fad81e704..55fa73ebcf2a 100644 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go +++ b/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go @@ -63,9 +63,10 @@ var parseTable = map[ASTKind]map[TokenType]int{ TokenNone: MarkCompleteState, }, ASTKindEqualExpr: map[TokenType]int{ - TokenLit: ValueState, - TokenWS: SkipTokenState, - TokenNL: SkipState, + TokenLit: ValueState, + TokenWS: SkipTokenState, + TokenNL: SkipState, + TokenNone: SkipState, }, ASTKindStatement: map[TokenType]int{ TokenLit: SectionState, diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE new file mode 100644 index 000000000000..6a66aea5eafe --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2009 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go new file mode 100644 index 000000000000..14ad0c589115 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go @@ -0,0 +1,120 @@ +// Copyright 2013 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package singleflight provides a duplicate function call suppression +// mechanism. +package singleflight + +import "sync" + +// call is an in-flight or completed singleflight.Do call +type call struct { + wg sync.WaitGroup + + // These fields are written once before the WaitGroup is done + // and are only read after the WaitGroup is done. + val interface{} + err error + + // forgotten indicates whether Forget was called with this call's key + // while the call was still in flight. + forgotten bool + + // These fields are read and written with the singleflight + // mutex held before the WaitGroup is done, and are read but + // not written after the WaitGroup is done. + dups int + chans []chan<- Result +} + +// Group represents a class of work and forms a namespace in +// which units of work can be executed with duplicate suppression. +type Group struct { + mu sync.Mutex // protects m + m map[string]*call // lazily initialized +} + +// Result holds the results of Do, so they can be passed +// on a channel. +type Result struct { + Val interface{} + Err error + Shared bool +} + +// Do executes and returns the results of the given function, making +// sure that only one execution is in-flight for a given key at a +// time. If a duplicate comes in, the duplicate caller waits for the +// original to complete and receives the same results. +// The return value shared indicates whether v was given to multiple callers. +func (g *Group) Do(key string, fn func() (interface{}, error)) (v interface{}, err error, shared bool) { + g.mu.Lock() + if g.m == nil { + g.m = make(map[string]*call) + } + if c, ok := g.m[key]; ok { + c.dups++ + g.mu.Unlock() + c.wg.Wait() + return c.val, c.err, true + } + c := new(call) + c.wg.Add(1) + g.m[key] = c + g.mu.Unlock() + + g.doCall(c, key, fn) + return c.val, c.err, c.dups > 0 +} + +// DoChan is like Do but returns a channel that will receive the +// results when they are ready. +func (g *Group) DoChan(key string, fn func() (interface{}, error)) <-chan Result { + ch := make(chan Result, 1) + g.mu.Lock() + if g.m == nil { + g.m = make(map[string]*call) + } + if c, ok := g.m[key]; ok { + c.dups++ + c.chans = append(c.chans, ch) + g.mu.Unlock() + return ch + } + c := &call{chans: []chan<- Result{ch}} + c.wg.Add(1) + g.m[key] = c + g.mu.Unlock() + + go g.doCall(c, key, fn) + + return ch +} + +// doCall handles the single call for a key. +func (g *Group) doCall(c *call, key string, fn func() (interface{}, error)) { + c.val, c.err = fn() + c.wg.Done() + + g.mu.Lock() + if !c.forgotten { + delete(g.m, key) + } + for _, ch := range c.chans { + ch <- Result{c.val, c.err, c.dups > 0} + } + g.mu.Unlock() +} + +// Forget tells the singleflight to forget about a key. Future calls +// to Do for this key will call the function rather than waiting for +// an earlier call to complete. +func (g *Group) Forget(key string) { + g.mu.Lock() + if c, ok := g.m[key]; ok { + c.forgotten = true + } + delete(g.m, key) + g.mu.Unlock() +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/build.go index 50c5ed760052..5d500be27f3b 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/build.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/build.go @@ -1,7 +1,7 @@ // Package ec2query provides serialization of AWS EC2 requests and responses. package ec2query -//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/input/ec2.json build_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/ec2.json build_test.go import ( "net/url" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/unmarshal.go index 105d732f9d38..c42b04a8d557 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/unmarshal.go @@ -1,6 +1,6 @@ package ec2query -//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/ec2.json unmarshal_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/ec2.json unmarshal_test.go import ( "encoding/xml" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go index ea0da79a5e0b..8b2c9bbeba0c 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go @@ -6,7 +6,9 @@ import ( "encoding/json" "fmt" "io" + "math/big" "reflect" + "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -14,6 +16,8 @@ import ( "github.com/aws/aws-sdk-go/private/protocol" ) +var millisecondsFloat = new(big.Float).SetInt64(1e3) + // UnmarshalJSONError unmarshal's the reader's JSON document into the passed in // type. The value to unmarshal the json document into must be a pointer to the // type. @@ -38,17 +42,42 @@ func UnmarshalJSONError(v interface{}, stream io.Reader) error { func UnmarshalJSON(v interface{}, stream io.Reader) error { var out interface{} - err := json.NewDecoder(stream).Decode(&out) + decoder := json.NewDecoder(stream) + decoder.UseNumber() + err := decoder.Decode(&out) + if err == io.EOF { + return nil + } else if err != nil { + return err + } + + return unmarshaler{}.unmarshalAny(reflect.ValueOf(v), out, "") +} + +// UnmarshalJSONCaseInsensitive reads a stream and unmarshals the result into the +// object v. Ignores casing for structure members. +func UnmarshalJSONCaseInsensitive(v interface{}, stream io.Reader) error { + var out interface{} + + decoder := json.NewDecoder(stream) + decoder.UseNumber() + err := decoder.Decode(&out) if err == io.EOF { return nil } else if err != nil { return err } - return unmarshalAny(reflect.ValueOf(v), out, "") + return unmarshaler{ + caseInsensitive: true, + }.unmarshalAny(reflect.ValueOf(v), out, "") } -func unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) error { +type unmarshaler struct { + caseInsensitive bool +} + +func (u unmarshaler) unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) error { vtype := value.Type() if vtype.Kind() == reflect.Ptr { vtype = vtype.Elem() // check kind of actual element type @@ -80,17 +109,17 @@ func unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) if field, ok := vtype.FieldByName("_"); ok { tag = field.Tag } - return unmarshalStruct(value, data, tag) + return u.unmarshalStruct(value, data, tag) case "list": - return unmarshalList(value, data, tag) + return u.unmarshalList(value, data, tag) case "map": - return unmarshalMap(value, data, tag) + return u.unmarshalMap(value, data, tag) default: - return unmarshalScalar(value, data, tag) + return u.unmarshalScalar(value, data, tag) } } -func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTag) error { +func (u unmarshaler) unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTag) error { if data == nil { return nil } @@ -114,7 +143,7 @@ func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTa // unwrap any payloads if payload := tag.Get("payload"); payload != "" { field, _ := t.FieldByName(payload) - return unmarshalAny(value.FieldByName(payload), data, field.Tag) + return u.unmarshalAny(value.FieldByName(payload), data, field.Tag) } for i := 0; i < t.NumField(); i++ { @@ -128,9 +157,19 @@ func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTa if locName := field.Tag.Get("locationName"); locName != "" { name = locName } + if u.caseInsensitive { + if _, ok := mapData[name]; !ok { + // Fallback to uncased name search if the exact name didn't match. + for kn, v := range mapData { + if strings.EqualFold(kn, name) { + mapData[name] = v + } + } + } + } member := value.FieldByIndex(field.Index) - err := unmarshalAny(member, mapData[name], field.Tag) + err := u.unmarshalAny(member, mapData[name], field.Tag) if err != nil { return err } @@ -138,7 +177,7 @@ func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTa return nil } -func unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) error { +func (u unmarshaler) unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) error { if data == nil { return nil } @@ -153,7 +192,7 @@ func unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) } for i, c := range listData { - err := unmarshalAny(value.Index(i), c, "") + err := u.unmarshalAny(value.Index(i), c, "") if err != nil { return err } @@ -162,7 +201,7 @@ func unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) return nil } -func unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) error { +func (u unmarshaler) unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) error { if data == nil { return nil } @@ -179,14 +218,14 @@ func unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) kvalue := reflect.ValueOf(k) vvalue := reflect.New(value.Type().Elem()).Elem() - unmarshalAny(vvalue, v, "") + u.unmarshalAny(vvalue, v, "") value.SetMapIndex(kvalue, vvalue) } return nil } -func unmarshalScalar(value reflect.Value, data interface{}, tag reflect.StructTag) error { +func (u unmarshaler) unmarshalScalar(value reflect.Value, data interface{}, tag reflect.StructTag) error { switch d := data.(type) { case nil: @@ -222,16 +261,31 @@ func unmarshalScalar(value reflect.Value, data interface{}, tag reflect.StructTa default: return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type()) } - case float64: + case json.Number: switch value.Interface().(type) { case *int64: - di := int64(d) + // Retain the old behavior where we would just truncate the float64 + // calling d.Int64() here could cause an invalid syntax error due to the usage of strconv.ParseInt + f, err := d.Float64() + if err != nil { + return err + } + di := int64(f) value.Set(reflect.ValueOf(&di)) case *float64: - value.Set(reflect.ValueOf(&d)) + f, err := d.Float64() + if err != nil { + return err + } + value.Set(reflect.ValueOf(&f)) case *time.Time: - // Time unmarshaled from a float64 can only be epoch seconds - t := time.Unix(int64(d), 0).UTC() + float, ok := new(big.Float).SetString(d.String()) + if !ok { + return fmt.Errorf("unsupported float time representation: %v", d.String()) + } + float = float.Mul(float, millisecondsFloat) + ms, _ := float.Int64() + t := time.Unix(0, ms*1e6).UTC() value.Set(reflect.ValueOf(&t)) default: return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type()) diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go index 89cfda75f668..a029217e4c61 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go @@ -2,8 +2,8 @@ // requests and responses. package jsonrpc -//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/input/json.json build_test.go -//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/json.json unmarshal_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/json.json build_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/json.json unmarshal_test.go import ( "github.com/aws/aws-sdk-go/aws/awserr" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go index a2416c044851..c0c52e2db0f3 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go @@ -54,7 +54,7 @@ func (u *UnmarshalTypedError) UnmarshalError( // If exception code is know, use associated constructor to get a value // for the exception that the JSON body can be unmarshaled into. v := fn(respMeta) - err := jsonutil.UnmarshalJSON(v, body) + err := jsonutil.UnmarshalJSONCaseInsensitive(v, body) if err != nil { return nil, err } diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go index 0cb99eb57968..d40346a7790d 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go @@ -1,7 +1,7 @@ // Package query provides serialization of AWS query requests, and responses. package query -//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/input/query.json build_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/query.json build_test.go import ( "net/url" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go index f69c1efc93ad..9231e95d1604 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go @@ -1,6 +1,6 @@ package query -//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/query.json unmarshal_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/query.json unmarshal_test.go import ( "encoding/xml" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go index 05d4ff519258..98f4caed91cc 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go @@ -27,8 +27,8 @@ const ( // RFC3339 a subset of the ISO8601 timestamp format. e.g 2014-04-29T18:30:38Z ISO8601TimeFormat = "2006-01-02T15:04:05.999999999Z" - // This format is used for output time without seconds precision - ISO8601OutputTimeFormat = "2006-01-02T15:04:05Z" + // This format is used for output time with fractional second precision up to milliseconds + ISO8601OutputTimeFormat = "2006-01-02T15:04:05.999999999Z" ) // IsKnownTimestampFormat returns if the timestamp format name @@ -48,7 +48,7 @@ func IsKnownTimestampFormat(name string) bool { // FormatTime returns a string value of the time. func FormatTime(name string, t time.Time) string { - t = t.UTC() + t = t.UTC().Truncate(time.Millisecond) switch name { case RFC822TimeFormatName: @@ -56,7 +56,8 @@ func FormatTime(name string, t time.Time) string { case ISO8601TimeFormatName: return t.Format(ISO8601OutputTimeFormat) case UnixTimeFormatName: - return strconv.FormatInt(t.Unix(), 10) + ms := t.UnixNano() / int64(time.Millisecond) + return strconv.FormatFloat(float64(ms)/1e3, 'f', -1, 64) default: panic("unknown timestamp format name, " + name) } diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go index cf981fe95132..09ad951595e4 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go @@ -8,6 +8,7 @@ import ( "reflect" "sort" "strconv" + "strings" "time" "github.com/aws/aws-sdk-go/private/protocol" @@ -60,6 +61,14 @@ func (b *xmlBuilder) buildValue(value reflect.Value, current *XMLNode, tag refle return nil } + xml := tag.Get("xml") + if len(xml) != 0 { + name := strings.SplitAfterN(xml, ",", 2)[0] + if name == "-" { + return nil + } + } + t := tag.Get("type") if t == "" { switch value.Kind() { diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go index 7108d3800937..107c053f8acf 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go @@ -64,6 +64,14 @@ func UnmarshalXML(v interface{}, d *xml.Decoder, wrapper string) error { // parse deserializes any value from the XMLNode. The type tag is used to infer the type, or reflect // will be used to determine the type from r. func parse(r reflect.Value, node *XMLNode, tag reflect.StructTag) error { + xml := tag.Get("xml") + if len(xml) != 0 { + name := strings.SplitAfterN(xml, ",", 2)[0] + if name == "-" { + return nil + } + } + rtype := r.Type() if rtype.Kind() == reflect.Ptr { rtype = rtype.Elem() // check kind of actual element type diff --git a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/api.go b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/api.go index cfa9204ebddc..ae8e316f25c8 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/api.go @@ -158,8 +158,9 @@ func (c *AutoScaling) AttachLoadBalancerTargetGroupsRequest(input *AttachLoadBal // // Attaches one or more target groups to the specified Auto Scaling group. // -// To describe the target groups for an Auto Scaling group, use DescribeLoadBalancerTargetGroups. -// To detach the target group from the Auto Scaling group, use DetachLoadBalancerTargetGroups. +// To describe the target groups for an Auto Scaling group, call the DescribeLoadBalancerTargetGroups +// API. To detach the target group from the Auto Scaling group, call the DetachLoadBalancerTargetGroups +// API. // // With Application Load Balancers and Network Load Balancers, instances are // registered as targets with a target group. With Classic Load Balancers, instances @@ -249,14 +250,17 @@ func (c *AutoScaling) AttachLoadBalancersRequest(input *AttachLoadBalancersInput // AttachLoadBalancers API operation for Auto Scaling. // -// Attaches one or more Classic Load Balancers to the specified Auto Scaling -// group. // -// To attach an Application Load Balancer or a Network Load Balancer instead, -// see AttachLoadBalancerTargetGroups. +// To attach an Application Load Balancer or a Network Load Balancer, use the +// AttachLoadBalancerTargetGroups API operation instead. +// +// Attaches one or more Classic Load Balancers to the specified Auto Scaling +// group. Amazon EC2 Auto Scaling registers the running instances with these +// Classic Load Balancers. // -// To describe the load balancers for an Auto Scaling group, use DescribeLoadBalancers. -// To detach the load balancer from the Auto Scaling group, use DetachLoadBalancers. +// To describe the load balancers for an Auto Scaling group, call the DescribeLoadBalancers +// API. To detach the load balancer from the Auto Scaling group, call the DetachLoadBalancers +// API. // // For more information, see Attaching a Load Balancer to Your Auto Scaling // Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/attach-load-balancer-asg.html) @@ -442,7 +446,8 @@ func (c *AutoScaling) BatchPutScheduledUpdateGroupActionRequest(input *BatchPutS // * ErrCodeLimitExceededFault "LimitExceeded" // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). -// For more information, see DescribeAccountLimits. +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. // // * ErrCodeResourceContentionFault "ResourceContention" // You already have a pending update to an Amazon EC2 Auto Scaling resource @@ -470,6 +475,101 @@ func (c *AutoScaling) BatchPutScheduledUpdateGroupActionWithContext(ctx aws.Cont return out, req.Send() } +const opCancelInstanceRefresh = "CancelInstanceRefresh" + +// CancelInstanceRefreshRequest generates a "aws/request.Request" representing the +// client's request for the CancelInstanceRefresh operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CancelInstanceRefresh for more information on using the CancelInstanceRefresh +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CancelInstanceRefreshRequest method. +// req, resp := client.CancelInstanceRefreshRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/CancelInstanceRefresh +func (c *AutoScaling) CancelInstanceRefreshRequest(input *CancelInstanceRefreshInput) (req *request.Request, output *CancelInstanceRefreshOutput) { + op := &request.Operation{ + Name: opCancelInstanceRefresh, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CancelInstanceRefreshInput{} + } + + output = &CancelInstanceRefreshOutput{} + req = c.newRequest(op, input, output) + return +} + +// CancelInstanceRefresh API operation for Auto Scaling. +// +// Cancels an instance refresh operation in progress. Cancellation does not +// roll back any replacements that have already been completed, but it prevents +// new replacements from being started. +// +// For more information, see Replacing Auto Scaling Instances Based on an Instance +// Refresh (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Auto Scaling's +// API operation CancelInstanceRefresh for usage and error information. +// +// Returned Error Codes: +// * ErrCodeLimitExceededFault "LimitExceeded" +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. +// +// * ErrCodeResourceContentionFault "ResourceContention" +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). +// +// * ErrCodeActiveInstanceRefreshNotFoundFault "ActiveInstanceRefreshNotFound" +// The request failed because an active instance refresh for the specified Auto +// Scaling group was not found. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/CancelInstanceRefresh +func (c *AutoScaling) CancelInstanceRefresh(input *CancelInstanceRefreshInput) (*CancelInstanceRefreshOutput, error) { + req, out := c.CancelInstanceRefreshRequest(input) + return out, req.Send() +} + +// CancelInstanceRefreshWithContext is the same as CancelInstanceRefresh with the addition of +// the ability to pass a context and additional request options. +// +// See CancelInstanceRefresh for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *AutoScaling) CancelInstanceRefreshWithContext(ctx aws.Context, input *CancelInstanceRefreshInput, opts ...request.Option) (*CancelInstanceRefreshOutput, error) { + req, out := c.CancelInstanceRefreshRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCompleteLifecycleAction = "CompleteLifecycleAction" // CompleteLifecycleActionRequest generates a "aws/request.Request" representing the @@ -622,11 +722,23 @@ func (c *AutoScaling) CreateAutoScalingGroupRequest(input *CreateAutoScalingGrou // Creates an Auto Scaling group with the specified name and attributes. // // If you exceed your maximum limit of Auto Scaling groups, the call fails. -// For information about viewing this limit, see DescribeAccountLimits. For -// information about updating this limit, see Amazon EC2 Auto Scaling Limits -// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) +// To query this limit, call the DescribeAccountLimits API. For information +// about updating this limit, see Amazon EC2 Auto Scaling Service Quotas (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) +// in the Amazon EC2 Auto Scaling User Guide. +// +// For introductory exercises for creating an Auto Scaling group, see Getting +// Started with Amazon EC2 Auto Scaling (https://docs.aws.amazon.com/autoscaling/ec2/userguide/GettingStartedTutorial.html) +// and Tutorial: Set Up a Scaled and Load-Balanced Application (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-register-lbs-with-asg.html) +// in the Amazon EC2 Auto Scaling User Guide. For more information, see Auto +// Scaling Groups (https://docs.aws.amazon.com/autoscaling/ec2/userguide/AutoScalingGroup.html) // in the Amazon EC2 Auto Scaling User Guide. // +// Every Auto Scaling group has three size parameters (DesiredCapacity, MaxSize, +// and MinSize). Usually, you set these sizes based on a specific number of +// instances. However, if you configure a mixed instances policy that defines +// weights for the instance types, you must specify these sizes with the same +// units that you use for weighting instances. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -642,7 +754,8 @@ func (c *AutoScaling) CreateAutoScalingGroupRequest(input *CreateAutoScalingGrou // * ErrCodeLimitExceededFault "LimitExceeded" // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). -// For more information, see DescribeAccountLimits. +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. // // * ErrCodeResourceContentionFault "ResourceContention" // You already have a pending update to an Amazon EC2 Auto Scaling resource @@ -721,9 +834,8 @@ func (c *AutoScaling) CreateLaunchConfigurationRequest(input *CreateLaunchConfig // Creates a launch configuration. // // If you exceed your maximum limit of launch configurations, the call fails. -// For information about viewing this limit, see DescribeAccountLimits. For -// information about updating this limit, see Amazon EC2 Auto Scaling Limits -// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) +// To query this limit, call the DescribeAccountLimits API. For information +// about updating this limit, see Amazon EC2 Auto Scaling Service Quotas (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) // in the Amazon EC2 Auto Scaling User Guide. // // For more information, see Launch Configurations (https://docs.aws.amazon.com/autoscaling/ec2/userguide/LaunchConfiguration.html) @@ -744,7 +856,8 @@ func (c *AutoScaling) CreateLaunchConfigurationRequest(input *CreateLaunchConfig // * ErrCodeLimitExceededFault "LimitExceeded" // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). -// For more information, see DescribeAccountLimits. +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. // // * ErrCodeResourceContentionFault "ResourceContention" // You already have a pending update to an Amazon EC2 Auto Scaling resource @@ -836,7 +949,8 @@ func (c *AutoScaling) CreateOrUpdateTagsRequest(input *CreateOrUpdateTagsInput) // * ErrCodeLimitExceededFault "LimitExceeded" // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). -// For more information, see DescribeAccountLimits. +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. // // * ErrCodeAlreadyExistsFault "AlreadyExists" // You already have an Auto Scaling group or launch configuration with this @@ -925,13 +1039,13 @@ func (c *AutoScaling) DeleteAutoScalingGroupRequest(input *DeleteAutoScalingGrou // alarm actions, and any alarm that no longer has an associated action. // // To remove instances from the Auto Scaling group before deleting it, call -// DetachInstances with the list of instances and the option to decrement the -// desired capacity. This ensures that Amazon EC2 Auto Scaling does not launch -// replacement instances. +// the DetachInstances API with the list of instances and the option to decrement +// the desired capacity. This ensures that Amazon EC2 Auto Scaling does not +// launch replacement instances. // -// To terminate all instances before deleting the Auto Scaling group, call UpdateAutoScalingGroup -// and set the minimum size and desired capacity of the Auto Scaling group to -// zero. +// To terminate all instances before deleting the Auto Scaling group, call the +// UpdateAutoScalingGroup API and set the minimum size and desired capacity +// of the Auto Scaling group to zero. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1527,11 +1641,11 @@ func (c *AutoScaling) DescribeAccountLimitsRequest(input *DescribeAccountLimitsI // DescribeAccountLimits API operation for Auto Scaling. // -// Describes the current Amazon EC2 Auto Scaling resource limits for your AWS +// Describes the current Amazon EC2 Auto Scaling resource quotas for your AWS // account. // -// For information about requesting an increase in these limits, see Amazon -// EC2 Auto Scaling Limits (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) +// For information about requesting an increase, see Amazon EC2 Auto Scaling +// Service Quotas (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1612,7 +1726,17 @@ func (c *AutoScaling) DescribeAdjustmentTypesRequest(input *DescribeAdjustmentTy // DescribeAdjustmentTypes API operation for Auto Scaling. // -// Describes the policy adjustment types for use with PutScalingPolicy. +// Describes the available adjustment types for Amazon EC2 Auto Scaling scaling +// policies. These settings apply to step scaling policies and simple scaling +// policies; they do not apply to target tracking scaling policies. +// +// The following adjustment types are supported: +// +// * ChangeInCapacity +// +// * ExactCapacity +// +// * PercentChangeInCapacity // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2010,6 +2134,110 @@ func (c *AutoScaling) DescribeAutoScalingNotificationTypesWithContext(ctx aws.Co return out, req.Send() } +const opDescribeInstanceRefreshes = "DescribeInstanceRefreshes" + +// DescribeInstanceRefreshesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstanceRefreshes operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstanceRefreshes for more information on using the DescribeInstanceRefreshes +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeInstanceRefreshesRequest method. +// req, resp := client.DescribeInstanceRefreshesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeInstanceRefreshes +func (c *AutoScaling) DescribeInstanceRefreshesRequest(input *DescribeInstanceRefreshesInput) (req *request.Request, output *DescribeInstanceRefreshesOutput) { + op := &request.Operation{ + Name: opDescribeInstanceRefreshes, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeInstanceRefreshesInput{} + } + + output = &DescribeInstanceRefreshesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstanceRefreshes API operation for Auto Scaling. +// +// Describes one or more instance refreshes. +// +// You can determine the status of a request by looking at the Status parameter. +// The following are the possible statuses: +// +// * Pending - The request was created, but the operation has not started. +// +// * InProgress - The operation is in progress. +// +// * Successful - The operation completed successfully. +// +// * Failed - The operation failed to complete. You can troubleshoot using +// the status reason and the scaling activities. +// +// * Cancelling - An ongoing operation is being cancelled. Cancellation does +// not roll back any replacements that have already been completed, but it +// prevents new replacements from being started. +// +// * Cancelled - The operation is cancelled. +// +// For more information, see Replacing Auto Scaling Instances Based on an Instance +// Refresh (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Auto Scaling's +// API operation DescribeInstanceRefreshes for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInvalidNextToken "InvalidNextToken" +// The NextToken value is not valid. +// +// * ErrCodeResourceContentionFault "ResourceContention" +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeInstanceRefreshes +func (c *AutoScaling) DescribeInstanceRefreshes(input *DescribeInstanceRefreshesInput) (*DescribeInstanceRefreshesOutput, error) { + req, out := c.DescribeInstanceRefreshesRequest(input) + return out, req.Send() +} + +// DescribeInstanceRefreshesWithContext is the same as DescribeInstanceRefreshes with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstanceRefreshes for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *AutoScaling) DescribeInstanceRefreshesWithContext(ctx aws.Context, input *DescribeInstanceRefreshesInput, opts ...request.Option) (*DescribeInstanceRefreshesOutput, error) { + req, out := c.DescribeInstanceRefreshesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeLaunchConfigurations = "DescribeLaunchConfigurations" // DescribeLaunchConfigurationsRequest generates a "aws/request.Request" representing the @@ -2444,8 +2672,8 @@ func (c *AutoScaling) DescribeLoadBalancersRequest(input *DescribeLoadBalancersI // Describes the load balancers for the specified Auto Scaling group. // // This operation describes only Classic Load Balancers. If you have Application -// Load Balancers or Network Load Balancers, use DescribeLoadBalancerTargetGroups -// instead. +// Load Balancers or Network Load Balancers, use the DescribeLoadBalancerTargetGroups +// API instead. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2528,7 +2756,7 @@ func (c *AutoScaling) DescribeMetricCollectionTypesRequest(input *DescribeMetric // Describes the available CloudWatch metrics for Amazon EC2 Auto Scaling. // // The GroupStandbyInstances metric is not returned by default. You must explicitly -// request this metric when calling EnableMetricsCollection. +// request this metric when calling the EnableMetricsCollection API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3035,7 +3263,8 @@ func (c *AutoScaling) DescribeScalingProcessTypesRequest(input *DescribeScalingP // DescribeScalingProcessTypes API operation for Auto Scaling. // -// Describes the scaling process types for use with ResumeProcesses and SuspendProcesses. +// Describes the scaling process types for use with the ResumeProcesses and +// SuspendProcesses APIs. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3123,7 +3352,7 @@ func (c *AutoScaling) DescribeScheduledActionsRequest(input *DescribeScheduledAc // // Describes the actions scheduled for your Auto Scaling group that haven't // run or that have not reached their end time. To describe the actions that -// have already run, use DescribeScalingActivities. +// have already run, call the DescribeScalingActivities API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3275,6 +3504,9 @@ func (c *AutoScaling) DescribeTagsRequest(input *DescribeTagsInput) (req *reques // a particular tag only if it matches all the filters. If there's no match, // no special message is returned. // +// For more information, see Tagging Auto Scaling Groups and Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html) +// in the Amazon EC2 Auto Scaling User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -3673,13 +3905,13 @@ func (c *AutoScaling) DetachLoadBalancersRequest(input *DetachLoadBalancersInput // group. // // This operation detaches only Classic Load Balancers. If you have Application -// Load Balancers or Network Load Balancers, use DetachLoadBalancerTargetGroups -// instead. +// Load Balancers or Network Load Balancers, use the DetachLoadBalancerTargetGroups +// API instead. // // When you detach a load balancer, it enters the Removing state while deregistering // the instances in the group. When all instances are deregistered, then you -// can no longer describe the load balancer using DescribeLoadBalancers. The -// instances remain running. +// can no longer describe the load balancer using the DescribeLoadBalancers +// API call. The instances remain running. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4017,7 +4249,8 @@ func (c *AutoScaling) ExecutePolicyRequest(input *ExecutePolicyInput) (req *requ // ExecutePolicy API operation for Auto Scaling. // -// Executes the specified policy. +// Executes the specified policy. This can be useful for testing the design +// of your scaling policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4209,10 +4442,11 @@ func (c *AutoScaling) PutLifecycleHookRequest(input *PutLifecycleHookInput) (req // launch or terminate. // // If you need more time, record the lifecycle action heartbeat to keep the -// instance in a pending state using RecordLifecycleActionHeartbeat. +// instance in a pending state using the RecordLifecycleActionHeartbeat API +// call. // // If you finish before the timeout period ends, complete the lifecycle action -// using CompleteLifecycleAction. +// using the CompleteLifecycleAction API call. // // For more information, see Amazon EC2 Auto Scaling Lifecycle Hooks (https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) // in the Amazon EC2 Auto Scaling User Guide. @@ -4220,8 +4454,9 @@ func (c *AutoScaling) PutLifecycleHookRequest(input *PutLifecycleHookInput) (req // If you exceed your maximum limit of lifecycle hooks, which by default is // 50 per Auto Scaling group, the call fails. // -// You can view the lifecycle hooks for an Auto Scaling group using DescribeLifecycleHooks. -// If you are no longer using a lifecycle hook, you can delete it using DeleteLifecycleHook. +// You can view the lifecycle hooks for an Auto Scaling group using the DescribeLifecycleHooks +// API call. If you are no longer using a lifecycle hook, you can delete it +// by calling the DeleteLifecycleHook API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4234,7 +4469,8 @@ func (c *AutoScaling) PutLifecycleHookRequest(input *PutLifecycleHookInput) (req // * ErrCodeLimitExceededFault "LimitExceeded" // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). -// For more information, see DescribeAccountLimits. +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. // // * ErrCodeResourceContentionFault "ResourceContention" // You already have a pending update to an Amazon EC2 Auto Scaling resource @@ -4317,6 +4553,9 @@ func (c *AutoScaling) PutNotificationConfigurationRequest(input *PutNotification // Scaling Group Scales (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ASGettingNotifications.html) // in the Amazon EC2 Auto Scaling User Guide. // +// If you exceed your maximum limit of SNS topics, which is 10 per Auto Scaling +// group, the call fails. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -4328,7 +4567,8 @@ func (c *AutoScaling) PutNotificationConfigurationRequest(input *PutNotification // * ErrCodeLimitExceededFault "LimitExceeded" // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). -// For more information, see DescribeAccountLimits. +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. // // * ErrCodeResourceContentionFault "ResourceContention" // You already have a pending update to an Amazon EC2 Auto Scaling resource @@ -4403,13 +4643,11 @@ func (c *AutoScaling) PutScalingPolicyRequest(input *PutScalingPolicyInput) (req // PutScalingPolicy API operation for Auto Scaling. // -// Creates or updates a scaling policy for an Auto Scaling group. To update -// an existing scaling policy, use the existing policy name and set the parameters -// to change. Any existing parameter not changed in an update to an existing -// policy is not changed in this update request. +// Creates or updates a scaling policy for an Auto Scaling group. // // For more information about using scaling policies to scale your Auto Scaling -// group automatically, see Dynamic Scaling (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scale-based-on-demand.html) +// group, see Target Tracking Scaling Policies (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-target-tracking.html) +// and Step and Simple Scaling Policies (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4423,7 +4661,8 @@ func (c *AutoScaling) PutScalingPolicyRequest(input *PutScalingPolicyInput) (req // * ErrCodeLimitExceededFault "LimitExceeded" // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). -// For more information, see DescribeAccountLimits. +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. // // * ErrCodeResourceContentionFault "ResourceContention" // You already have a pending update to an Amazon EC2 Auto Scaling resource @@ -4521,7 +4760,8 @@ func (c *AutoScaling) PutScheduledUpdateGroupActionRequest(input *PutScheduledUp // * ErrCodeLimitExceededFault "LimitExceeded" // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). -// For more information, see DescribeAccountLimits. +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. // // * ErrCodeResourceContentionFault "ResourceContention" // You already have a pending update to an Amazon EC2 Auto Scaling resource @@ -4596,7 +4836,7 @@ func (c *AutoScaling) RecordLifecycleActionHeartbeatRequest(input *RecordLifecyc // // Records a heartbeat for the lifecycle action associated with the specified // token or instance. This extends the timeout by the length of time defined -// using PutLifecycleHook. +// using the PutLifecycleHook API call. // // This step is a part of the procedure for adding a lifecycle hook to an Auto // Scaling group: @@ -4789,8 +5029,11 @@ func (c *AutoScaling) SetDesiredCapacityRequest(input *SetDesiredCapacityInput) // // Sets the size of the specified Auto Scaling group. // -// For more information about desired capacity, see What Is Amazon EC2 Auto -// Scaling? (https://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html) +// If a scale-in activity occurs as a result of a new DesiredCapacity value +// that is lower than the current size of the group, the Auto Scaling group +// uses its termination policy to determine which instances to terminate. +// +// For more information, see Manual Scaling (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-manual-scaling.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4966,6 +5209,9 @@ func (c *AutoScaling) SetInstanceProtectionRequest(input *SetInstanceProtectionI // Scaling group from terminating on scale in, see Instance Protection (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) // in the Amazon EC2 Auto Scaling User Guide. // +// If you exceed your maximum limit of instance IDs, which is 50 per Auto Scaling +// group, the call fails. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -4977,7 +5223,8 @@ func (c *AutoScaling) SetInstanceProtectionRequest(input *SetInstanceProtectionI // * ErrCodeLimitExceededFault "LimitExceeded" // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). -// For more information, see DescribeAccountLimits. +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. // // * ErrCodeResourceContentionFault "ResourceContention" // You already have a pending update to an Amazon EC2 Auto Scaling resource @@ -5005,6 +5252,107 @@ func (c *AutoScaling) SetInstanceProtectionWithContext(ctx aws.Context, input *S return out, req.Send() } +const opStartInstanceRefresh = "StartInstanceRefresh" + +// StartInstanceRefreshRequest generates a "aws/request.Request" representing the +// client's request for the StartInstanceRefresh operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartInstanceRefresh for more information on using the StartInstanceRefresh +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartInstanceRefreshRequest method. +// req, resp := client.StartInstanceRefreshRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/StartInstanceRefresh +func (c *AutoScaling) StartInstanceRefreshRequest(input *StartInstanceRefreshInput) (req *request.Request, output *StartInstanceRefreshOutput) { + op := &request.Operation{ + Name: opStartInstanceRefresh, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartInstanceRefreshInput{} + } + + output = &StartInstanceRefreshOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartInstanceRefresh API operation for Auto Scaling. +// +// Starts a new instance refresh operation, which triggers a rolling replacement +// of all previously launched instances in the Auto Scaling group with a new +// group of instances. +// +// If successful, this call creates a new instance refresh request with a unique +// ID that you can use to track its progress. To query its status, call the +// DescribeInstanceRefreshes API. To describe the instance refreshes that have +// already run, call the DescribeInstanceRefreshes API. To cancel an instance +// refresh operation in progress, use the CancelInstanceRefresh API. +// +// For more information, see Replacing Auto Scaling Instances Based on an Instance +// Refresh (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Auto Scaling's +// API operation StartInstanceRefresh for usage and error information. +// +// Returned Error Codes: +// * ErrCodeLimitExceededFault "LimitExceeded" +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) +// in the Amazon EC2 Auto Scaling API Reference. +// +// * ErrCodeResourceContentionFault "ResourceContention" +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). +// +// * ErrCodeInstanceRefreshInProgressFault "InstanceRefreshInProgress" +// The request failed because an active instance refresh operation already exists +// for the specified Auto Scaling group. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/StartInstanceRefresh +func (c *AutoScaling) StartInstanceRefresh(input *StartInstanceRefreshInput) (*StartInstanceRefreshOutput, error) { + req, out := c.StartInstanceRefreshRequest(input) + return out, req.Send() +} + +// StartInstanceRefreshWithContext is the same as StartInstanceRefresh with the addition of +// the ability to pass a context and additional request options. +// +// See StartInstanceRefresh for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *AutoScaling) StartInstanceRefreshWithContext(ctx aws.Context, input *StartInstanceRefreshInput, opts ...request.Option) (*StartInstanceRefreshOutput, error) { + req, out := c.StartInstanceRefreshRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opSuspendProcesses = "SuspendProcesses" // SuspendProcessesRequest generates a "aws/request.Request" representing the @@ -5054,13 +5402,12 @@ func (c *AutoScaling) SuspendProcessesRequest(input *ScalingProcessQuery) (req * // the specified Auto Scaling group. // // If you suspend either the Launch or Terminate process types, it can prevent -// other process types from functioning properly. -// -// To resume processes that have been suspended, use ResumeProcesses. -// -// For more information, see Suspending and Resuming Scaling Processes (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html) +// other process types from functioning properly. For more information, see +// Suspending and Resuming Scaling Processes (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html) // in the Amazon EC2 Auto Scaling User Guide. // +// To resume processes that have been suspended, call the ResumeProcesses API. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -5146,7 +5493,19 @@ func (c *AutoScaling) TerminateInstanceInAutoScalingGroupRequest(input *Terminat // size. // // This call simply makes a termination request. The instance is not terminated -// immediately. +// immediately. When an instance is terminated, the instance status changes +// to terminated. You can't connect to or start an instance after you've terminated +// it. +// +// If you do not specify the option to decrement the desired capacity, Amazon +// EC2 Auto Scaling launches instances to replace the ones that are terminated. +// +// By default, Amazon EC2 Auto Scaling balances instances across all Availability +// Zones. If you decrement the desired capacity, your Auto Scaling group can +// become unbalanced between Availability Zones. Amazon EC2 Auto Scaling tries +// to rebalance the group, and rebalancing might terminate instances in other +// zones. For more information, see Rebalancing Activities (https://docs.aws.amazon.com/autoscaling/ec2/userguide/auto-scaling-benefits.html#AutoScalingBehavior.InstanceUsage) +// in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5253,7 +5612,7 @@ func (c *AutoScaling) UpdateAutoScalingGroupRequest(input *UpdateAutoScalingGrou // // Note the following about changing DesiredCapacity, MaxSize, or MinSize: // -// * If a scale-in event occurs as a result of a new DesiredCapacity value +// * If a scale-in activity occurs as a result of a new DesiredCapacity value // that is lower than the current size of the group, the Auto Scaling group // uses its termination policy to determine which instances to terminate. // @@ -5266,9 +5625,10 @@ func (c *AutoScaling) UpdateAutoScalingGroupRequest(input *UpdateAutoScalingGrou // of the group, this sets the group's DesiredCapacity to the new MaxSize // value. // -// To see which parameters have been set, use DescribeAutoScalingGroups. You -// can also view the scaling policies for an Auto Scaling group using DescribePolicies. -// If the group has scaling policies, you can update them using PutScalingPolicy. +// To see which parameters have been set, call the DescribeAutoScalingGroups +// API. To view the scaling policies for an Auto Scaling group, call the DescribePolicies +// API. If the group has scaling policies, you can update them by calling the +// PutScalingPolicy API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5869,17 +6229,23 @@ type BlockDeviceMapping struct { // DeviceName is a required field DeviceName *string `min:"1" type:"string" required:"true"` - // The information about the Amazon EBS volume. + // Parameters used to automatically set up EBS volumes when an instance is launched. + // + // You can specify either VirtualName or Ebs, but not both. Ebs *Ebs `type:"structure"` - // Suppresses a device mapping. + // Setting this value to true suppresses the specified device included in the + // block device mapping of the AMI. + // + // If NoDevice is true for the root device, instances might fail the EC2 health + // check. In that case, Amazon EC2 Auto Scaling launches replacement instances. // - // If this parameter is true for the root device, the instance might fail the - // EC2 health check. In that case, Amazon EC2 Auto Scaling launches a replacement - // instance. + // If you specify NoDevice, you cannot specify Ebs. NoDevice *bool `type:"boolean"` // The name of the virtual device (for example, ephemeral0). + // + // You can specify either VirtualName or Ebs, but not both. VirtualName *string `min:"1" type:"string"` } @@ -5941,56 +6307,120 @@ func (s *BlockDeviceMapping) SetVirtualName(v string) *BlockDeviceMapping { return s } -type CompleteLifecycleActionInput struct { +type CancelInstanceRefreshInput struct { _ struct{} `type:"structure"` // The name of the Auto Scaling group. // // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` - - // The ID of the instance. - InstanceId *string `min:"1" type:"string"` - - // The action for the group to take. This parameter can be either CONTINUE or - // ABANDON. - // - // LifecycleActionResult is a required field - LifecycleActionResult *string `type:"string" required:"true"` - - // A universally unique identifier (UUID) that identifies a specific lifecycle - // action associated with an instance. Amazon EC2 Auto Scaling sends this token - // to the notification target you specified when you created the lifecycle hook. - LifecycleActionToken *string `min:"36" type:"string"` - - // The name of the lifecycle hook. - // - // LifecycleHookName is a required field - LifecycleHookName *string `min:"1" type:"string" required:"true"` } // String returns the string representation -func (s CompleteLifecycleActionInput) String() string { +func (s CancelInstanceRefreshInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s CompleteLifecycleActionInput) GoString() string { +func (s CancelInstanceRefreshInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CompleteLifecycleActionInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CompleteLifecycleActionInput"} +func (s *CancelInstanceRefreshInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CancelInstanceRefreshInput"} if s.AutoScalingGroupName == nil { invalidParams.Add(request.NewErrParamRequired("AutoScalingGroupName")) } if s.AutoScalingGroupName != nil && len(*s.AutoScalingGroupName) < 1 { invalidParams.Add(request.NewErrParamMinLen("AutoScalingGroupName", 1)) } - if s.InstanceId != nil && len(*s.InstanceId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("InstanceId", 1)) - } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAutoScalingGroupName sets the AutoScalingGroupName field's value. +func (s *CancelInstanceRefreshInput) SetAutoScalingGroupName(v string) *CancelInstanceRefreshInput { + s.AutoScalingGroupName = &v + return s +} + +type CancelInstanceRefreshOutput struct { + _ struct{} `type:"structure"` + + // The instance refresh ID. + InstanceRefreshId *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s CancelInstanceRefreshOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CancelInstanceRefreshOutput) GoString() string { + return s.String() +} + +// SetInstanceRefreshId sets the InstanceRefreshId field's value. +func (s *CancelInstanceRefreshOutput) SetInstanceRefreshId(v string) *CancelInstanceRefreshOutput { + s.InstanceRefreshId = &v + return s +} + +type CompleteLifecycleActionInput struct { + _ struct{} `type:"structure"` + + // The name of the Auto Scaling group. + // + // AutoScalingGroupName is a required field + AutoScalingGroupName *string `min:"1" type:"string" required:"true"` + + // The ID of the instance. + InstanceId *string `min:"1" type:"string"` + + // The action for the group to take. This parameter can be either CONTINUE or + // ABANDON. + // + // LifecycleActionResult is a required field + LifecycleActionResult *string `type:"string" required:"true"` + + // A universally unique identifier (UUID) that identifies a specific lifecycle + // action associated with an instance. Amazon EC2 Auto Scaling sends this token + // to the notification target you specified when you created the lifecycle hook. + LifecycleActionToken *string `min:"36" type:"string"` + + // The name of the lifecycle hook. + // + // LifecycleHookName is a required field + LifecycleHookName *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s CompleteLifecycleActionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CompleteLifecycleActionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CompleteLifecycleActionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CompleteLifecycleActionInput"} + if s.AutoScalingGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("AutoScalingGroupName")) + } + if s.AutoScalingGroupName != nil && len(*s.AutoScalingGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AutoScalingGroupName", 1)) + } + if s.InstanceId != nil && len(*s.InstanceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InstanceId", 1)) + } if s.LifecycleActionResult == nil { invalidParams.Add(request.NewErrParamRequired("LifecycleActionResult")) } @@ -6070,18 +6500,34 @@ type CreateAutoScalingGroupInput struct { // is required to launch instances into EC2-Classic. AvailabilityZones []*string `min:"1" type:"list"` + // Indicates whether capacity rebalance is enabled. Otherwise, capacity rebalance + // is disabled. + // + // You can enable capacity rebalancing for your Auto Scaling groups when using + // Spot Instances. When you turn on capacity rebalancing, Amazon EC2 Auto Scaling + // attempts to launch a Spot Instance whenever Amazon EC2 predicts that a Spot + // Instance is at an elevated risk of interruption. After launching a new instance, + // it then terminates an old instance. For more information, see Amazon EC2 + // Auto Scaling capacity rebalancing (https://docs.aws.amazon.com/autoscaling/ec2/userguide/capacity-rebalance.html) + // in the Amazon EC2 Auto Scaling User Guide. + CapacityRebalance *bool `type:"boolean"` + // The amount of time, in seconds, after a scaling activity completes before // another scaling activity can start. The default value is 300. // - // For more information, see Scaling Cooldowns (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) + // This setting applies when using simple scaling policies, but not when using + // other scaling policies or scheduled scaling. For more information, see Scaling + // Cooldowns for Amazon EC2 Auto Scaling (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) // in the Amazon EC2 Auto Scaling User Guide. DefaultCooldown *int64 `type:"integer"` - // The number of Amazon EC2 instances that the Auto Scaling group attempts to - // maintain. This number must be greater than or equal to the minimum size of - // the group and less than or equal to the maximum size of the group. If you - // do not specify a desired capacity, the default is the minimum size of the - // group. + // The desired capacity is the initial capacity of the Auto Scaling group at + // the time of its creation and the capacity it attempts to maintain. It can + // scale beyond this capacity if you configure automatic scaling. + // + // This number must be greater than or equal to the minimum size of the group + // and less than or equal to the maximum size of the group. If you do not specify + // a desired capacity, the default is the minimum size of the group. DesiredCapacity *int64 `type:"integer"` // The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before @@ -6092,7 +6538,7 @@ type CreateAutoScalingGroupInput struct { // For more information, see Health Check Grace Period (https://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html#health-check-grace-period) // in the Amazon EC2 Auto Scaling User Guide. // - // Conditional: This parameter is required if you are adding an ELB health check. + // Required if you are adding an ELB health check. HealthCheckGracePeriod *int64 `type:"integer"` // The service to use for the health checks. The valid values are EC2 and ELB. @@ -6105,33 +6551,38 @@ type CreateAutoScalingGroupInput struct { HealthCheckType *string `min:"1" type:"string"` // The ID of the instance used to create a launch configuration for the group. + // To get the instance ID, use the Amazon EC2 DescribeInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) + // API operation. // // When you specify an ID of an instance, Amazon EC2 Auto Scaling creates a // new launch configuration and associates it with the group. This launch configuration // derives its attributes from the specified instance, except for the block // device mapping. // - // For more information, see Create an Auto Scaling Group Using an EC2 Instance - // (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-from-instance.html) - // in the Amazon EC2 Auto Scaling User Guide. - // // You must specify one of the following parameters in your request: LaunchConfigurationName, // LaunchTemplate, InstanceId, or MixedInstancesPolicy. InstanceId *string `min:"1" type:"string"` - // The name of the launch configuration. + // The name of the launch configuration to use when an instance is launched. + // To get the launch configuration name, use the DescribeLaunchConfigurations + // API operation. New launch configurations can be created with the CreateLaunchConfiguration + // API. // - // If you do not specify LaunchConfigurationName, you must specify one of the - // following parameters: InstanceId, LaunchTemplate, or MixedInstancesPolicy. + // You must specify one of the following parameters in your request: LaunchConfigurationName, + // LaunchTemplate, InstanceId, or MixedInstancesPolicy. LaunchConfigurationName *string `min:"1" type:"string"` - // The launch template to use to launch instances. + // Parameters used to specify the launch template and version to use when an + // instance is launched. // // For more information, see LaunchTemplateSpecification (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_LaunchTemplateSpecification.html) // in the Amazon EC2 Auto Scaling API Reference. // - // If you do not specify LaunchTemplate, you must specify one of the following - // parameters: InstanceId, LaunchConfigurationName, or MixedInstancesPolicy. + // You can alternatively associate a launch template to the Auto Scaling group + // by using the MixedInstancesPolicy parameter. + // + // You must specify one of the following parameters in your request: LaunchConfigurationName, + // LaunchTemplate, InstanceId, or MixedInstancesPolicy. LaunchTemplate *LaunchTemplateSpecification `type:"structure"` // One or more lifecycle hooks. @@ -6147,12 +6598,27 @@ type CreateAutoScalingGroupInput struct { LoadBalancerNames []*string `type:"list"` // The maximum amount of time, in seconds, that an instance can be in service. + // The default is null. + // + // This parameter is optional, but if you specify a value for it, you must specify + // a value of at least 604,800 seconds (7 days). To clear a previously set value, + // specify a new value of 0. + // + // For more information, see Replacing Auto Scaling Instances Based on Maximum + // Instance Lifetime (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-max-instance-lifetime.html) + // in the Amazon EC2 Auto Scaling User Guide. // - // Valid Range: Minimum value of 604800. + // Valid Range: Minimum value of 0. MaxInstanceLifetime *int64 `type:"integer"` // The maximum size of the group. // + // With a mixed instances policy that uses instance weighting, Amazon EC2 Auto + // Scaling may need to go above MaxSize to meet your capacity requirements. + // In this event, Amazon EC2 Auto Scaling will never go above MaxSize by more + // than your largest instance weight (weights that define how many units each + // instance contributes to the desired capacity of the group). + // // MaxSize is a required field MaxSize *int64 `type:"integer" required:"true"` @@ -6203,7 +6669,14 @@ type CreateAutoScalingGroupInput struct { // in the Amazon EC2 Auto Scaling User Guide. ServiceLinkedRoleARN *string `min:"1" type:"string"` - // One or more tags. + // One or more tags. You can tag your Auto Scaling group and propagate the tags + // to the Amazon EC2 instances it launches. + // + // Tags are not propagated to Amazon EBS volumes. To add tags to Amazon EBS + // volumes, specify the tags in a launch template but use caution. If the launch + // template specifies an instance tag with a key that is also specified for + // the Auto Scaling group, Amazon EC2 Auto Scaling overrides the value of that + // instance tag with the value specified by the Auto Scaling group. // // For more information, see Tagging Auto Scaling Groups and Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html) // in the Amazon EC2 Auto Scaling User Guide. @@ -6331,6 +6804,12 @@ func (s *CreateAutoScalingGroupInput) SetAvailabilityZones(v []*string) *CreateA return s } +// SetCapacityRebalance sets the CapacityRebalance field's value. +func (s *CreateAutoScalingGroupInput) SetCapacityRebalance(v bool) *CreateAutoScalingGroupInput { + s.CapacityRebalance = &v + return s +} + // SetDefaultCooldown sets the DefaultCooldown field's value. func (s *CreateAutoScalingGroupInput) SetDefaultCooldown(v int64) *CreateAutoScalingGroupInput { s.DefaultCooldown = &v @@ -6559,7 +7038,7 @@ type CreateLaunchConfigurationInput struct { // When detailed monitoring is enabled, Amazon CloudWatch generates metrics // every minute and your account is charged a fee. When you disable detailed // monitoring, CloudWatch generates metrics every 5 minutes. For more information, - // see Configure Monitoring for Auto Scaling Instances (https://docs.aws.amazon.com/autoscaling/latest/userguide/as-instance-monitoring.html#enable-as-instance-metrics) + // see Configure Monitoring for Auto Scaling Instances (https://docs.aws.amazon.com/autoscaling/latest/userguide/enable-as-instance-metrics.html) // in the Amazon EC2 Auto Scaling User Guide. InstanceMonitoring *InstanceMonitoring `type:"structure"` @@ -6586,6 +7065,11 @@ type CreateLaunchConfigurationInput struct { // LaunchConfigurationName is a required field LaunchConfigurationName *string `min:"1" type:"string" required:"true"` + // The metadata options for the instances. For more information, see Configuring + // the Instance Metadata Options (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-config.html#launch-configurations-imds) + // in the Amazon EC2 Auto Scaling User Guide. + MetadataOptions *InstanceMetadataOptions `type:"structure"` + // The tenancy of the instance. An instance with dedicated tenancy runs on isolated, // single-tenant hardware and can only be launched into a VPC. // @@ -6693,6 +7177,11 @@ func (s *CreateLaunchConfigurationInput) Validate() error { } } } + if s.MetadataOptions != nil { + if err := s.MetadataOptions.Validate(); err != nil { + invalidParams.AddNested("MetadataOptions", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -6778,6 +7267,12 @@ func (s *CreateLaunchConfigurationInput) SetLaunchConfigurationName(v string) *C return s } +// SetMetadataOptions sets the MetadataOptions field's value. +func (s *CreateLaunchConfigurationInput) SetMetadataOptions(v *InstanceMetadataOptions) *CreateLaunchConfigurationInput { + s.MetadataOptions = v + return s +} + // SetPlacementTenancy sets the PlacementTenancy field's value. func (s *CreateLaunchConfigurationInput) SetPlacementTenancy(v string) *CreateLaunchConfigurationInput { s.PlacementTenancy = &v @@ -7482,12 +7977,12 @@ func (s DescribeAccountLimitsInput) GoString() string { type DescribeAccountLimitsOutput struct { _ struct{} `type:"structure"` - // The maximum number of groups allowed for your AWS account. The default limit - // is 200 per AWS Region. + // The maximum number of groups allowed for your AWS account. The default is + // 200 groups per AWS Region. MaxNumberOfAutoScalingGroups *int64 `type:"integer"` // The maximum number of launch configurations allowed for your AWS account. - // The default limit is 200 per AWS Region. + // The default is 200 launch configurations per AWS Region. MaxNumberOfLaunchConfigurations *int64 `type:"integer"` // The current number of groups for your AWS account. @@ -7769,6 +8264,111 @@ func (s *DescribeAutoScalingNotificationTypesOutput) SetAutoScalingNotificationT return s } +type DescribeInstanceRefreshesInput struct { + _ struct{} `type:"structure"` + + // The name of the Auto Scaling group. + // + // AutoScalingGroupName is a required field + AutoScalingGroupName *string `min:"1" type:"string" required:"true"` + + // One or more instance refresh IDs. + InstanceRefreshIds []*string `type:"list"` + + // The maximum number of items to return with this call. The default value is + // 50 and the maximum value is 100. + MaxRecords *int64 `type:"integer"` + + // The token for the next set of items to return. (You received this token from + // a previous call.) + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeInstanceRefreshesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstanceRefreshesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceRefreshesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceRefreshesInput"} + if s.AutoScalingGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("AutoScalingGroupName")) + } + if s.AutoScalingGroupName != nil && len(*s.AutoScalingGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AutoScalingGroupName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAutoScalingGroupName sets the AutoScalingGroupName field's value. +func (s *DescribeInstanceRefreshesInput) SetAutoScalingGroupName(v string) *DescribeInstanceRefreshesInput { + s.AutoScalingGroupName = &v + return s +} + +// SetInstanceRefreshIds sets the InstanceRefreshIds field's value. +func (s *DescribeInstanceRefreshesInput) SetInstanceRefreshIds(v []*string) *DescribeInstanceRefreshesInput { + s.InstanceRefreshIds = v + return s +} + +// SetMaxRecords sets the MaxRecords field's value. +func (s *DescribeInstanceRefreshesInput) SetMaxRecords(v int64) *DescribeInstanceRefreshesInput { + s.MaxRecords = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceRefreshesInput) SetNextToken(v string) *DescribeInstanceRefreshesInput { + s.NextToken = &v + return s +} + +type DescribeInstanceRefreshesOutput struct { + _ struct{} `type:"structure"` + + // The instance refreshes for the specified group. + InstanceRefreshes []*InstanceRefresh `type:"list"` + + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeInstanceRefreshesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstanceRefreshesOutput) GoString() string { + return s.String() +} + +// SetInstanceRefreshes sets the InstanceRefreshes field's value. +func (s *DescribeInstanceRefreshesOutput) SetInstanceRefreshes(v []*InstanceRefresh) *DescribeInstanceRefreshesOutput { + s.InstanceRefreshes = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceRefreshesOutput) SetNextToken(v string) *DescribeInstanceRefreshesOutput { + s.NextToken = &v + return s +} + type DescribeLaunchConfigurationsInput struct { _ struct{} `type:"structure"` @@ -9011,8 +9611,7 @@ type DisableMetricsCollectionInput struct { // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` - // One or more of the following metrics. If you omit this parameter, all metrics - // are disabled. + // Specifies one or more of the following metrics: // // * GroupMinSize // @@ -9029,6 +9628,18 @@ type DisableMetricsCollectionInput struct { // * GroupTerminatingInstances // // * GroupTotalInstances + // + // * GroupInServiceCapacity + // + // * GroupPendingCapacity + // + // * GroupStandbyCapacity + // + // * GroupTerminatingCapacity + // + // * GroupTotalCapacity + // + // If you omit this parameter, all metrics are disabled. Metrics []*string `type:"list"` } @@ -9084,7 +9695,8 @@ func (s DisableMetricsCollectionOutput) GoString() string { return s.String() } -// Describes an Amazon EBS volume. Used in combination with BlockDeviceMapping. +// Describes information used to set up an Amazon EBS volume specified in a +// block device mapping. type Ebs struct { _ struct{} `type:"structure"` @@ -9122,15 +9734,13 @@ type Ebs struct { // see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon EC2 User Guide for Linux Instances. // - // Conditional: This parameter is required when the volume type is io1. (Not - // used with standard, gp2, st1, or sc1 volumes.) + // Required when the volume type is io1. (Not used with standard, gp2, st1, + // or sc1 volumes.) Iops *int64 `min:"100" type:"integer"` // The snapshot ID of the volume to use. // - // Conditional: This parameter is optional if you specify a volume size. If - // you specify both SnapshotId and VolumeSize, VolumeSize must be equal or greater - // than the size of the snapshot. + // You must specify either a VolumeSize or a SnapshotId. SnapshotId *string `min:"1" type:"string"` // The volume size, in Gibibytes (GiB). @@ -9142,7 +9752,9 @@ type Ebs struct { // Default: If you create a volume from a snapshot and you don't specify a volume // size, the default is the snapshot size. // - // At least one of VolumeSize or SnapshotId is required. + // You must specify either a VolumeSize or a SnapshotId. If you specify both + // SnapshotId and VolumeSize, the volume size must be equal or greater than + // the size of the snapshot. VolumeSize *int64 `min:"1" type:"integer"` // The volume type, which can be standard for Magnetic, io1 for Provisioned @@ -9236,8 +9848,8 @@ type EnableMetricsCollectionInput struct { // Granularity is a required field Granularity *string `min:"1" type:"string" required:"true"` - // One or more of the following metrics. If you omit this parameter, all metrics - // are enabled. + // Specifies which group-level metrics to start collecting. You can specify + // one or more of the following metrics: // // * GroupMinSize // @@ -9254,6 +9866,20 @@ type EnableMetricsCollectionInput struct { // * GroupTerminatingInstances // // * GroupTotalInstances + // + // The instance weighting feature supports the following additional metrics: + // + // * GroupInServiceCapacity + // + // * GroupPendingCapacity + // + // * GroupStandbyCapacity + // + // * GroupTerminatingCapacity + // + // * GroupTotalCapacity + // + // If you omit this parameter, all metrics are enabled. Metrics []*string `type:"list"` } @@ -9345,6 +9971,16 @@ type EnabledMetric struct { // * GroupTerminatingInstances // // * GroupTotalInstances + // + // * GroupInServiceCapacity + // + // * GroupPendingCapacity + // + // * GroupStandbyCapacity + // + // * GroupTerminatingCapacity + // + // * GroupTotalCapacity Metric *string `min:"1" type:"string"` } @@ -9466,16 +10102,14 @@ type ExecutePolicyInput struct { // The breach threshold for the alarm. // - // Conditional: This parameter is required if the policy type is StepScaling - // and not supported otherwise. + // Required if the policy type is StepScaling and not supported otherwise. BreachThreshold *float64 `type:"double"` // Indicates whether Amazon EC2 Auto Scaling waits for the cooldown period to // complete before executing the policy. // - // This parameter is not supported if the policy type is StepScaling or TargetTrackingScaling. - // - // For more information, see Scaling Cooldowns (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) + // Valid only if the policy type is SimpleScaling. For more information, see + // Scaling Cooldowns for Amazon EC2 Auto Scaling (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) // in the Amazon EC2 Auto Scaling User Guide. HonorCooldown *bool `type:"boolean"` @@ -9488,8 +10122,7 @@ type ExecutePolicyInput struct { // If you specify a metric value that doesn't correspond to a step adjustment // for the policy, the call returns an error. // - // Conditional: This parameter is required if the policy type is StepScaling - // and not supported otherwise. + // Required if the policy type is StepScaling and not supported otherwise. MetricValue *float64 `type:"double"` // The name or ARN of the policy. @@ -9688,15 +10321,19 @@ func (s *FailedScheduledUpdateGroupActionRequest) SetScheduledActionName(v strin return s } -// Describes a filter. +// Describes a filter that is used to return a more specific list of results +// when describing tags. +// +// For more information, see Tagging Auto Scaling Groups and Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html) +// in the Amazon EC2 Auto Scaling User Guide. type Filter struct { _ struct{} `type:"structure"` - // The name of the filter. The valid values are: "auto-scaling-group", "key", - // "value", and "propagate-at-launch". + // The name of the filter. The valid values are: auto-scaling-group, key, value, + // and propagate-at-launch. Name *string `type:"string"` - // The value of the filter. + // One or more filter values. Filter values are case-sensitive. Values []*string `type:"list"` } @@ -9739,13 +10376,15 @@ type Group struct { // AvailabilityZones is a required field AvailabilityZones []*string `min:"1" type:"list" required:"true"` + // Indicates whether capacity rebalance is enabled. + CapacityRebalance *bool `type:"boolean"` + // The date and time the group was created. // // CreatedTime is a required field CreatedTime *time.Time `type:"timestamp" required:"true"` - // The amount of time, in seconds, after a scaling activity completes before - // another scaling activity can start. + // The duration of the default cooldown period, in seconds. // // DefaultCooldown is a required field DefaultCooldown *int64 `type:"integer" required:"true"` @@ -9784,7 +10423,7 @@ type Group struct { // The maximum amount of time, in seconds, that an instance can be in service. // - // Valid Range: Minimum value of 604800. + // Valid Range: Minimum value of 0. MaxInstanceLifetime *int64 `type:"integer"` // The maximum size of the group. @@ -9811,7 +10450,8 @@ type Group struct { // group uses to call other AWS services on your behalf. ServiceLinkedRoleARN *string `min:"1" type:"string"` - // The current state of the group when DeleteAutoScalingGroup is in progress. + // The current state of the group when the DeleteAutoScalingGroup operation + // is in progress. Status *string `min:"1" type:"string"` // The suspended processes associated with the group. @@ -9858,6 +10498,12 @@ func (s *Group) SetAvailabilityZones(v []*string) *Group { return s } +// SetCapacityRebalance sets the CapacityRebalance field's value. +func (s *Group) SetCapacityRebalance(v bool) *Group { + s.CapacityRebalance = &v + return s +} + // SetCreatedTime sets the CreatedTime field's value. func (s *Group) SetCreatedTime(v time.Time) *Group { s.CreatedTime = &v @@ -10235,6 +10881,84 @@ func (s *InstanceDetails) SetWeightedCapacity(v string) *InstanceDetails { return s } +// The metadata options for the instances. For more information, see Configuring +// the Instance Metadata Options (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-config.html#launch-configurations-imds) +// in the Amazon EC2 Auto Scaling User Guide. +type InstanceMetadataOptions struct { + _ struct{} `type:"structure"` + + // This parameter enables or disables the HTTP metadata endpoint on your instances. + // If the parameter is not specified, the default state is enabled. + // + // If you specify a value of disabled, you will not be able to access your instance + // metadata. + HttpEndpoint *string `type:"string" enum:"InstanceMetadataEndpointState"` + + // The desired HTTP PUT response hop limit for instance metadata requests. The + // larger the number, the further instance metadata requests can travel. + // + // Default: 1 + // + // Possible values: Integers from 1 to 64 + HttpPutResponseHopLimit *int64 `min:"1" type:"integer"` + + // The state of token usage for your instance metadata requests. If the parameter + // is not specified in the request, the default state is optional. + // + // If the state is optional, you can choose to retrieve instance metadata with + // or without a signed token header on your request. If you retrieve the IAM + // role credentials without a token, the version 1.0 role credentials are returned. + // If you retrieve the IAM role credentials using a valid signed token, the + // version 2.0 role credentials are returned. + // + // If the state is required, you must send a signed token header with any instance + // metadata retrieval requests. In this state, retrieving the IAM role credentials + // always returns the version 2.0 credentials; the version 1.0 credentials are + // not available. + HttpTokens *string `type:"string" enum:"InstanceMetadataHttpTokensState"` +} + +// String returns the string representation +func (s InstanceMetadataOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceMetadataOptions) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *InstanceMetadataOptions) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "InstanceMetadataOptions"} + if s.HttpPutResponseHopLimit != nil && *s.HttpPutResponseHopLimit < 1 { + invalidParams.Add(request.NewErrParamMinValue("HttpPutResponseHopLimit", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetHttpEndpoint sets the HttpEndpoint field's value. +func (s *InstanceMetadataOptions) SetHttpEndpoint(v string) *InstanceMetadataOptions { + s.HttpEndpoint = &v + return s +} + +// SetHttpPutResponseHopLimit sets the HttpPutResponseHopLimit field's value. +func (s *InstanceMetadataOptions) SetHttpPutResponseHopLimit(v int64) *InstanceMetadataOptions { + s.HttpPutResponseHopLimit = &v + return s +} + +// SetHttpTokens sets the HttpTokens field's value. +func (s *InstanceMetadataOptions) SetHttpTokens(v string) *InstanceMetadataOptions { + s.HttpTokens = &v + return s +} + // Describes whether detailed monitoring is enabled for the Auto Scaling instances. type InstanceMonitoring struct { _ struct{} `type:"structure"` @@ -10259,8 +10983,115 @@ func (s *InstanceMonitoring) SetEnabled(v bool) *InstanceMonitoring { return s } -// Describes an instances distribution for an Auto Scaling group with MixedInstancesPolicy. -// +// Describes an instance refresh for an Auto Scaling group. +type InstanceRefresh struct { + _ struct{} `type:"structure"` + + // The name of the Auto Scaling group. + AutoScalingGroupName *string `min:"1" type:"string"` + + // The date and time at which the instance refresh ended. + EndTime *time.Time `type:"timestamp"` + + // The instance refresh ID. + InstanceRefreshId *string `min:"1" type:"string"` + + // The number of instances remaining to update before the instance refresh is + // complete. + InstancesToUpdate *int64 `type:"integer"` + + // The percentage of the instance refresh that is complete. For each instance + // replacement, Amazon EC2 Auto Scaling tracks the instance's health status + // and warm-up time. When the instance's health status changes to healthy and + // the specified warm-up time passes, the instance is considered updated and + // added to the percentage complete. + PercentageComplete *int64 `type:"integer"` + + // The date and time at which the instance refresh began. + StartTime *time.Time `type:"timestamp"` + + // The current status for the instance refresh operation: + // + // * Pending - The request was created, but the operation has not started. + // + // * InProgress - The operation is in progress. + // + // * Successful - The operation completed successfully. + // + // * Failed - The operation failed to complete. You can troubleshoot using + // the status reason and the scaling activities. + // + // * Cancelling - An ongoing operation is being cancelled. Cancellation does + // not roll back any replacements that have already been completed, but it + // prevents new replacements from being started. + // + // * Cancelled - The operation is cancelled. + Status *string `type:"string" enum:"InstanceRefreshStatus"` + + // Provides more details about the current status of the instance refresh. + StatusReason *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s InstanceRefresh) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceRefresh) GoString() string { + return s.String() +} + +// SetAutoScalingGroupName sets the AutoScalingGroupName field's value. +func (s *InstanceRefresh) SetAutoScalingGroupName(v string) *InstanceRefresh { + s.AutoScalingGroupName = &v + return s +} + +// SetEndTime sets the EndTime field's value. +func (s *InstanceRefresh) SetEndTime(v time.Time) *InstanceRefresh { + s.EndTime = &v + return s +} + +// SetInstanceRefreshId sets the InstanceRefreshId field's value. +func (s *InstanceRefresh) SetInstanceRefreshId(v string) *InstanceRefresh { + s.InstanceRefreshId = &v + return s +} + +// SetInstancesToUpdate sets the InstancesToUpdate field's value. +func (s *InstanceRefresh) SetInstancesToUpdate(v int64) *InstanceRefresh { + s.InstancesToUpdate = &v + return s +} + +// SetPercentageComplete sets the PercentageComplete field's value. +func (s *InstanceRefresh) SetPercentageComplete(v int64) *InstanceRefresh { + s.PercentageComplete = &v + return s +} + +// SetStartTime sets the StartTime field's value. +func (s *InstanceRefresh) SetStartTime(v time.Time) *InstanceRefresh { + s.StartTime = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *InstanceRefresh) SetStatus(v string) *InstanceRefresh { + s.Status = &v + return s +} + +// SetStatusReason sets the StatusReason field's value. +func (s *InstanceRefresh) SetStatusReason(v string) *InstanceRefresh { + s.StatusReason = &v + return s +} + +// Describes an instances distribution for an Auto Scaling group with a MixedInstancesPolicy. +// // The instances distribution specifies the distribution of On-Demand Instances // and Spot Instances, the maximum price to pay for Spot Instances, and how // the Auto Scaling group allocates instance types to fulfill On-Demand and @@ -10460,7 +11291,7 @@ type LaunchConfiguration struct { // or basic (false) monitoring. // // For more information, see Configure Monitoring for Auto Scaling Instances - // (https://docs.aws.amazon.com/autoscaling/latest/userguide/as-instance-monitoring.html#enable-as-instance-metrics) + // (https://docs.aws.amazon.com/autoscaling/latest/userguide/enable-as-instance-metrics.html) // in the Amazon EC2 Auto Scaling User Guide. InstanceMonitoring *InstanceMonitoring `type:"structure"` @@ -10490,6 +11321,11 @@ type LaunchConfiguration struct { // LaunchConfigurationName is a required field LaunchConfigurationName *string `min:"1" type:"string" required:"true"` + // The metadata options for the instances. For more information, see Configuring + // the Instance Metadata Options (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-config.html#launch-configurations-imds) + // in the Amazon EC2 Auto Scaling User Guide. + MetadataOptions *InstanceMetadataOptions `type:"structure"` + // The tenancy of the instance, either default or dedicated. An instance with // dedicated tenancy runs on isolated, single-tenant hardware and can only be // launched into a VPC. @@ -10618,6 +11454,12 @@ func (s *LaunchConfiguration) SetLaunchConfigurationName(v string) *LaunchConfig return s } +// SetMetadataOptions sets the MetadataOptions field's value. +func (s *LaunchConfiguration) SetMetadataOptions(v *InstanceMetadataOptions) *LaunchConfiguration { + s.MetadataOptions = v + return s +} + // SetPlacementTenancy sets the PlacementTenancy field's value. func (s *LaunchConfiguration) SetPlacementTenancy(v string) *LaunchConfiguration { s.PlacementTenancy = &v @@ -10665,9 +11507,12 @@ type LaunchTemplate struct { // or launch template name in the request. LaunchTemplateSpecification *LaunchTemplateSpecification `type:"structure"` - // An optional setting. Any parameters that you specify override the same parameters - // in the launch template. Currently, the only supported override is instance - // type. You can specify between 1 and 20 instance types. + // Any parameters that you specify override the same parameters in the launch + // template. Currently, the only supported override is instance type. You can + // specify between 1 and 20 instance types. + // + // If not provided, Amazon EC2 Auto Scaling will use the instance type specified + // in the launch template to launch instances. Overrides []*LaunchTemplateOverrides `type:"list"` } @@ -10718,11 +11563,16 @@ func (s *LaunchTemplate) SetOverrides(v []*LaunchTemplateOverrides) *LaunchTempl return s } -// Describes an override for a launch template. +// Describes an override for a launch template. Currently, the only supported +// override is instance type. +// +// The maximum number of instance type overrides that can be associated with +// an Auto Scaling group is 20. type LaunchTemplateOverrides struct { _ struct{} `type:"structure"` - // The instance type. + // The instance type. You must use an instance type that is supported in your + // requested Region and Availability Zones. // // For information about available instance types, see Available Instance Types // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#AvailableInstanceTypes) @@ -10735,6 +11585,10 @@ type LaunchTemplateOverrides struct { // you chose to set the desired capacity in terms of instances, or a performance // attribute such as vCPUs, memory, or I/O. // + // For more information, see Instance Weighting for Amazon EC2 Auto Scaling + // (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) + // in the Amazon EC2 Auto Scaling User Guide. + // // Valid Range: Minimum value of 1. Maximum value of 999. WeightedCapacity *string `min:"1" type:"string"` } @@ -10777,7 +11631,8 @@ func (s *LaunchTemplateOverrides) SetWeightedCapacity(v string) *LaunchTemplateO return s } -// Describes a launch template and the launch template version. +// Describes the Amazon EC2 launch template and the launch template version +// that can be used by an Auto Scaling group to configure Amazon EC2 instances. // // The launch template that is specified must be configured for use with an // Auto Scaling group. For more information, see Creating a Launch Template @@ -10786,19 +11641,34 @@ func (s *LaunchTemplateOverrides) SetWeightedCapacity(v string) *LaunchTemplateO type LaunchTemplateSpecification struct { _ struct{} `type:"structure"` - // The ID of the launch template. You must specify either a template ID or a - // template name. + // The ID of the launch template. To get the template ID, use the Amazon EC2 + // DescribeLaunchTemplates (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html) + // API operation. New launch templates can be created using the Amazon EC2 CreateLaunchTemplate + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLaunchTemplate.html) + // API. + // + // You must specify either a template ID or a template name. LaunchTemplateId *string `min:"1" type:"string"` - // The name of the launch template. You must specify either a template name - // or a template ID. + // The name of the launch template. To get the template name, use the Amazon + // EC2 DescribeLaunchTemplates (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html) + // API operation. New launch templates can be created using the Amazon EC2 CreateLaunchTemplate + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLaunchTemplate.html) + // API. + // + // You must specify either a template ID or a template name. LaunchTemplateName *string `min:"3" type:"string"` - // The version number, $Latest, or $Default. If the value is $Latest, Amazon - // EC2 Auto Scaling selects the latest version of the launch template when launching - // instances. If the value is $Default, Amazon EC2 Auto Scaling selects the - // default version of the launch template when launching instances. The default - // value is $Default. + // The version number, $Latest, or $Default. To get the version number, use + // the Amazon EC2 DescribeLaunchTemplateVersions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplateVersions.html) + // API operation. New launch template versions can be created using the Amazon + // EC2 CreateLaunchTemplateVersion (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLaunchTemplateVersion.html) + // API. + // + // If the value is $Latest, Amazon EC2 Auto Scaling selects the latest version + // of the launch template when launching instances. If the value is $Default, + // Amazon EC2 Auto Scaling selects the default version of the launch template + // when launching instances. The default value is $Default. Version *string `min:"1" type:"string"` } @@ -10851,7 +11721,6 @@ func (s *LaunchTemplateSpecification) SetVersion(v string) *LaunchTemplateSpecif // Describes a lifecycle hook, which tells Amazon EC2 Auto Scaling that you // want to perform an action whenever it launches instances or terminates instances. -// Used in response to DescribeLifecycleHooks. type LifecycleHook struct { _ struct{} `type:"structure"` @@ -10962,7 +11831,8 @@ func (s *LifecycleHook) SetRoleARN(v string) *LifecycleHook { return s } -// Describes a lifecycle hook. Used in combination with CreateAutoScalingGroup. +// Describes information used to specify a lifecycle hook for an Auto Scaling +// group. // // A lifecycle hook tells Amazon EC2 Auto Scaling to perform an action on an // instance when the instance launches (before it is put into service) or as @@ -10983,18 +11853,12 @@ func (s *LifecycleHook) SetRoleARN(v string) *LifecycleHook { // launch or terminate. // // If you need more time, record the lifecycle action heartbeat to keep the -// instance in a pending state using RecordLifecycleActionHeartbeat. +// instance in a pending state. // -// If you finish before the timeout period ends, complete the lifecycle action -// using CompleteLifecycleAction. +// If you finish before the timeout period ends, complete the lifecycle action. // // For more information, see Amazon EC2 Auto Scaling Lifecycle Hooks (https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) // in the Amazon EC2 Auto Scaling User Guide. -// -// You can view the lifecycle hooks for an Auto Scaling group using DescribeLifecycleHooks. -// You can modify an existing lifecycle hook or create new lifecycle hooks using -// PutLifecycleHook. If you are no longer using a lifecycle hook, you can delete -// it using DeleteLifecycleHook. type LifecycleHookSpecification struct { _ struct{} `type:"structure"` @@ -11253,6 +12117,16 @@ type MetricCollectionType struct { // * GroupTerminatingInstances // // * GroupTotalInstances + // + // * GroupInServiceCapacity + // + // * GroupPendingCapacity + // + // * GroupStandbyCapacity + // + // * GroupTerminatingCapacity + // + // * GroupTotalCapacity Metric *string `min:"1" type:"string"` } @@ -11359,7 +12233,8 @@ func (s *MetricGranularityType) SetGranularity(v string) *MetricGranularityType // You can create a mixed instances policy for a new Auto Scaling group, or // you can create it for an existing group by updating the group to specify // MixedInstancesPolicy as the top-level parameter instead of a launch configuration -// or template. For more information, see CreateAutoScalingGroup and UpdateAutoScalingGroup. +// or launch template. For more information, see CreateAutoScalingGroup and +// UpdateAutoScalingGroup. type MixedInstancesPolicy struct { _ struct{} `type:"structure"` @@ -11371,7 +12246,7 @@ type MixedInstancesPolicy struct { // The launch template and instance types (overrides). // - // This parameter must be specified when creating a mixed instances policy. + // Required when creating a mixed instances policy. LaunchTemplate *LaunchTemplate `type:"structure"` } @@ -11491,14 +12366,24 @@ type PredefinedMetricSpecification struct { // a resource label unless the metric type is ALBRequestCountPerTarget and there // is a target group attached to the Auto Scaling group. // - // The format is app/load-balancer-name/load-balancer-id/targetgroup/target-group-name/target-group-id - // , where + // You create the resource label by appending the final portion of the load + // balancer ARN and the final portion of the target group ARN into a single + // value, separated by a forward slash (/). The format is app///targetgroup//, + // where: + // + // * app// is the final portion of + // the load balancer ARN + // + // * targetgroup// is the final portion + // of the target group ARN. // - // * app/load-balancer-name/load-balancer-id is the final portion of the - // load balancer ARN, and + // This is an example: app/EC2Co-EcsEl-1TKLTMITMM0EO/f37c06a68c1748aa/targetgroup/EC2Co-Defau-LDNM7Q3ZH1ZN/6d4ea56ca2d6a18d. // - // * targetgroup/target-group-name/target-group-id is the final portion of - // the target group ARN. + // To find the ARN for an Application Load Balancer, use the DescribeLoadBalancers + // (https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) + // API operation. To find the ARN for the target group, use the DescribeTargetGroups + // (https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) + // API operation. ResourceLabel *string `min:"1" type:"string"` } @@ -11561,6 +12446,8 @@ type ProcessType struct { // // * HealthCheck // + // * InstanceRefresh + // // * ReplaceUnhealthy // // * ScheduledActions @@ -11604,7 +12491,7 @@ type PutLifecycleHookInput struct { // // If the lifecycle hook times out, Amazon EC2 Auto Scaling performs the action // that you specified in the DefaultResult parameter. You can prevent the lifecycle - // hook from timing out by calling RecordLifecycleActionHeartbeat. + // hook from timing out by calling the RecordLifecycleActionHeartbeat API. HeartbeatTimeout *int64 `type:"integer"` // The name of the lifecycle hook. @@ -11619,8 +12506,7 @@ type PutLifecycleHookInput struct { // // * autoscaling:EC2_INSTANCE_TERMINATING // - // Conditional: This parameter is required for new lifecycle hooks, but optional - // when updating existing hooks. + // Required for new lifecycle hooks, but optional when updating existing hooks. LifecycleTransition *string `type:"string"` // Additional information that you want to include any time Amazon EC2 Auto @@ -11646,8 +12532,7 @@ type PutLifecycleHookInput struct { // the specified notification target, for example, an Amazon SNS topic or an // Amazon SQS queue. // - // Conditional: This parameter is required for new lifecycle hooks, but optional - // when updating existing hooks. + // Required for new lifecycle hooks, but optional when updating existing hooks. RoleARN *string `min:"1" type:"string"` } @@ -11759,8 +12644,9 @@ type PutNotificationConfigurationInput struct { // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` - // The type of event that causes the notification to be sent. For more information - // about notification types supported by Amazon EC2 Auto Scaling, see DescribeAutoScalingNotificationTypes. + // The type of event that causes the notification to be sent. To query the notification + // types supported by Amazon EC2 Auto Scaling, call the DescribeAutoScalingNotificationTypes + // API. // // NotificationTypes is a required field NotificationTypes []*string `type:"list" required:"true"` @@ -11842,11 +12728,11 @@ func (s PutNotificationConfigurationOutput) GoString() string { type PutScalingPolicyInput struct { _ struct{} `type:"structure"` - // Specifies whether the ScalingAdjustment parameter is an absolute number or - // a percentage of the current capacity. The valid values are ChangeInCapacity, - // ExactCapacity, and PercentChangeInCapacity. + // Specifies how the scaling adjustment is interpreted (for example, an absolute + // number or a percentage). The valid values are ChangeInCapacity, ExactCapacity, + // and PercentChangeInCapacity. // - // Valid only if the policy type is StepScaling or SimpleScaling. For more information, + // Required if the policy type is StepScaling or SimpleScaling. For more information, // see Scaling Adjustment Types (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html#as-scaling-adjustment) // in the Amazon EC2 Auto Scaling User Guide. AdjustmentType *string `min:"1" type:"string"` @@ -11856,20 +12742,26 @@ type PutScalingPolicyInput struct { // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` - // The amount of time, in seconds, after a scaling activity completes before - // any further dynamic scaling activities can start. If this parameter is not - // specified, the default cooldown period for the group applies. + // The duration of the policy's cooldown period, in seconds. When a cooldown + // period is specified here, it overrides the default cooldown period defined + // for the Auto Scaling group. // // Valid only if the policy type is SimpleScaling. For more information, see - // Scaling Cooldowns (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) + // Scaling Cooldowns for Amazon EC2 Auto Scaling (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) // in the Amazon EC2 Auto Scaling User Guide. Cooldown *int64 `type:"integer"` + // Indicates whether the scaling policy is enabled or disabled. The default + // is enabled. For more information, see Disabling a Scaling Policy for an Auto + // Scaling Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-enable-disable-scaling-policy.html) + // in the Amazon EC2 Auto Scaling User Guide. + Enabled *bool `type:"boolean"` + // The estimated time, in seconds, until a newly launched instance can contribute - // to the CloudWatch metrics. The default is to use the value specified for - // the default cooldown period for the group. + // to the CloudWatch metrics. If not provided, the default is to use the value + // from the default cooldown period for the Auto Scaling group. // - // Valid only if the policy type is StepScaling or TargetTrackingScaling. + // Valid only if the policy type is TargetTrackingScaling or StepScaling. EstimatedInstanceWarmup *int64 `type:"integer"` // The aggregation type for the CloudWatch metrics. The valid values are Minimum, @@ -11879,19 +12771,19 @@ type PutScalingPolicyInput struct { // Valid only if the policy type is StepScaling. MetricAggregationType *string `min:"1" type:"string"` - // The minimum number of instances to scale. If the value of AdjustmentType - // is PercentChangeInCapacity, the scaling policy changes the DesiredCapacity - // of the Auto Scaling group by at least this many instances. Otherwise, the - // error is ValidationError. + // The minimum value to scale by when the adjustment type is PercentChangeInCapacity. + // For example, suppose that you create a step scaling policy to scale out an + // Auto Scaling group by 25 percent and you specify a MinAdjustmentMagnitude + // of 2. If the group has 4 instances and the scaling policy is performed, 25 + // percent of 4 is 1. However, because you specified a MinAdjustmentMagnitude + // of 2, Amazon EC2 Auto Scaling scales out the group by 2 instances. // - // This property replaces the MinAdjustmentStep property. For example, suppose - // that you create a step scaling policy to scale out an Auto Scaling group - // by 25 percent and you specify a MinAdjustmentMagnitude of 2. If the group - // has 4 instances and the scaling policy is performed, 25 percent of 4 is 1. - // However, because you specified a MinAdjustmentMagnitude of 2, Amazon EC2 - // Auto Scaling scales out the group by 2 instances. + // Valid only if the policy type is StepScaling or SimpleScaling. For more information, + // see Scaling Adjustment Types (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html#as-scaling-adjustment) + // in the Amazon EC2 Auto Scaling User Guide. // - // Valid only if the policy type is SimpleScaling or StepScaling. + // Some Auto Scaling groups use instance weights. In this case, set the MinAdjustmentMagnitude + // to a value that is at least as large as your largest instance weight. MinAdjustmentMagnitude *int64 `type:"integer"` // Available for backward compatibility. Use MinAdjustmentMagnitude instead. @@ -11902,36 +12794,50 @@ type PutScalingPolicyInput struct { // PolicyName is a required field PolicyName *string `min:"1" type:"string" required:"true"` - // The policy type. The valid values are SimpleScaling, StepScaling, and TargetTrackingScaling. - // If the policy type is null, the value is treated as SimpleScaling. + // One of the following policy types: + // + // * TargetTrackingScaling + // + // * StepScaling + // + // * SimpleScaling (default) PolicyType *string `min:"1" type:"string"` - // The amount by which a simple scaling policy scales the Auto Scaling group - // in response to an alarm breach. The adjustment is based on the value that - // you specified in the AdjustmentType parameter (either an absolute number - // or a percentage). A positive value adds to the current capacity and a negative - // value subtracts from the current capacity. For exact capacity, you must specify - // a positive value. + // The amount by which to scale, based on the specified adjustment type. A positive + // value adds to the current capacity while a negative number removes from the + // current capacity. For exact capacity, you must specify a positive value. // - // Conditional: If you specify SimpleScaling for the policy type, you must specify - // this parameter. (Not used with any other policy type.) + // Required if the policy type is SimpleScaling. (Not used with any other policy + // type.) ScalingAdjustment *int64 `type:"integer"` // A set of adjustments that enable you to scale based on the size of the alarm // breach. // - // Conditional: If you specify StepScaling for the policy type, you must specify - // this parameter. (Not used with any other policy type.) + // Required if the policy type is StepScaling. (Not used with any other policy + // type.) StepAdjustments []*StepAdjustment `type:"list"` // A target tracking scaling policy. Includes support for predefined or customized // metrics. // + // The following predefined metrics are available: + // + // * ASGAverageCPUUtilization + // + // * ASGAverageNetworkIn + // + // * ASGAverageNetworkOut + // + // * ALBRequestCountPerTarget + // + // If you specify ALBRequestCountPerTarget for the metric, you must specify + // the ResourceLabel parameter with the PredefinedMetricSpecification. + // // For more information, see TargetTrackingConfiguration (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_TargetTrackingConfiguration.html) // in the Amazon EC2 Auto Scaling API Reference. // - // Conditional: If you specify TargetTrackingScaling for the policy type, you - // must specify this parameter. (Not used with any other policy type.) + // Required if the policy type is TargetTrackingScaling. TargetTrackingConfiguration *TargetTrackingConfiguration `type:"structure"` } @@ -12009,6 +12915,12 @@ func (s *PutScalingPolicyInput) SetCooldown(v int64) *PutScalingPolicyInput { return s } +// SetEnabled sets the Enabled field's value. +func (s *PutScalingPolicyInput) SetEnabled(v bool) *PutScalingPolicyInput { + s.Enabled = &v + return s +} + // SetEstimatedInstanceWarmup sets the EstimatedInstanceWarmup field's value. func (s *PutScalingPolicyInput) SetEstimatedInstanceWarmup(v int64) *PutScalingPolicyInput { s.EstimatedInstanceWarmup = &v @@ -12104,17 +13016,19 @@ type PutScheduledUpdateGroupActionInput struct { // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` - // The number of EC2 instances that should be running in the Auto Scaling group. + // The desired capacity is the initial capacity of the Auto Scaling group after + // the scheduled action runs and the capacity it attempts to maintain. It can + // scale beyond this capacity if you add more scaling conditions. DesiredCapacity *int64 `type:"integer"` // The date and time for the recurring schedule to end. Amazon EC2 Auto Scaling // does not perform the action after this time. EndTime *time.Time `type:"timestamp"` - // The maximum number of instances in the Auto Scaling group. + // The maximum size of the Auto Scaling group. MaxSize *int64 `type:"integer"` - // The minimum number of instances in the Auto Scaling group. + // The minimum size of the Auto Scaling group. MinSize *int64 `type:"integer"` // The recurring schedule for this action, in Unix cron syntax format. This @@ -12348,6 +13262,45 @@ func (s RecordLifecycleActionHeartbeatOutput) GoString() string { return s.String() } +// Describes information used to start an instance refresh. +type RefreshPreferences struct { + _ struct{} `type:"structure"` + + // The number of seconds until a newly launched instance is configured and ready + // to use. During this time, Amazon EC2 Auto Scaling does not immediately move + // on to the next replacement. The default is to use the value for the health + // check grace period defined for the group. + InstanceWarmup *int64 `type:"integer"` + + // The amount of capacity in the Auto Scaling group that must remain healthy + // during an instance refresh to allow the operation to continue, as a percentage + // of the desired capacity of the Auto Scaling group (rounded up to the nearest + // integer). The default is 90. + MinHealthyPercentage *int64 `type:"integer"` +} + +// String returns the string representation +func (s RefreshPreferences) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RefreshPreferences) GoString() string { + return s.String() +} + +// SetInstanceWarmup sets the InstanceWarmup field's value. +func (s *RefreshPreferences) SetInstanceWarmup(v int64) *RefreshPreferences { + s.InstanceWarmup = &v + return s +} + +// SetMinHealthyPercentage sets the MinHealthyPercentage field's value. +func (s *RefreshPreferences) SetMinHealthyPercentage(v int64) *RefreshPreferences { + s.MinHealthyPercentage = &v + return s +} + type ResumeProcessesOutput struct { _ struct{} `type:"structure"` } @@ -12366,8 +13319,9 @@ func (s ResumeProcessesOutput) GoString() string { type ScalingPolicy struct { _ struct{} `type:"structure"` - // The adjustment type, which specifies how ScalingAdjustment is interpreted. - // The valid values are ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity. + // Specifies how the scaling adjustment is interpreted (for example, an absolute + // number or a percentage). The valid values are ChangeInCapacity, ExactCapacity, + // and PercentChangeInCapacity. AdjustmentType *string `min:"1" type:"string"` // The CloudWatch alarms related to the policy. @@ -12376,10 +13330,12 @@ type ScalingPolicy struct { // The name of the Auto Scaling group. AutoScalingGroupName *string `min:"1" type:"string"` - // The amount of time, in seconds, after a scaling activity completes before - // any further dynamic scaling activities can start. + // The duration of the policy's cooldown period, in seconds. Cooldown *int64 `type:"integer"` + // Indicates whether the policy is enabled (true) or disabled (false). + Enabled *bool `type:"boolean"` + // The estimated time, in seconds, until a newly launched instance can contribute // to the CloudWatch metrics. EstimatedInstanceWarmup *int64 `type:"integer"` @@ -12388,10 +13344,7 @@ type ScalingPolicy struct { // Maximum, and Average. MetricAggregationType *string `min:"1" type:"string"` - // The minimum number of instances to scale. If the value of AdjustmentType - // is PercentChangeInCapacity, the scaling policy changes the DesiredCapacity - // of the Auto Scaling group by at least this many instances. Otherwise, the - // error is ValidationError. + // The minimum value to scale by when the adjustment type is PercentChangeInCapacity. MinAdjustmentMagnitude *int64 `type:"integer"` // Available for backward compatibility. Use MinAdjustmentMagnitude instead. @@ -12403,7 +13356,17 @@ type ScalingPolicy struct { // The name of the scaling policy. PolicyName *string `min:"1" type:"string"` - // The policy type. The valid values are SimpleScaling, StepScaling, and TargetTrackingScaling. + // One of the following policy types: + // + // * TargetTrackingScaling + // + // * StepScaling + // + // * SimpleScaling (default) + // + // For more information, see Target Tracking Scaling Policies (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-target-tracking.html) + // and Step and Simple Scaling Policies (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html) + // in the Amazon EC2 Auto Scaling User Guide. PolicyType *string `min:"1" type:"string"` // The amount by which to scale, based on the specified adjustment type. A positive @@ -12453,6 +13416,12 @@ func (s *ScalingPolicy) SetCooldown(v int64) *ScalingPolicy { return s } +// SetEnabled sets the Enabled field's value. +func (s *ScalingPolicy) SetEnabled(v bool) *ScalingPolicy { + s.Enabled = &v + return s +} + // SetEstimatedInstanceWarmup sets the EstimatedInstanceWarmup field's value. func (s *ScalingPolicy) SetEstimatedInstanceWarmup(v int64) *ScalingPolicy { s.EstimatedInstanceWarmup = &v @@ -12521,24 +13490,27 @@ type ScalingProcessQuery struct { // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` - // One or more of the following processes. If you omit this parameter, all processes - // are specified. + // One or more of the following processes: // // * Launch // // * Terminate // - // * HealthCheck + // * AddToLoadBalancer // - // * ReplaceUnhealthy + // * AlarmNotification // // * AZRebalance // - // * AlarmNotification + // * HealthCheck + // + // * InstanceRefresh + // + // * ReplaceUnhealthy // // * ScheduledActions // - // * AddToLoadBalancer + // If you omit this parameter, all processes are specified. ScalingProcesses []*string `type:"list"` } @@ -12580,24 +13552,25 @@ func (s *ScalingProcessQuery) SetScalingProcesses(v []*string) *ScalingProcessQu return s } -// Describes a scheduled scaling action. Used in response to DescribeScheduledActions. +// Describes a scheduled scaling action. type ScheduledUpdateGroupAction struct { _ struct{} `type:"structure"` // The name of the Auto Scaling group. AutoScalingGroupName *string `min:"1" type:"string"` - // The number of instances you prefer to maintain in the group. + // The desired capacity is the initial capacity of the Auto Scaling group after + // the scheduled action runs and the capacity it attempts to maintain. DesiredCapacity *int64 `type:"integer"` // The date and time in UTC for the recurring schedule to end. For example, // "2019-06-01T00:00:00Z". EndTime *time.Time `type:"timestamp"` - // The maximum number of instances in the Auto Scaling group. + // The maximum size of the Auto Scaling group. MaxSize *int64 `type:"integer"` - // The minimum number of instances in the Auto Scaling group. + // The minimum size of the Auto Scaling group. MinSize *int64 `type:"integer"` // The recurring schedule for the action, in Unix cron syntax format. @@ -12689,25 +13662,26 @@ func (s *ScheduledUpdateGroupAction) SetTime(v time.Time) *ScheduledUpdateGroupA return s } -// Describes one or more scheduled scaling action updates for a specified Auto -// Scaling group. Used in combination with BatchPutScheduledUpdateGroupAction. +// Describes information used for one or more scheduled scaling action updates +// in a BatchPutScheduledUpdateGroupAction operation. // // When updating a scheduled scaling action, all optional parameters are left // unchanged if not specified. type ScheduledUpdateGroupActionRequest struct { _ struct{} `type:"structure"` - // The number of EC2 instances that should be running in the group. + // The desired capacity is the initial capacity of the Auto Scaling group after + // the scheduled action runs and the capacity it attempts to maintain. DesiredCapacity *int64 `type:"integer"` // The date and time for the recurring schedule to end. Amazon EC2 Auto Scaling // does not perform the action after this time. EndTime *time.Time `type:"timestamp"` - // The maximum number of instances in the Auto Scaling group. + // The maximum size of the Auto Scaling group. MaxSize *int64 `type:"integer"` - // The minimum number of instances in the Auto Scaling group. + // The minimum size of the Auto Scaling group. MinSize *int64 `type:"integer"` // The recurring schedule for the action, in Unix cron syntax format. This format @@ -12815,7 +13789,8 @@ type SetDesiredCapacityInput struct { // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` - // The number of EC2 instances that should be running in the Auto Scaling group. + // The desired capacity is the initial capacity of the Auto Scaling group after + // this operation completes and the capacity it attempts to maintain. // // DesiredCapacity is a required field DesiredCapacity *int64 `type:"integer" required:"true"` @@ -12908,7 +13883,9 @@ type SetInstanceHealthInput struct { // Set this to False, to have the call not respect the grace period associated // with the group. // - // For more information about the health check grace period, see CreateAutoScalingGroup. + // For more information about the health check grace period, see CreateAutoScalingGroup + // (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_CreateAutoScalingGroup.html) + // in the Amazon EC2 Auto Scaling API Reference. ShouldRespectGracePeriod *bool `type:"boolean"` } @@ -13060,9 +14037,103 @@ func (s SetInstanceProtectionOutput) GoString() string { return s.String() } -// Describes an adjustment based on the difference between the value of the -// aggregated CloudWatch metric and the breach threshold that you've defined -// for the alarm. Used in combination with PutScalingPolicy. +type StartInstanceRefreshInput struct { + _ struct{} `type:"structure"` + + // The name of the Auto Scaling group. + // + // AutoScalingGroupName is a required field + AutoScalingGroupName *string `min:"1" type:"string" required:"true"` + + // Set of preferences associated with the instance refresh request. + // + // If not provided, the default values are used. For MinHealthyPercentage, the + // default value is 90. For InstanceWarmup, the default is to use the value + // specified for the health check grace period for the Auto Scaling group. + // + // For more information, see RefreshPreferences (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_RefreshPreferences.html) + // in the Amazon EC2 Auto Scaling API Reference. + Preferences *RefreshPreferences `type:"structure"` + + // The strategy to use for the instance refresh. The only valid value is Rolling. + // + // A rolling update is an update that is applied to all instances in an Auto + // Scaling group until all instances have been updated. A rolling update can + // fail due to failed health checks or if instances are on standby or are protected + // from scale in. If the rolling update process fails, any instances that were + // already replaced are not rolled back to their previous configuration. + Strategy *string `type:"string" enum:"RefreshStrategy"` +} + +// String returns the string representation +func (s StartInstanceRefreshInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartInstanceRefreshInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartInstanceRefreshInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartInstanceRefreshInput"} + if s.AutoScalingGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("AutoScalingGroupName")) + } + if s.AutoScalingGroupName != nil && len(*s.AutoScalingGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AutoScalingGroupName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAutoScalingGroupName sets the AutoScalingGroupName field's value. +func (s *StartInstanceRefreshInput) SetAutoScalingGroupName(v string) *StartInstanceRefreshInput { + s.AutoScalingGroupName = &v + return s +} + +// SetPreferences sets the Preferences field's value. +func (s *StartInstanceRefreshInput) SetPreferences(v *RefreshPreferences) *StartInstanceRefreshInput { + s.Preferences = v + return s +} + +// SetStrategy sets the Strategy field's value. +func (s *StartInstanceRefreshInput) SetStrategy(v string) *StartInstanceRefreshInput { + s.Strategy = &v + return s +} + +type StartInstanceRefreshOutput struct { + _ struct{} `type:"structure"` + + // A unique ID for tracking the progress of the request. + InstanceRefreshId *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s StartInstanceRefreshOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartInstanceRefreshOutput) GoString() string { + return s.String() +} + +// SetInstanceRefreshId sets the InstanceRefreshId field's value. +func (s *StartInstanceRefreshOutput) SetInstanceRefreshId(v string) *StartInstanceRefreshOutput { + s.InstanceRefreshId = &v + return s +} + +// Describes information used to create a step adjustment for a step scaling +// policy. // // For the following examples, suppose that you have an alarm with a breach // threshold of 50: @@ -13088,6 +14159,9 @@ func (s SetInstanceProtectionOutput) GoString() string { // with a null upper bound. // // * The upper and lower bound can't be null in the same step adjustment. +// +// For more information, see Step Adjustments (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html#as-scaling-steps) +// in the Amazon EC2 Auto Scaling User Guide. type StepAdjustment struct { _ struct{} `type:"structure"` @@ -13171,8 +14245,10 @@ func (s SuspendProcessesOutput) GoString() string { return s.String() } -// Describes an automatic scaling process that has been suspended. For more -// information, see ProcessType. +// Describes an automatic scaling process that has been suspended. +// +// For more information, see Scaling Processes (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html#process-types) +// in the Amazon EC2 Auto Scaling User Guide. type SuspendedProcess struct { _ struct{} `type:"structure"` @@ -13517,17 +14593,29 @@ type UpdateAutoScalingGroupInput struct { // One or more Availability Zones for the group. AvailabilityZones []*string `min:"1" type:"list"` + // Enables or disables capacity rebalance. + // + // You can enable capacity rebalancing for your Auto Scaling groups when using + // Spot Instances. When you turn on capacity rebalancing, Amazon EC2 Auto Scaling + // attempts to launch a Spot Instance whenever Amazon EC2 predicts that a Spot + // Instance is at an elevated risk of interruption. After launching a new instance, + // it then terminates an old instance. For more information, see Amazon EC2 + // Auto Scaling capacity rebalancing (https://docs.aws.amazon.com/autoscaling/ec2/userguide/capacity-rebalance.html) + // in the Amazon EC2 Auto Scaling User Guide. + CapacityRebalance *bool `type:"boolean"` + // The amount of time, in seconds, after a scaling activity completes before - // another scaling activity can start. The default value is 300. This cooldown - // period is not used when a scaling-specific cooldown is specified. + // another scaling activity can start. The default value is 300. // - // Cooldown periods are not supported for target tracking scaling policies, - // step scaling policies, or scheduled scaling. For more information, see Scaling - // Cooldowns (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) + // This setting applies when using simple scaling policies, but not when using + // other scaling policies or scheduled scaling. For more information, see Scaling + // Cooldowns for Amazon EC2 Auto Scaling (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) // in the Amazon EC2 Auto Scaling User Guide. DefaultCooldown *int64 `type:"integer"` - // The number of EC2 instances that should be running in the Auto Scaling group. + // The desired capacity is the initial capacity of the Auto Scaling group after + // this operation completes and the capacity it attempts to maintain. + // // This number must be greater than or equal to the minimum size of the group // and less than or equal to the maximum size of the group. DesiredCapacity *int64 `type:"integer"` @@ -13539,7 +14627,7 @@ type UpdateAutoScalingGroupInput struct { // For more information, see Health Check Grace Period (https://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html#health-check-grace-period) // in the Amazon EC2 Auto Scaling User Guide. // - // Conditional: This parameter is required if you are adding an ELB health check. + // Required if you are adding an ELB health check. HealthCheckGracePeriod *int64 `type:"integer"` // The service to use for the health checks. The valid values are EC2 and ELB. @@ -13561,11 +14649,26 @@ type UpdateAutoScalingGroupInput struct { LaunchTemplate *LaunchTemplateSpecification `type:"structure"` // The maximum amount of time, in seconds, that an instance can be in service. + // The default is null. // - // Valid Range: Minimum value of 604800. + // This parameter is optional, but if you specify a value for it, you must specify + // a value of at least 604,800 seconds (7 days). To clear a previously set value, + // specify a new value of 0. + // + // For more information, see Replacing Auto Scaling Instances Based on Maximum + // Instance Lifetime (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-max-instance-lifetime.html) + // in the Amazon EC2 Auto Scaling User Guide. + // + // Valid Range: Minimum value of 0. MaxInstanceLifetime *int64 `type:"integer"` // The maximum size of the Auto Scaling group. + // + // With a mixed instances policy that uses instance weighting, Amazon EC2 Auto + // Scaling may need to go above MaxSize to meet your capacity requirements. + // In this event, Amazon EC2 Auto Scaling will never go above MaxSize by more + // than your largest instance weight (weights that define how many units each + // instance contributes to the desired capacity of the group). MaxSize *int64 `type:"integer"` // The minimum size of the Auto Scaling group. @@ -13685,6 +14788,12 @@ func (s *UpdateAutoScalingGroupInput) SetAvailabilityZones(v []*string) *UpdateA return s } +// SetCapacityRebalance sets the CapacityRebalance field's value. +func (s *UpdateAutoScalingGroupInput) SetCapacityRebalance(v bool) *UpdateAutoScalingGroupInput { + s.CapacityRebalance = &v + return s +} + // SetDefaultCooldown sets the DefaultCooldown field's value. func (s *UpdateAutoScalingGroupInput) SetDefaultCooldown(v int64) *UpdateAutoScalingGroupInput { s.DefaultCooldown = &v @@ -13789,6 +14898,70 @@ func (s UpdateAutoScalingGroupOutput) GoString() string { return s.String() } +const ( + // InstanceMetadataEndpointStateDisabled is a InstanceMetadataEndpointState enum value + InstanceMetadataEndpointStateDisabled = "disabled" + + // InstanceMetadataEndpointStateEnabled is a InstanceMetadataEndpointState enum value + InstanceMetadataEndpointStateEnabled = "enabled" +) + +// InstanceMetadataEndpointState_Values returns all elements of the InstanceMetadataEndpointState enum +func InstanceMetadataEndpointState_Values() []string { + return []string{ + InstanceMetadataEndpointStateDisabled, + InstanceMetadataEndpointStateEnabled, + } +} + +const ( + // InstanceMetadataHttpTokensStateOptional is a InstanceMetadataHttpTokensState enum value + InstanceMetadataHttpTokensStateOptional = "optional" + + // InstanceMetadataHttpTokensStateRequired is a InstanceMetadataHttpTokensState enum value + InstanceMetadataHttpTokensStateRequired = "required" +) + +// InstanceMetadataHttpTokensState_Values returns all elements of the InstanceMetadataHttpTokensState enum +func InstanceMetadataHttpTokensState_Values() []string { + return []string{ + InstanceMetadataHttpTokensStateOptional, + InstanceMetadataHttpTokensStateRequired, + } +} + +const ( + // InstanceRefreshStatusPending is a InstanceRefreshStatus enum value + InstanceRefreshStatusPending = "Pending" + + // InstanceRefreshStatusInProgress is a InstanceRefreshStatus enum value + InstanceRefreshStatusInProgress = "InProgress" + + // InstanceRefreshStatusSuccessful is a InstanceRefreshStatus enum value + InstanceRefreshStatusSuccessful = "Successful" + + // InstanceRefreshStatusFailed is a InstanceRefreshStatus enum value + InstanceRefreshStatusFailed = "Failed" + + // InstanceRefreshStatusCancelling is a InstanceRefreshStatus enum value + InstanceRefreshStatusCancelling = "Cancelling" + + // InstanceRefreshStatusCancelled is a InstanceRefreshStatus enum value + InstanceRefreshStatusCancelled = "Cancelled" +) + +// InstanceRefreshStatus_Values returns all elements of the InstanceRefreshStatus enum +func InstanceRefreshStatus_Values() []string { + return []string{ + InstanceRefreshStatusPending, + InstanceRefreshStatusInProgress, + InstanceRefreshStatusSuccessful, + InstanceRefreshStatusFailed, + InstanceRefreshStatusCancelling, + InstanceRefreshStatusCancelled, + } +} + const ( // LifecycleStatePending is a LifecycleState enum value LifecycleStatePending = "Pending" @@ -13830,6 +15003,25 @@ const ( LifecycleStateStandby = "Standby" ) +// LifecycleState_Values returns all elements of the LifecycleState enum +func LifecycleState_Values() []string { + return []string{ + LifecycleStatePending, + LifecycleStatePendingWait, + LifecycleStatePendingProceed, + LifecycleStateQuarantined, + LifecycleStateInService, + LifecycleStateTerminating, + LifecycleStateTerminatingWait, + LifecycleStateTerminatingProceed, + LifecycleStateTerminated, + LifecycleStateDetaching, + LifecycleStateDetached, + LifecycleStateEnteringStandby, + LifecycleStateStandby, + } +} + const ( // MetricStatisticAverage is a MetricStatistic enum value MetricStatisticAverage = "Average" @@ -13847,6 +15039,17 @@ const ( MetricStatisticSum = "Sum" ) +// MetricStatistic_Values returns all elements of the MetricStatistic enum +func MetricStatistic_Values() []string { + return []string{ + MetricStatisticAverage, + MetricStatisticMinimum, + MetricStatisticMaximum, + MetricStatisticSampleCount, + MetricStatisticSum, + } +} + const ( // MetricTypeAsgaverageCpuutilization is a MetricType enum value MetricTypeAsgaverageCpuutilization = "ASGAverageCPUUtilization" @@ -13861,6 +15064,28 @@ const ( MetricTypeAlbrequestCountPerTarget = "ALBRequestCountPerTarget" ) +// MetricType_Values returns all elements of the MetricType enum +func MetricType_Values() []string { + return []string{ + MetricTypeAsgaverageCpuutilization, + MetricTypeAsgaverageNetworkIn, + MetricTypeAsgaverageNetworkOut, + MetricTypeAlbrequestCountPerTarget, + } +} + +const ( + // RefreshStrategyRolling is a RefreshStrategy enum value + RefreshStrategyRolling = "Rolling" +) + +// RefreshStrategy_Values returns all elements of the RefreshStrategy enum +func RefreshStrategy_Values() []string { + return []string{ + RefreshStrategyRolling, + } +} + const ( // ScalingActivityStatusCodePendingSpotBidPlacement is a ScalingActivityStatusCode enum value ScalingActivityStatusCodePendingSpotBidPlacement = "PendingSpotBidPlacement" @@ -13898,3 +15123,21 @@ const ( // ScalingActivityStatusCodeCancelled is a ScalingActivityStatusCode enum value ScalingActivityStatusCodeCancelled = "Cancelled" ) + +// ScalingActivityStatusCode_Values returns all elements of the ScalingActivityStatusCode enum +func ScalingActivityStatusCode_Values() []string { + return []string{ + ScalingActivityStatusCodePendingSpotBidPlacement, + ScalingActivityStatusCodeWaitingForSpotInstanceRequestId, + ScalingActivityStatusCodeWaitingForSpotInstanceId, + ScalingActivityStatusCodeWaitingForInstanceId, + ScalingActivityStatusCodePreInService, + ScalingActivityStatusCodeInProgress, + ScalingActivityStatusCodeWaitingForElbconnectionDraining, + ScalingActivityStatusCodeMidLifecycleAction, + ScalingActivityStatusCodeWaitingForInstanceWarmup, + ScalingActivityStatusCodeSuccessful, + ScalingActivityStatusCodeFailed, + ScalingActivityStatusCodeCancelled, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/errors.go b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/errors.go index 2e65ee3d93fb..85e907df74fe 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/errors.go @@ -4,6 +4,13 @@ package autoscaling const ( + // ErrCodeActiveInstanceRefreshNotFoundFault for service response error code + // "ActiveInstanceRefreshNotFound". + // + // The request failed because an active instance refresh for the specified Auto + // Scaling group was not found. + ErrCodeActiveInstanceRefreshNotFoundFault = "ActiveInstanceRefreshNotFound" + // ErrCodeAlreadyExistsFault for service response error code // "AlreadyExists". // @@ -11,6 +18,13 @@ const ( // name. ErrCodeAlreadyExistsFault = "AlreadyExists" + // ErrCodeInstanceRefreshInProgressFault for service response error code + // "InstanceRefreshInProgress". + // + // The request failed because an active instance refresh operation already exists + // for the specified Auto Scaling group. + ErrCodeInstanceRefreshInProgressFault = "InstanceRefreshInProgress" + // ErrCodeInvalidNextToken for service response error code // "InvalidNextToken". // @@ -22,7 +36,8 @@ const ( // // You have already reached a limit for your Amazon EC2 Auto Scaling resources // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). - // For more information, see DescribeAccountLimits. + // For more information, see DescribeAccountLimits (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_DescribeAccountLimits.html) + // in the Amazon EC2 Auto Scaling API Reference. ErrCodeLimitExceededFault = "LimitExceeded" // ErrCodeResourceContentionFault for service response error code diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index a33cce5d7e3b..ba7661add13d 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -440,8 +440,8 @@ func (c *EC2) AdvertiseByoipCidrRequest(input *AdvertiseByoipCidrInput) (req *re // AdvertiseByoipCidr API operation for Amazon Elastic Compute Cloud. // -// Advertises an IPv4 address range that is provisioned for use with your AWS -// resources through bring your own IP addresses (BYOIP). +// Advertises an IPv4 or IPv6 address range that is provisioned for use with +// your AWS resources through bring your own IP addresses (BYOIP). // // You can perform this operation at most once every 10 seconds, even if you // specify different address ranges each time. @@ -554,6 +554,10 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. // +// You can allocate a carrier IP address which is a public IP address from a +// telecommunication carrier, to a network interface which resides in a subnet +// in a Wavelength Zone (for example an EC2 instance). +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -787,6 +791,9 @@ func (c *EC2) AssignIpv6AddressesRequest(input *AssignIpv6AddressesInput) (req * // Type (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) // in the Amazon Elastic Compute Cloud User Guide. // +// You must specify either the IPv6 addresses or the IPv6 address count in the +// request. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -878,6 +885,8 @@ func (c *EC2) AssignPrivateIpAddressesRequest(input *AssignPrivateIpAddressesInp // address from one network interface to another, check network/interfaces/macs/mac/local-ipv4s // in the instance metadata to confirm that the remapping is complete. // +// You must specify either the IP addresses or the IP address count in the request. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -950,7 +959,8 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // AssociateAddress API operation for Amazon Elastic Compute Cloud. // -// Associates an Elastic IP address with an instance or a network interface. +// Associates an Elastic IP address, or carrier IP address (for instances that +// are in subnets in Wavelength Zones) with an instance or a network interface. // Before you can use an Elastic IP address, you must allocate it to your account. // // An Elastic IP address is for use in either the EC2-Classic platform or in @@ -971,6 +981,9 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // an Elastic IP address with an instance or network interface that has an existing // Elastic IP address. // +// [Subnets in Wavelength Zones] You can associate an IP address from the telecommunication +// carrier to the instance or network interface. +// // You cannot associate an Elastic IP address with an interface in a different // network border group. // @@ -1057,6 +1070,12 @@ func (c *EC2) AssociateClientVpnTargetNetworkRequest(input *AssociateClientVpnTa // Zone. We recommend that you associate at least two subnets to provide Availability // Zone redundancy. // +// If you specified a VPC when you created the Client VPN endpoint or if you +// have previous subnet associations, the specified subnet must be in the same +// VPC. To specify a subnet that's in a different VPC, you must first modify +// the Client VPN endpoint (ModifyClientVpnEndpoint) and change the VPC that's +// associated with it. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1171,6 +1190,98 @@ func (c *EC2) AssociateDhcpOptionsWithContext(ctx aws.Context, input *AssociateD return out, req.Send() } +const opAssociateEnclaveCertificateIamRole = "AssociateEnclaveCertificateIamRole" + +// AssociateEnclaveCertificateIamRoleRequest generates a "aws/request.Request" representing the +// client's request for the AssociateEnclaveCertificateIamRole operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateEnclaveCertificateIamRole for more information on using the AssociateEnclaveCertificateIamRole +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the AssociateEnclaveCertificateIamRoleRequest method. +// req, resp := client.AssociateEnclaveCertificateIamRoleRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateEnclaveCertificateIamRole +func (c *EC2) AssociateEnclaveCertificateIamRoleRequest(input *AssociateEnclaveCertificateIamRoleInput) (req *request.Request, output *AssociateEnclaveCertificateIamRoleOutput) { + op := &request.Operation{ + Name: opAssociateEnclaveCertificateIamRole, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssociateEnclaveCertificateIamRoleInput{} + } + + output = &AssociateEnclaveCertificateIamRoleOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateEnclaveCertificateIamRole API operation for Amazon Elastic Compute Cloud. +// +// Associates an AWS Identity and Access Management (IAM) role with an AWS Certificate +// Manager (ACM) certificate. This enables the certificate to be used by the +// ACM for Nitro Enclaves application inside an enclave. For more information, +// see AWS Certificate Manager for Nitro Enclaves (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave-refapp.html) +// in the AWS Nitro Enclaves User Guide. +// +// When the IAM role is associated with the ACM certificate, places the certificate, +// certificate chain, and encrypted private key in an Amazon S3 bucket that +// only the associated IAM role can access. The private key of the certificate +// is encrypted with an AWS-managed KMS customer master (CMK) that has an attached +// attestation-based CMK policy. +// +// To enable the IAM role to access the Amazon S3 object, you must grant it +// permission to call s3:GetObject on the Amazon S3 bucket returned by the command. +// To enable the IAM role to access the AWS KMS CMK, you must grant it permission +// to call kms:Decrypt on AWS KMS CMK returned by the command. For more information, +// see Grant the role permission to access the certificate and encryption key +// (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave-refapp.html#add-policy) +// in the AWS Nitro Enclaves User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssociateEnclaveCertificateIamRole for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateEnclaveCertificateIamRole +func (c *EC2) AssociateEnclaveCertificateIamRole(input *AssociateEnclaveCertificateIamRoleInput) (*AssociateEnclaveCertificateIamRoleOutput, error) { + req, out := c.AssociateEnclaveCertificateIamRoleRequest(input) + return out, req.Send() +} + +// AssociateEnclaveCertificateIamRoleWithContext is the same as AssociateEnclaveCertificateIamRole with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateEnclaveCertificateIamRole for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssociateEnclaveCertificateIamRoleWithContext(ctx aws.Context, input *AssociateEnclaveCertificateIamRoleInput, opts ...request.Option) (*AssociateEnclaveCertificateIamRoleOutput, error) { + req, out := c.AssociateEnclaveCertificateIamRoleRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opAssociateIamInstanceProfile = "AssociateIamInstanceProfile" // AssociateIamInstanceProfileRequest generates a "aws/request.Request" representing the @@ -1603,8 +1714,13 @@ func (c *EC2) AssociateVpcCidrBlockRequest(input *AssociateVpcCidrBlockInput) (r // AssociateVpcCidrBlock API operation for Amazon Elastic Compute Cloud. // // Associates a CIDR block with your VPC. You can associate a secondary IPv4 -// CIDR block, or you can associate an Amazon-provided IPv6 CIDR block. The -// IPv6 CIDR block size is fixed at /56. +// CIDR block, an Amazon-provided IPv6 CIDR block, or an IPv6 CIDR block from +// an IPv6 address pool that you provisioned through bring your own IP addresses +// (BYOIP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html)). +// The IPv6 CIDR block size is fixed at /56. +// +// You must specify one of the following in the request: an IPv4 CIDR block, +// an IPv6 pool, or an Amazon-provided IPv6 CIDR block. // // For more information about associating CIDR blocks with your VPC and applicable // restrictions, see VPC and Subnet Sizing (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#VPC_Sizing) @@ -1927,7 +2043,7 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // in the Amazon Elastic Compute Cloud User Guide. // // After you attach an EBS volume, you must make it available. For more information, -// see Making an EBS Volume Available For Use (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html). +// see Making an EBS volume available for use (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html). // // If a volume has an AWS Marketplace product code: // @@ -1941,7 +2057,7 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // the product. For example, you can't detach a volume from a Windows instance // and attach it to a Linux instance. // -// For more information, see Attaching Amazon EBS Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html) +// For more information, see Attaching Amazon EBS volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3309,7 +3425,7 @@ func (c *EC2) CopySnapshotRequest(input *CopySnapshotInput) (req *request.Reques // Snapshots created by copying another snapshot have an arbitrary volume ID // that should not be used for any purpose. // -// For more information, see Copying an Amazon EBS Snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html) +// For more information, see Copying an Amazon EBS snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3437,6 +3553,82 @@ func (c *EC2) CreateCapacityReservationWithContext(ctx aws.Context, input *Creat return out, req.Send() } +const opCreateCarrierGateway = "CreateCarrierGateway" + +// CreateCarrierGatewayRequest generates a "aws/request.Request" representing the +// client's request for the CreateCarrierGateway operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateCarrierGateway for more information on using the CreateCarrierGateway +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateCarrierGatewayRequest method. +// req, resp := client.CreateCarrierGatewayRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateCarrierGateway +func (c *EC2) CreateCarrierGatewayRequest(input *CreateCarrierGatewayInput) (req *request.Request, output *CreateCarrierGatewayOutput) { + op := &request.Operation{ + Name: opCreateCarrierGateway, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateCarrierGatewayInput{} + } + + output = &CreateCarrierGatewayOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateCarrierGateway API operation for Amazon Elastic Compute Cloud. +// +// Creates a carrier gateway. For more information about carrier gateways, see +// Carrier gateways (https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#wavelength-carrier-gateway) +// in the AWS Wavelength Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateCarrierGateway for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateCarrierGateway +func (c *EC2) CreateCarrierGateway(input *CreateCarrierGatewayInput) (*CreateCarrierGatewayOutput, error) { + req, out := c.CreateCarrierGatewayRequest(input) + return out, req.Send() +} + +// CreateCarrierGatewayWithContext is the same as CreateCarrierGateway with the addition of +// the ability to pass a context and additional request options. +// +// See CreateCarrierGateway for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateCarrierGatewayWithContext(ctx aws.Context, input *CreateCarrierGatewayInput, opts ...request.Option) (*CreateCarrierGatewayOutput, error) { + req, out := c.CreateCarrierGatewayRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateClientVpnEndpoint = "CreateClientVpnEndpoint" // CreateClientVpnEndpointRequest generates a "aws/request.Request" representing the @@ -3637,7 +3829,7 @@ func (c *EC2) CreateCustomerGatewayRequest(input *CreateCustomerGatewayInput) (r // Provides information to AWS about your VPN customer gateway device. The customer // gateway is the appliance at your end of the VPN connection. (The device on // the AWS side of the VPN connection is the virtual private gateway.) You must -// provide the Internet-routable IP address of the customer gateway's external +// provide the internet-routable IP address of the customer gateway's external // interface. The IP address must be static and can be behind a device performing // network address translation (NAT). // @@ -3646,9 +3838,16 @@ func (c *EC2) CreateCustomerGatewayRequest(input *CreateCustomerGatewayInput) (r // ASN assigned to your network. If you don't have an ASN already, you can use // a private ASN (in the 64512 - 65534 range). // -// Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65534, with -// the exception of 7224, which is reserved in the us-east-1 Region, and 9059, -// which is reserved in the eu-west-1 Region. +// Amazon EC2 supports all 4-byte ASN numbers in the range of 1 - 2147483647, +// with the exception of the following: +// +// * 7224 - reserved in the us-east-1 Region +// +// * 9059 - reserved in the eu-west-1 Region +// +// * 17943 - reserved in the ap-southeast-1 Region +// +// * 10124 - reserved in the ap-northeast-1 Region // // For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) // in the AWS Site-to-Site VPN User Guide. @@ -3910,13 +4109,13 @@ func (c *EC2) CreateDhcpOptionsRequest(input *CreateDhcpOptionsInput) (req *requ // * domain-name - If you're using AmazonProvidedDNS in us-east-1, specify // ec2.internal. If you're using AmazonProvidedDNS in another Region, specify // region.compute.internal (for example, ap-northeast-1.compute.internal). -// Otherwise, specify a domain name (for example, MyCompany.com). This value -// is used to complete unqualified DNS hostnames. Important: Some Linux operating -// systems accept multiple domain names separated by spaces. However, Windows -// and other Linux operating systems treat the value as a single domain, -// which results in unexpected behavior. If your DHCP options set is associated -// with a VPC that has instances with multiple operating systems, specify -// only one domain name. +// Otherwise, specify a domain name (for example, ExampleCompany.com). This +// value is used to complete unqualified DNS hostnames. Important: Some Linux +// operating systems accept multiple domain names separated by spaces. However, +// Windows and other Linux operating systems treat the value as a single +// domain, which results in unexpected behavior. If your DHCP options set +// is associated with a VPC that has instances with multiple operating systems, +// specify only one domain name. // // * ntp-servers - The IP addresses of up to four Network Time Protocol (NTP) // servers. @@ -4416,7 +4615,7 @@ func (c *EC2) CreateInstanceExportTaskRequest(input *CreateInstanceExportTaskInp // CreateInstanceExportTask API operation for Amazon Elastic Compute Cloud. // -// Exports a running or stopped instance to an S3 bucket. +// Exports a running or stopped instance to an Amazon S3 bucket. // // For information about the supported operating systems, image formats, and // known limitations for the types of instances you can export, see Exporting @@ -4662,6 +4861,8 @@ func (c *EC2) CreateLaunchTemplateRequest(input *CreateLaunchTemplateInput) (req // Creates a launch template. A launch template contains the parameters to launch // an instance. When you launch an instance using RunInstances, you can specify // a launch template instead of providing the launch parameters in the request. +// For more information, see Launching an instance from a launch template (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html)in +// the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4741,6 +4942,9 @@ func (c *EC2) CreateLaunchTemplateVersionRequest(input *CreateLaunchTemplateVers // Launch template versions are numbered in the order in which they are created. // You cannot specify, change, or replace the numbering of launch template versions. // +// For more information, see Managing launch template versions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#manage-launch-template-versions)in +// the Amazon Elastic Compute Cloud User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -4917,6 +5121,84 @@ func (c *EC2) CreateLocalGatewayRouteTableVpcAssociationWithContext(ctx aws.Cont return out, req.Send() } +const opCreateManagedPrefixList = "CreateManagedPrefixList" + +// CreateManagedPrefixListRequest generates a "aws/request.Request" representing the +// client's request for the CreateManagedPrefixList operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateManagedPrefixList for more information on using the CreateManagedPrefixList +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateManagedPrefixListRequest method. +// req, resp := client.CreateManagedPrefixListRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateManagedPrefixList +func (c *EC2) CreateManagedPrefixListRequest(input *CreateManagedPrefixListInput) (req *request.Request, output *CreateManagedPrefixListOutput) { + op := &request.Operation{ + Name: opCreateManagedPrefixList, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateManagedPrefixListInput{} + } + + output = &CreateManagedPrefixListOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateManagedPrefixList API operation for Amazon Elastic Compute Cloud. +// +// Creates a managed prefix list. You can specify one or more entries for the +// prefix list. Each entry consists of a CIDR block and an optional description. +// +// You must specify the maximum number of entries for the prefix list. The maximum +// number of entries cannot be changed later. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateManagedPrefixList for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateManagedPrefixList +func (c *EC2) CreateManagedPrefixList(input *CreateManagedPrefixListInput) (*CreateManagedPrefixListOutput, error) { + req, out := c.CreateManagedPrefixListRequest(input) + return out, req.Send() +} + +// CreateManagedPrefixListWithContext is the same as CreateManagedPrefixList with the addition of +// the ability to pass a context and additional request options. +// +// See CreateManagedPrefixList for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateManagedPrefixListWithContext(ctx aws.Context, input *CreateManagedPrefixListInput, opts ...request.Option) (*CreateManagedPrefixListOutput, error) { + req, out := c.CreateManagedPrefixListRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateNatGateway = "CreateNatGateway" // CreateNatGatewayRequest generates a "aws/request.Request" representing the @@ -5361,7 +5643,6 @@ func (c *EC2) CreatePlacementGroupRequest(input *CreatePlacementGroupInput) (req output = &CreatePlacementGroupOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -5377,7 +5658,7 @@ func (c *EC2) CreatePlacementGroupRequest(input *CreatePlacementGroupInput) (req // instances in one partition do not share the same hardware with instances // in another partition. // -// For more information, see Placement Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) +// For more information, see Placement groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5844,7 +6125,7 @@ func (c *EC2) CreateSnapshotRequest(input *CreateSnapshotInput) (req *request.Re // protected. // // You can tag your snapshots during creation. For more information, see Tagging -// Your Amazon EC2 Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) +// your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // // For more information, see Amazon Elastic Block Store (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html) @@ -6002,7 +6283,7 @@ func (c *EC2) CreateSpotDatafeedSubscriptionRequest(input *CreateSpotDatafeedSub // // Creates a data feed for Spot Instances, enabling you to view Spot Instance // usage logs. You can create one data feed per AWS account. For more information, -// see Spot Instance Data Feed (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html) +// see Spot Instance data feed (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html) // in the Amazon EC2 User Guide for Linux Instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -6077,15 +6358,12 @@ func (c *EC2) CreateSubnetRequest(input *CreateSubnetInput) (req *request.Reques // CreateSubnet API operation for Amazon Elastic Compute Cloud. // -// Creates a subnet in an existing VPC. +// Creates a subnet in a specified VPC. // -// When you create each subnet, you provide the VPC ID and IPv4 CIDR block for -// the subnet. After you create a subnet, you can't change its CIDR block. The -// size of the subnet's IPv4 CIDR block can be the same as a VPC's IPv4 CIDR -// block, or a subset of a VPC's IPv4 CIDR block. If you create more than one -// subnet in a VPC, the subnets' CIDR blocks must not overlap. The smallest -// IPv4 subnet (and VPC) you can create uses a /28 netmask (16 IPv4 addresses), -// and the largest uses a /16 netmask (65,536 IPv4 addresses). +// You must specify an IPv4 CIDR block for the subnet. After you create a subnet, +// you can't change its CIDR block. The allowed block size is between a /16 +// netmask (65,536 IP addresses) and /28 netmask (16 IP addresses). The CIDR +// block must not overlap with the CIDR block of an existing subnet in the VPC. // // If you've associated an IPv6 CIDR block with your VPC, you can create a subnet // with an IPv6 CIDR block that uses a /64 prefix length. @@ -6096,9 +6374,7 @@ func (c *EC2) CreateSubnetRequest(input *CreateSubnetInput) (req *request.Reques // If you add more than one subnet to a VPC, they're set up in a star topology // with a logical router in the middle. // -// If you launch an instance in a VPC using an Amazon EBS-backed AMI, the IP -// address doesn't change if you stop and restart the instance (unlike a similar -// instance launched outside a VPC, which gets a new IP address when restarted). +// When you stop an instance in a subnet, it retains its private IPv4 address. // It's therefore possible to have a subnet with no running instances (they're // all stopped), but no remaining IP addresses available. // @@ -6178,9 +6454,10 @@ func (c *EC2) CreateTagsRequest(input *CreateTagsInput) (req *request.Request, o // CreateTags API operation for Amazon Elastic Compute Cloud. // -// Adds or overwrites the specified tags for the specified Amazon EC2 resource -// or resources. Each resource can have a maximum of 50 tags. Each tag consists -// of a key and optional value. Tag keys must be unique per resource. +// Adds or overwrites only the specified tags for the specified Amazon EC2 resource +// or resources. When you specify an existing tag key, the value is overwritten +// with the new value. Each resource can have a maximum of 50 tags. Each tag +// consists of a key and optional value. Tag keys must be unique per resource. // // For more information about tags, see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. For more information about @@ -6797,6 +7074,81 @@ func (c *EC2) CreateTransitGatewayPeeringAttachmentWithContext(ctx aws.Context, return out, req.Send() } +const opCreateTransitGatewayPrefixListReference = "CreateTransitGatewayPrefixListReference" + +// CreateTransitGatewayPrefixListReferenceRequest generates a "aws/request.Request" representing the +// client's request for the CreateTransitGatewayPrefixListReference operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTransitGatewayPrefixListReference for more information on using the CreateTransitGatewayPrefixListReference +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTransitGatewayPrefixListReferenceRequest method. +// req, resp := client.CreateTransitGatewayPrefixListReferenceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayPrefixListReference +func (c *EC2) CreateTransitGatewayPrefixListReferenceRequest(input *CreateTransitGatewayPrefixListReferenceInput) (req *request.Request, output *CreateTransitGatewayPrefixListReferenceOutput) { + op := &request.Operation{ + Name: opCreateTransitGatewayPrefixListReference, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTransitGatewayPrefixListReferenceInput{} + } + + output = &CreateTransitGatewayPrefixListReferenceOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTransitGatewayPrefixListReference API operation for Amazon Elastic Compute Cloud. +// +// Creates a reference (route) to a prefix list in a specified transit gateway +// route table. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTransitGatewayPrefixListReference for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayPrefixListReference +func (c *EC2) CreateTransitGatewayPrefixListReference(input *CreateTransitGatewayPrefixListReferenceInput) (*CreateTransitGatewayPrefixListReferenceOutput, error) { + req, out := c.CreateTransitGatewayPrefixListReferenceRequest(input) + return out, req.Send() +} + +// CreateTransitGatewayPrefixListReferenceWithContext is the same as CreateTransitGatewayPrefixListReference with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTransitGatewayPrefixListReference for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTransitGatewayPrefixListReferenceWithContext(ctx aws.Context, input *CreateTransitGatewayPrefixListReferenceInput, opts ...request.Option) (*CreateTransitGatewayPrefixListReferenceOutput, error) { + req, out := c.CreateTransitGatewayPrefixListReferenceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateTransitGatewayRoute = "CreateTransitGatewayRoute" // CreateTransitGatewayRouteRequest generates a "aws/request.Request" representing the @@ -7085,10 +7437,10 @@ func (c *EC2) CreateVolumeRequest(input *CreateVolumeInput) (req *request.Reques // in the Amazon Elastic Compute Cloud User Guide. // // You can tag your volumes during creation. For more information, see Tagging -// Your Amazon EC2 Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) +// your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For more information, see Creating an Amazon EBS Volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-volume.html) +// For more information, see Creating an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-volume.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -7169,9 +7521,10 @@ func (c *EC2) CreateVpcRequest(input *CreateVpcInput) (req *request.Request, out // make your VPC, see Your VPC and Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) // in the Amazon Virtual Private Cloud User Guide. // -// You can optionally request an Amazon-provided IPv6 CIDR block for the VPC. -// The IPv6 CIDR block uses a /56 prefix length, and is allocated from Amazon's -// pool of IPv6 addresses. You cannot choose the IPv6 range for your VPC. +// You can optionally request an IPv6 CIDR block for the VPC. You can request +// an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, +// or an IPv6 CIDR block from an IPv6 address pool that you provisioned through +// bring your own IP addresses (BYOIP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html)). // // By default, each instance you launch in the VPC has the default DHCP options, // which include only a default DNS server that we provide (AmazonProvidedDNS). @@ -7600,15 +7953,15 @@ func (c *EC2) CreateVpnConnectionRequest(input *CreateVpnConnectionInput) (req * // CreateVpnConnection API operation for Amazon Elastic Compute Cloud. // -// Creates a VPN connection between an existing virtual private gateway and -// a VPN customer gateway. The supported connection type is ipsec.1. +// Creates a VPN connection between an existing virtual private gateway or transit +// gateway and a customer gateway. The supported connection type is ipsec.1. // // The response includes information that you need to give to your network administrator // to configure your customer gateway. // // We strongly recommend that you use HTTPS when calling this operation because // the response contains sensitive cryptographic information for configuring -// your customer gateway. +// your customer gateway device. // // If you decide to shut down your VPN connection for any reason and later create // a new VPN connection, you must reconfigure your customer gateway with the @@ -7808,6 +8161,84 @@ func (c *EC2) CreateVpnGatewayWithContext(ctx aws.Context, input *CreateVpnGatew return out, req.Send() } +const opDeleteCarrierGateway = "DeleteCarrierGateway" + +// DeleteCarrierGatewayRequest generates a "aws/request.Request" representing the +// client's request for the DeleteCarrierGateway operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteCarrierGateway for more information on using the DeleteCarrierGateway +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteCarrierGatewayRequest method. +// req, resp := client.DeleteCarrierGatewayRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteCarrierGateway +func (c *EC2) DeleteCarrierGatewayRequest(input *DeleteCarrierGatewayInput) (req *request.Request, output *DeleteCarrierGatewayOutput) { + op := &request.Operation{ + Name: opDeleteCarrierGateway, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteCarrierGatewayInput{} + } + + output = &DeleteCarrierGatewayOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteCarrierGateway API operation for Amazon Elastic Compute Cloud. +// +// Deletes a carrier gateway. +// +// If you do not delete the route that contains the carrier gateway as the Target, +// the route is a blackhole route. For information about how to delete a route, +// see DeleteRoute (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteRoute.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteCarrierGateway for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteCarrierGateway +func (c *EC2) DeleteCarrierGateway(input *DeleteCarrierGatewayInput) (*DeleteCarrierGatewayOutput, error) { + req, out := c.DeleteCarrierGatewayRequest(input) + return out, req.Send() +} + +// DeleteCarrierGatewayWithContext is the same as DeleteCarrierGateway with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteCarrierGateway for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteCarrierGatewayWithContext(ctx aws.Context, input *DeleteCarrierGatewayInput, opts ...request.Option) (*DeleteCarrierGatewayOutput, error) { + req, out := c.DeleteCarrierGatewayRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteClientVpnEndpoint = "DeleteClientVpnEndpoint" // DeleteClientVpnEndpointRequest generates a "aws/request.Request" representing the @@ -8868,6 +9299,81 @@ func (c *EC2) DeleteLocalGatewayRouteTableVpcAssociationWithContext(ctx aws.Cont return out, req.Send() } +const opDeleteManagedPrefixList = "DeleteManagedPrefixList" + +// DeleteManagedPrefixListRequest generates a "aws/request.Request" representing the +// client's request for the DeleteManagedPrefixList operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteManagedPrefixList for more information on using the DeleteManagedPrefixList +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteManagedPrefixListRequest method. +// req, resp := client.DeleteManagedPrefixListRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteManagedPrefixList +func (c *EC2) DeleteManagedPrefixListRequest(input *DeleteManagedPrefixListInput) (req *request.Request, output *DeleteManagedPrefixListOutput) { + op := &request.Operation{ + Name: opDeleteManagedPrefixList, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteManagedPrefixListInput{} + } + + output = &DeleteManagedPrefixListOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteManagedPrefixList API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified managed prefix list. You must first remove all references +// to the prefix list in your resources. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteManagedPrefixList for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteManagedPrefixList +func (c *EC2) DeleteManagedPrefixList(input *DeleteManagedPrefixListInput) (*DeleteManagedPrefixListOutput, error) { + req, out := c.DeleteManagedPrefixListRequest(input) + return out, req.Send() +} + +// DeleteManagedPrefixListWithContext is the same as DeleteManagedPrefixList with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteManagedPrefixList for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteManagedPrefixListWithContext(ctx aws.Context, input *DeleteManagedPrefixListInput, opts ...request.Option) (*DeleteManagedPrefixListOutput, error) { + req, out := c.DeleteManagedPrefixListRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteNatGateway = "DeleteNatGateway" // DeleteNatGatewayRequest generates a "aws/request.Request" representing the @@ -9296,7 +9802,7 @@ func (c *EC2) DeletePlacementGroupRequest(input *DeletePlacementGroupInput) (req // // Deletes the specified placement group. You must terminate all instances in // the placement group before you can delete the placement group. For more information, -// see Placement Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) +// see Placement groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -9690,7 +10196,7 @@ func (c *EC2) DeleteSnapshotRequest(input *DeleteSnapshotInput) (req *request.Re // a registered AMI. You must first de-register the AMI before you can delete // the snapshot. // -// For more information, see Deleting an Amazon EBS Snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html) +// For more information, see Deleting an Amazon EBS snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -10475,6 +10981,81 @@ func (c *EC2) DeleteTransitGatewayPeeringAttachmentWithContext(ctx aws.Context, return out, req.Send() } +const opDeleteTransitGatewayPrefixListReference = "DeleteTransitGatewayPrefixListReference" + +// DeleteTransitGatewayPrefixListReferenceRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTransitGatewayPrefixListReference operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTransitGatewayPrefixListReference for more information on using the DeleteTransitGatewayPrefixListReference +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTransitGatewayPrefixListReferenceRequest method. +// req, resp := client.DeleteTransitGatewayPrefixListReferenceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayPrefixListReference +func (c *EC2) DeleteTransitGatewayPrefixListReferenceRequest(input *DeleteTransitGatewayPrefixListReferenceInput) (req *request.Request, output *DeleteTransitGatewayPrefixListReferenceOutput) { + op := &request.Operation{ + Name: opDeleteTransitGatewayPrefixListReference, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTransitGatewayPrefixListReferenceInput{} + } + + output = &DeleteTransitGatewayPrefixListReferenceOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTransitGatewayPrefixListReference API operation for Amazon Elastic Compute Cloud. +// +// Deletes a reference (route) to a prefix list in a specified transit gateway +// route table. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTransitGatewayPrefixListReference for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayPrefixListReference +func (c *EC2) DeleteTransitGatewayPrefixListReference(input *DeleteTransitGatewayPrefixListReferenceInput) (*DeleteTransitGatewayPrefixListReferenceOutput, error) { + req, out := c.DeleteTransitGatewayPrefixListReferenceRequest(input) + return out, req.Send() +} + +// DeleteTransitGatewayPrefixListReferenceWithContext is the same as DeleteTransitGatewayPrefixListReference with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTransitGatewayPrefixListReference for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTransitGatewayPrefixListReferenceWithContext(ctx aws.Context, input *DeleteTransitGatewayPrefixListReferenceInput, opts ...request.Option) (*DeleteTransitGatewayPrefixListReferenceOutput, error) { + req, out := c.DeleteTransitGatewayPrefixListReferenceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteTransitGatewayRoute = "DeleteTransitGatewayRoute" // DeleteTransitGatewayRouteRequest generates a "aws/request.Request" representing the @@ -10749,7 +11330,7 @@ func (c *EC2) DeleteVolumeRequest(input *DeleteVolumeInput) (req *request.Reques // // The volume can remain in the deleting state for several minutes. // -// For more information, see Deleting an Amazon EBS Volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-volume.html) +// For more information, see Deleting an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-volume.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -11218,9 +11799,13 @@ func (c *EC2) DeleteVpnConnectionRequest(input *DeleteVpnConnectionInput) (req * // your VPN connection have been compromised, you can delete the VPN connection // and create a new one that has new keys, without needing to delete the VPC // or virtual private gateway. If you create a new VPN connection, you must -// reconfigure the customer gateway using the new configuration information +// reconfigure the customer gateway device using the new configuration information // returned with the new VPN connection ID. // +// For certificate-based authentication, delete all AWS Certificate Manager +// (ACM) private certificates used for the AWS-side tunnel endpoints for the +// VPN connection before deleting the VPN connection. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -11372,11 +11957,10 @@ func (c *EC2) DeleteVpnGatewayRequest(input *DeleteVpnGatewayInput) (req *reques // DeleteVpnGateway API operation for Amazon Elastic Compute Cloud. // -// Deletes the specified virtual private gateway. We recommend that before you -// delete a virtual private gateway, you detach it from the VPC and delete the -// VPN connection. Note that you don't need to delete the virtual private gateway -// if you plan to delete and recreate the VPN connection between your VPC and -// your network. +// Deletes the specified virtual private gateway. You must first detach the +// virtual private gateway from the VPC. Note that you don't need to delete +// the virtual private gateway if you plan to delete and recreate the VPN connection +// between your VPC and your network. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11569,6 +12153,81 @@ func (c *EC2) DeregisterImageWithContext(ctx aws.Context, input *DeregisterImage return out, req.Send() } +const opDeregisterInstanceEventNotificationAttributes = "DeregisterInstanceEventNotificationAttributes" + +// DeregisterInstanceEventNotificationAttributesRequest generates a "aws/request.Request" representing the +// client's request for the DeregisterInstanceEventNotificationAttributes operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeregisterInstanceEventNotificationAttributes for more information on using the DeregisterInstanceEventNotificationAttributes +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeregisterInstanceEventNotificationAttributesRequest method. +// req, resp := client.DeregisterInstanceEventNotificationAttributesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeregisterInstanceEventNotificationAttributes +func (c *EC2) DeregisterInstanceEventNotificationAttributesRequest(input *DeregisterInstanceEventNotificationAttributesInput) (req *request.Request, output *DeregisterInstanceEventNotificationAttributesOutput) { + op := &request.Operation{ + Name: opDeregisterInstanceEventNotificationAttributes, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeregisterInstanceEventNotificationAttributesInput{} + } + + output = &DeregisterInstanceEventNotificationAttributesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeregisterInstanceEventNotificationAttributes API operation for Amazon Elastic Compute Cloud. +// +// Deregisters tag keys to prevent tags that have the specified tag keys from +// being included in scheduled event notifications for resources in the Region. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeregisterInstanceEventNotificationAttributes for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeregisterInstanceEventNotificationAttributes +func (c *EC2) DeregisterInstanceEventNotificationAttributes(input *DeregisterInstanceEventNotificationAttributesInput) (*DeregisterInstanceEventNotificationAttributesOutput, error) { + req, out := c.DeregisterInstanceEventNotificationAttributesRequest(input) + return out, req.Send() +} + +// DeregisterInstanceEventNotificationAttributesWithContext is the same as DeregisterInstanceEventNotificationAttributes with the addition of +// the ability to pass a context and additional request options. +// +// See DeregisterInstanceEventNotificationAttributes for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeregisterInstanceEventNotificationAttributesWithContext(ctx aws.Context, input *DeregisterInstanceEventNotificationAttributesInput, opts ...request.Option) (*DeregisterInstanceEventNotificationAttributesOutput, error) { + req, out := c.DeregisterInstanceEventNotificationAttributesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeregisterTransitGatewayMulticastGroupMembers = "DeregisterTransitGatewayMulticastGroupMembers" // DeregisterTransitGatewayMulticastGroupMembersRequest generates a "aws/request.Request" representing the @@ -12023,13 +12682,12 @@ func (c *EC2) DescribeAvailabilityZonesRequest(input *DescribeAvailabilityZonesI // DescribeAvailabilityZones API operation for Amazon Elastic Compute Cloud. // -// Describes the Availability Zones and Local Zones that are available to you. -// If there is an event impacting an Availability Zone or Local Zone, you can -// use this request to view the state and any provided messages for that Availability -// Zone or Local Zone. +// Describes the Availability Zones, Local Zones, and Wavelength Zones that +// are available to you. If there is an event impacting a zone, you can use +// this request to view the state and any provided messages for that zone. // -// For more information about Availability Zones and Local Zones, see Regions -// and Availability Zones (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) +// For more information about Availability Zones, Local Zones, and Wavelength +// Zones, see Regions, Zones and Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12192,7 +12850,7 @@ func (c *EC2) DescribeByoipCidrsRequest(input *DescribeByoipCidrsInput) (req *re // Describes the IP address ranges that were specified in calls to ProvisionByoipCidr. // // To describe the address pools that were created when you provisioned the -// address ranges, use DescribePublicIpv4Pools. +// address ranges, use DescribePublicIpv4Pools or DescribeIpv6Pools. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -12407,6 +13065,138 @@ func (c *EC2) DescribeCapacityReservationsPagesWithContext(ctx aws.Context, inpu return p.Err() } +const opDescribeCarrierGateways = "DescribeCarrierGateways" + +// DescribeCarrierGatewaysRequest generates a "aws/request.Request" representing the +// client's request for the DescribeCarrierGateways operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeCarrierGateways for more information on using the DescribeCarrierGateways +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeCarrierGatewaysRequest method. +// req, resp := client.DescribeCarrierGatewaysRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeCarrierGateways +func (c *EC2) DescribeCarrierGatewaysRequest(input *DescribeCarrierGatewaysInput) (req *request.Request, output *DescribeCarrierGatewaysOutput) { + op := &request.Operation{ + Name: opDescribeCarrierGateways, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeCarrierGatewaysInput{} + } + + output = &DescribeCarrierGatewaysOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeCarrierGateways API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more of your carrier gateways. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeCarrierGateways for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeCarrierGateways +func (c *EC2) DescribeCarrierGateways(input *DescribeCarrierGatewaysInput) (*DescribeCarrierGatewaysOutput, error) { + req, out := c.DescribeCarrierGatewaysRequest(input) + return out, req.Send() +} + +// DescribeCarrierGatewaysWithContext is the same as DescribeCarrierGateways with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeCarrierGateways for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeCarrierGatewaysWithContext(ctx aws.Context, input *DescribeCarrierGatewaysInput, opts ...request.Option) (*DescribeCarrierGatewaysOutput, error) { + req, out := c.DescribeCarrierGatewaysRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeCarrierGatewaysPages iterates over the pages of a DescribeCarrierGateways operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeCarrierGateways method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeCarrierGateways operation. +// pageNum := 0 +// err := client.DescribeCarrierGatewaysPages(params, +// func(page *ec2.DescribeCarrierGatewaysOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeCarrierGatewaysPages(input *DescribeCarrierGatewaysInput, fn func(*DescribeCarrierGatewaysOutput, bool) bool) error { + return c.DescribeCarrierGatewaysPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeCarrierGatewaysPagesWithContext same as DescribeCarrierGatewaysPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeCarrierGatewaysPagesWithContext(ctx aws.Context, input *DescribeCarrierGatewaysInput, fn func(*DescribeCarrierGatewaysOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeCarrierGatewaysInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeCarrierGatewaysRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeCarrierGatewaysOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeClassicLinkInstances = "DescribeClassicLinkInstances" // DescribeClassicLinkInstancesRequest generates a "aws/request.Request" representing the @@ -13234,6 +14024,12 @@ func (c *EC2) DescribeCoipPoolsRequest(input *DescribeCoipPoolsInput) (req *requ Name: opDescribeCoipPools, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -13278,6 +14074,58 @@ func (c *EC2) DescribeCoipPoolsWithContext(ctx aws.Context, input *DescribeCoipP return out, req.Send() } +// DescribeCoipPoolsPages iterates over the pages of a DescribeCoipPools operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeCoipPools method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeCoipPools operation. +// pageNum := 0 +// err := client.DescribeCoipPoolsPages(params, +// func(page *ec2.DescribeCoipPoolsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeCoipPoolsPages(input *DescribeCoipPoolsInput, fn func(*DescribeCoipPoolsOutput, bool) bool) error { + return c.DescribeCoipPoolsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeCoipPoolsPagesWithContext same as DescribeCoipPoolsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeCoipPoolsPagesWithContext(ctx aws.Context, input *DescribeCoipPoolsInput, fn func(*DescribeCoipPoolsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeCoipPoolsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeCoipPoolsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeCoipPoolsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeConversionTasks = "DescribeConversionTasks" // DescribeConversionTasksRequest generates a "aws/request.Request" representing the @@ -13826,7 +14674,7 @@ func (c *EC2) DescribeExportImageTasksRequest(input *DescribeExportImageTasksInp // DescribeExportImageTasks API operation for Amazon Elastic Compute Cloud. // -// Describes the specified export image tasks or all your export image tasks. +// Describes the specified export image tasks or all of your export image tasks. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -13952,7 +14800,7 @@ func (c *EC2) DescribeExportTasksRequest(input *DescribeExportTasksInput) (req * // DescribeExportTasks API operation for Amazon Elastic Compute Cloud. // -// Describes the specified export instance tasks or all your export instance +// Describes the specified export instance tasks or all of your export instance // tasks. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16037,7 +16885,7 @@ func (c *EC2) DescribeInstanceCreditSpecificationsRequest(input *DescribeInstanc // all, the call fails. If you specify only instance IDs in an unaffected zone, // the call works normally. // -// For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) +// For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16120,6 +16968,81 @@ func (c *EC2) DescribeInstanceCreditSpecificationsPagesWithContext(ctx aws.Conte return p.Err() } +const opDescribeInstanceEventNotificationAttributes = "DescribeInstanceEventNotificationAttributes" + +// DescribeInstanceEventNotificationAttributesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstanceEventNotificationAttributes operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstanceEventNotificationAttributes for more information on using the DescribeInstanceEventNotificationAttributes +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeInstanceEventNotificationAttributesRequest method. +// req, resp := client.DescribeInstanceEventNotificationAttributesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceEventNotificationAttributes +func (c *EC2) DescribeInstanceEventNotificationAttributesRequest(input *DescribeInstanceEventNotificationAttributesInput) (req *request.Request, output *DescribeInstanceEventNotificationAttributesOutput) { + op := &request.Operation{ + Name: opDescribeInstanceEventNotificationAttributes, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeInstanceEventNotificationAttributesInput{} + } + + output = &DescribeInstanceEventNotificationAttributesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstanceEventNotificationAttributes API operation for Amazon Elastic Compute Cloud. +// +// Describes the tag keys that are registered to appear in scheduled event notifications +// for resources in the current Region. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeInstanceEventNotificationAttributes for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceEventNotificationAttributes +func (c *EC2) DescribeInstanceEventNotificationAttributes(input *DescribeInstanceEventNotificationAttributesInput) (*DescribeInstanceEventNotificationAttributesOutput, error) { + req, out := c.DescribeInstanceEventNotificationAttributesRequest(input) + return out, req.Send() +} + +// DescribeInstanceEventNotificationAttributesWithContext is the same as DescribeInstanceEventNotificationAttributes with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstanceEventNotificationAttributes for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceEventNotificationAttributesWithContext(ctx aws.Context, input *DescribeInstanceEventNotificationAttributesInput, opts ...request.Option) (*DescribeInstanceEventNotificationAttributesOutput, error) { + req, out := c.DescribeInstanceEventNotificationAttributesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeInstanceStatus = "DescribeInstanceStatus" // DescribeInstanceStatusRequest generates a "aws/request.Request" representing the @@ -16178,18 +17101,18 @@ func (c *EC2) DescribeInstanceStatusRequest(input *DescribeInstanceStatusInput) // // * Status checks - Amazon EC2 performs status checks on running EC2 instances // to identify hardware and software issues. For more information, see Status -// Checks for Your Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-system-instance-status-check.html) -// and Troubleshooting Instances with Failed Status Checks (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstances.html) +// checks for your instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-system-instance-status-check.html) +// and Troubleshooting instances with failed status checks (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstances.html) // in the Amazon Elastic Compute Cloud User Guide. // // * Scheduled events - Amazon EC2 can schedule events (such as reboot, stop, // or terminate) for your instances related to hardware issues, software -// updates, or system maintenance. For more information, see Scheduled Events -// for Your Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check_sched.html) +// updates, or system maintenance. For more information, see Scheduled events +// for your instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check_sched.html) // in the Amazon Elastic Compute Cloud User Guide. // // * Instance state - You can manage your instances from the moment you launch -// them through their termination. For more information, see Instance Lifecycle +// them through their termination. For more information, see Instance lifecycle // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) // in the Amazon Elastic Compute Cloud User Guide. // @@ -16304,6 +17227,12 @@ func (c *EC2) DescribeInstanceTypeOfferingsRequest(input *DescribeInstanceTypeOf Name: opDescribeInstanceTypeOfferings, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -16349,6 +17278,58 @@ func (c *EC2) DescribeInstanceTypeOfferingsWithContext(ctx aws.Context, input *D return out, req.Send() } +// DescribeInstanceTypeOfferingsPages iterates over the pages of a DescribeInstanceTypeOfferings operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInstanceTypeOfferings method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInstanceTypeOfferings operation. +// pageNum := 0 +// err := client.DescribeInstanceTypeOfferingsPages(params, +// func(page *ec2.DescribeInstanceTypeOfferingsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeInstanceTypeOfferingsPages(input *DescribeInstanceTypeOfferingsInput, fn func(*DescribeInstanceTypeOfferingsOutput, bool) bool) error { + return c.DescribeInstanceTypeOfferingsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInstanceTypeOfferingsPagesWithContext same as DescribeInstanceTypeOfferingsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceTypeOfferingsPagesWithContext(ctx aws.Context, input *DescribeInstanceTypeOfferingsInput, fn func(*DescribeInstanceTypeOfferingsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInstanceTypeOfferingsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInstanceTypeOfferingsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInstanceTypeOfferingsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeInstanceTypes = "DescribeInstanceTypes" // DescribeInstanceTypesRequest generates a "aws/request.Request" representing the @@ -16380,6 +17361,12 @@ func (c *EC2) DescribeInstanceTypesRequest(input *DescribeInstanceTypesInput) (r Name: opDescribeInstanceTypes, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -16393,7 +17380,7 @@ func (c *EC2) DescribeInstanceTypesRequest(input *DescribeInstanceTypesInput) (r // DescribeInstanceTypes API operation for Amazon Elastic Compute Cloud. // -// Returns a list of all instance types offered in your current AWS Region. +// Describes the details of the instance types that are offered in a location. // The results can be filtered by the attributes of the instance types. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16424,6 +17411,58 @@ func (c *EC2) DescribeInstanceTypesWithContext(ctx aws.Context, input *DescribeI return out, req.Send() } +// DescribeInstanceTypesPages iterates over the pages of a DescribeInstanceTypes operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInstanceTypes method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInstanceTypes operation. +// pageNum := 0 +// err := client.DescribeInstanceTypesPages(params, +// func(page *ec2.DescribeInstanceTypesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeInstanceTypesPages(input *DescribeInstanceTypesInput, fn func(*DescribeInstanceTypesOutput, bool) bool) error { + return c.DescribeInstanceTypesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInstanceTypesPagesWithContext same as DescribeInstanceTypesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceTypesPagesWithContext(ctx aws.Context, input *DescribeInstanceTypesInput, fn func(*DescribeInstanceTypesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInstanceTypesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInstanceTypesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInstanceTypesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeInstances = "DescribeInstances" // DescribeInstancesRequest generates a "aws/request.Request" representing the @@ -16474,13 +17513,17 @@ func (c *EC2) DescribeInstancesRequest(input *DescribeInstancesInput) (req *requ // DescribeInstances API operation for Amazon Elastic Compute Cloud. // -// Describes the specified instances or all of AWS account's instances. +// Describes the specified instances or all instances. +// +// If you specify instance IDs, the output includes information for only the +// specified instances. If you specify filters, the output includes information +// for only those instances that meet the filter criteria. If you do not specify +// instance IDs or filters, the output includes information for all instances, +// which can affect performance. We recommend that you use pagination to ensure +// that the operation returns quickly and successfully. // -// If you specify one or more instance IDs, Amazon EC2 returns information for -// those instances. If you do not specify instance IDs, Amazon EC2 returns information -// for all relevant instances. If you specify an instance ID that is not valid, -// an error is returned. If you specify an instance that you do not own, it -// is not included in the returned results. +// If you specify an instance ID that is not valid, an error is returned. If +// you specify an instance that you do not own, it is not included in the output. // // Recently terminated instances might appear in the returned results. This // interval is usually less than one hour. @@ -16703,6 +17746,138 @@ func (c *EC2) DescribeInternetGatewaysPagesWithContext(ctx aws.Context, input *D return p.Err() } +const opDescribeIpv6Pools = "DescribeIpv6Pools" + +// DescribeIpv6PoolsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeIpv6Pools operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeIpv6Pools for more information on using the DescribeIpv6Pools +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeIpv6PoolsRequest method. +// req, resp := client.DescribeIpv6PoolsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpv6Pools +func (c *EC2) DescribeIpv6PoolsRequest(input *DescribeIpv6PoolsInput) (req *request.Request, output *DescribeIpv6PoolsOutput) { + op := &request.Operation{ + Name: opDescribeIpv6Pools, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeIpv6PoolsInput{} + } + + output = &DescribeIpv6PoolsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeIpv6Pools API operation for Amazon Elastic Compute Cloud. +// +// Describes your IPv6 address pools. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeIpv6Pools for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpv6Pools +func (c *EC2) DescribeIpv6Pools(input *DescribeIpv6PoolsInput) (*DescribeIpv6PoolsOutput, error) { + req, out := c.DescribeIpv6PoolsRequest(input) + return out, req.Send() +} + +// DescribeIpv6PoolsWithContext is the same as DescribeIpv6Pools with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeIpv6Pools for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpv6PoolsWithContext(ctx aws.Context, input *DescribeIpv6PoolsInput, opts ...request.Option) (*DescribeIpv6PoolsOutput, error) { + req, out := c.DescribeIpv6PoolsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeIpv6PoolsPages iterates over the pages of a DescribeIpv6Pools operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeIpv6Pools method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeIpv6Pools operation. +// pageNum := 0 +// err := client.DescribeIpv6PoolsPages(params, +// func(page *ec2.DescribeIpv6PoolsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeIpv6PoolsPages(input *DescribeIpv6PoolsInput, fn func(*DescribeIpv6PoolsOutput, bool) bool) error { + return c.DescribeIpv6PoolsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeIpv6PoolsPagesWithContext same as DescribeIpv6PoolsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpv6PoolsPagesWithContext(ctx aws.Context, input *DescribeIpv6PoolsInput, fn func(*DescribeIpv6PoolsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeIpv6PoolsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeIpv6PoolsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeIpv6PoolsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeKeyPairs = "DescribeKeyPairs" // DescribeKeyPairsRequest generates a "aws/request.Request" representing the @@ -16831,7 +18006,9 @@ func (c *EC2) DescribeLaunchTemplateVersionsRequest(input *DescribeLaunchTemplat // DescribeLaunchTemplateVersions API operation for Amazon Elastic Compute Cloud. // // Describes one or more versions of a specified launch template. You can describe -// all versions, individual versions, or a range of versions. +// all versions, individual versions, or a range of versions. You can also describe +// all the latest versions or all the default versions of all the launch templates +// in your account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -17076,6 +18253,12 @@ func (c *EC2) DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsReq Name: opDescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17120,6 +18303,58 @@ func (c *EC2) DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsWit return out, req.Send() } +// DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsPages iterates over the pages of a DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations operation. +// pageNum := 0 +// err := client.DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsPages(params, +// func(page *ec2.DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsPages(input *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput, fn func(*DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput, bool) bool) error { + return c.DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsPagesWithContext same as DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsPagesWithContext(ctx aws.Context, input *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput, fn func(*DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeLocalGatewayRouteTableVpcAssociations = "DescribeLocalGatewayRouteTableVpcAssociations" // DescribeLocalGatewayRouteTableVpcAssociationsRequest generates a "aws/request.Request" representing the @@ -17151,6 +18386,12 @@ func (c *EC2) DescribeLocalGatewayRouteTableVpcAssociationsRequest(input *Descri Name: opDescribeLocalGatewayRouteTableVpcAssociations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17195,6 +18436,58 @@ func (c *EC2) DescribeLocalGatewayRouteTableVpcAssociationsWithContext(ctx aws.C return out, req.Send() } +// DescribeLocalGatewayRouteTableVpcAssociationsPages iterates over the pages of a DescribeLocalGatewayRouteTableVpcAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeLocalGatewayRouteTableVpcAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeLocalGatewayRouteTableVpcAssociations operation. +// pageNum := 0 +// err := client.DescribeLocalGatewayRouteTableVpcAssociationsPages(params, +// func(page *ec2.DescribeLocalGatewayRouteTableVpcAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeLocalGatewayRouteTableVpcAssociationsPages(input *DescribeLocalGatewayRouteTableVpcAssociationsInput, fn func(*DescribeLocalGatewayRouteTableVpcAssociationsOutput, bool) bool) error { + return c.DescribeLocalGatewayRouteTableVpcAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeLocalGatewayRouteTableVpcAssociationsPagesWithContext same as DescribeLocalGatewayRouteTableVpcAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayRouteTableVpcAssociationsPagesWithContext(ctx aws.Context, input *DescribeLocalGatewayRouteTableVpcAssociationsInput, fn func(*DescribeLocalGatewayRouteTableVpcAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeLocalGatewayRouteTableVpcAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeLocalGatewayRouteTableVpcAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeLocalGatewayRouteTableVpcAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeLocalGatewayRouteTables = "DescribeLocalGatewayRouteTables" // DescribeLocalGatewayRouteTablesRequest generates a "aws/request.Request" representing the @@ -17226,6 +18519,12 @@ func (c *EC2) DescribeLocalGatewayRouteTablesRequest(input *DescribeLocalGateway Name: opDescribeLocalGatewayRouteTables, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17270,6 +18569,58 @@ func (c *EC2) DescribeLocalGatewayRouteTablesWithContext(ctx aws.Context, input return out, req.Send() } +// DescribeLocalGatewayRouteTablesPages iterates over the pages of a DescribeLocalGatewayRouteTables operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeLocalGatewayRouteTables method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeLocalGatewayRouteTables operation. +// pageNum := 0 +// err := client.DescribeLocalGatewayRouteTablesPages(params, +// func(page *ec2.DescribeLocalGatewayRouteTablesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeLocalGatewayRouteTablesPages(input *DescribeLocalGatewayRouteTablesInput, fn func(*DescribeLocalGatewayRouteTablesOutput, bool) bool) error { + return c.DescribeLocalGatewayRouteTablesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeLocalGatewayRouteTablesPagesWithContext same as DescribeLocalGatewayRouteTablesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayRouteTablesPagesWithContext(ctx aws.Context, input *DescribeLocalGatewayRouteTablesInput, fn func(*DescribeLocalGatewayRouteTablesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeLocalGatewayRouteTablesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeLocalGatewayRouteTablesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeLocalGatewayRouteTablesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeLocalGatewayVirtualInterfaceGroups = "DescribeLocalGatewayVirtualInterfaceGroups" // DescribeLocalGatewayVirtualInterfaceGroupsRequest generates a "aws/request.Request" representing the @@ -17301,6 +18652,12 @@ func (c *EC2) DescribeLocalGatewayVirtualInterfaceGroupsRequest(input *DescribeL Name: opDescribeLocalGatewayVirtualInterfaceGroups, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17344,6 +18701,58 @@ func (c *EC2) DescribeLocalGatewayVirtualInterfaceGroupsWithContext(ctx aws.Cont return out, req.Send() } +// DescribeLocalGatewayVirtualInterfaceGroupsPages iterates over the pages of a DescribeLocalGatewayVirtualInterfaceGroups operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeLocalGatewayVirtualInterfaceGroups method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeLocalGatewayVirtualInterfaceGroups operation. +// pageNum := 0 +// err := client.DescribeLocalGatewayVirtualInterfaceGroupsPages(params, +// func(page *ec2.DescribeLocalGatewayVirtualInterfaceGroupsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeLocalGatewayVirtualInterfaceGroupsPages(input *DescribeLocalGatewayVirtualInterfaceGroupsInput, fn func(*DescribeLocalGatewayVirtualInterfaceGroupsOutput, bool) bool) error { + return c.DescribeLocalGatewayVirtualInterfaceGroupsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeLocalGatewayVirtualInterfaceGroupsPagesWithContext same as DescribeLocalGatewayVirtualInterfaceGroupsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayVirtualInterfaceGroupsPagesWithContext(ctx aws.Context, input *DescribeLocalGatewayVirtualInterfaceGroupsInput, fn func(*DescribeLocalGatewayVirtualInterfaceGroupsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeLocalGatewayVirtualInterfaceGroupsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeLocalGatewayVirtualInterfaceGroupsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeLocalGatewayVirtualInterfaceGroupsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeLocalGatewayVirtualInterfaces = "DescribeLocalGatewayVirtualInterfaces" // DescribeLocalGatewayVirtualInterfacesRequest generates a "aws/request.Request" representing the @@ -17375,6 +18784,12 @@ func (c *EC2) DescribeLocalGatewayVirtualInterfacesRequest(input *DescribeLocalG Name: opDescribeLocalGatewayVirtualInterfaces, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17418,6 +18833,58 @@ func (c *EC2) DescribeLocalGatewayVirtualInterfacesWithContext(ctx aws.Context, return out, req.Send() } +// DescribeLocalGatewayVirtualInterfacesPages iterates over the pages of a DescribeLocalGatewayVirtualInterfaces operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeLocalGatewayVirtualInterfaces method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeLocalGatewayVirtualInterfaces operation. +// pageNum := 0 +// err := client.DescribeLocalGatewayVirtualInterfacesPages(params, +// func(page *ec2.DescribeLocalGatewayVirtualInterfacesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeLocalGatewayVirtualInterfacesPages(input *DescribeLocalGatewayVirtualInterfacesInput, fn func(*DescribeLocalGatewayVirtualInterfacesOutput, bool) bool) error { + return c.DescribeLocalGatewayVirtualInterfacesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeLocalGatewayVirtualInterfacesPagesWithContext same as DescribeLocalGatewayVirtualInterfacesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayVirtualInterfacesPagesWithContext(ctx aws.Context, input *DescribeLocalGatewayVirtualInterfacesInput, fn func(*DescribeLocalGatewayVirtualInterfacesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeLocalGatewayVirtualInterfacesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeLocalGatewayVirtualInterfacesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeLocalGatewayVirtualInterfacesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeLocalGateways = "DescribeLocalGateways" // DescribeLocalGatewaysRequest generates a "aws/request.Request" representing the @@ -17449,6 +18916,12 @@ func (c *EC2) DescribeLocalGatewaysRequest(input *DescribeLocalGatewaysInput) (r Name: opDescribeLocalGateways, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17493,6 +18966,192 @@ func (c *EC2) DescribeLocalGatewaysWithContext(ctx aws.Context, input *DescribeL return out, req.Send() } +// DescribeLocalGatewaysPages iterates over the pages of a DescribeLocalGateways operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeLocalGateways method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeLocalGateways operation. +// pageNum := 0 +// err := client.DescribeLocalGatewaysPages(params, +// func(page *ec2.DescribeLocalGatewaysOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeLocalGatewaysPages(input *DescribeLocalGatewaysInput, fn func(*DescribeLocalGatewaysOutput, bool) bool) error { + return c.DescribeLocalGatewaysPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeLocalGatewaysPagesWithContext same as DescribeLocalGatewaysPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewaysPagesWithContext(ctx aws.Context, input *DescribeLocalGatewaysInput, fn func(*DescribeLocalGatewaysOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeLocalGatewaysInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeLocalGatewaysRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeLocalGatewaysOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeManagedPrefixLists = "DescribeManagedPrefixLists" + +// DescribeManagedPrefixListsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeManagedPrefixLists operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeManagedPrefixLists for more information on using the DescribeManagedPrefixLists +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeManagedPrefixListsRequest method. +// req, resp := client.DescribeManagedPrefixListsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeManagedPrefixLists +func (c *EC2) DescribeManagedPrefixListsRequest(input *DescribeManagedPrefixListsInput) (req *request.Request, output *DescribeManagedPrefixListsOutput) { + op := &request.Operation{ + Name: opDescribeManagedPrefixLists, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeManagedPrefixListsInput{} + } + + output = &DescribeManagedPrefixListsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeManagedPrefixLists API operation for Amazon Elastic Compute Cloud. +// +// Describes your managed prefix lists and any AWS-managed prefix lists. +// +// To view the entries for your prefix list, use GetManagedPrefixListEntries. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeManagedPrefixLists for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeManagedPrefixLists +func (c *EC2) DescribeManagedPrefixLists(input *DescribeManagedPrefixListsInput) (*DescribeManagedPrefixListsOutput, error) { + req, out := c.DescribeManagedPrefixListsRequest(input) + return out, req.Send() +} + +// DescribeManagedPrefixListsWithContext is the same as DescribeManagedPrefixLists with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeManagedPrefixLists for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeManagedPrefixListsWithContext(ctx aws.Context, input *DescribeManagedPrefixListsInput, opts ...request.Option) (*DescribeManagedPrefixListsOutput, error) { + req, out := c.DescribeManagedPrefixListsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeManagedPrefixListsPages iterates over the pages of a DescribeManagedPrefixLists operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeManagedPrefixLists method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeManagedPrefixLists operation. +// pageNum := 0 +// err := client.DescribeManagedPrefixListsPages(params, +// func(page *ec2.DescribeManagedPrefixListsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeManagedPrefixListsPages(input *DescribeManagedPrefixListsInput, fn func(*DescribeManagedPrefixListsOutput, bool) bool) error { + return c.DescribeManagedPrefixListsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeManagedPrefixListsPagesWithContext same as DescribeManagedPrefixListsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeManagedPrefixListsPagesWithContext(ctx aws.Context, input *DescribeManagedPrefixListsInput, fn func(*DescribeManagedPrefixListsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeManagedPrefixListsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeManagedPrefixListsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeManagedPrefixListsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeMovingAddresses = "DescribeMovingAddresses" // DescribeMovingAddressesRequest generates a "aws/request.Request" representing the @@ -18278,7 +19937,7 @@ func (c *EC2) DescribePlacementGroupsRequest(input *DescribePlacementGroupsInput // DescribePlacementGroups API operation for Amazon Elastic Compute Cloud. // // Describes the specified placement groups or all of your placement groups. -// For more information, see Placement Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) +// For more information, see Placement groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -18361,10 +20020,9 @@ func (c *EC2) DescribePrefixListsRequest(input *DescribePrefixListsInput) (req * // // Describes available AWS services in a prefix list format, which includes // the prefix list name and prefix list ID of the service and the IP address -// range for the service. A prefix list ID is required for creating an outbound -// security group rule that allows traffic from a VPC to access an AWS service -// through a gateway VPC endpoint. Currently, the services that support this -// action are Amazon S3 and Amazon DynamoDB. +// range for the service. +// +// We recommend that you use DescribeManagedPrefixLists instead. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -20031,7 +21689,7 @@ func (c *EC2) DescribeSnapshotsRequest(input *DescribeSnapshotsInput) (req *requ // * implicit: An AWS account has implicit create volume permissions for // all snapshots it owns. // -// The list of snapshots returned can be modified by specifying snapshot IDs, +// The list of snapshots returned can be filtered by specifying snapshot IDs, // snapshot owners, or AWS accounts with create volume permissions. If no options // are specified, Amazon EC2 returns all snapshots for which you have create // volume permissions. @@ -20051,12 +21709,14 @@ func (c *EC2) DescribeSnapshotsRequest(input *DescribeSnapshotsInput) (req *requ // (if you own the snapshots), self for snapshots for which you own or have // explicit permissions, or all for public snapshots. // -// If you are describing a long list of snapshots, you can paginate the output -// to make the list more manageable. The MaxResults parameter sets the maximum -// number of results returned in a single page. If the list of results exceeds -// your MaxResults value, then that number of results is returned along with -// a NextToken value that can be passed to a subsequent DescribeSnapshots request -// to retrieve the remaining results. +// If you are describing a long list of snapshots, we recommend that you paginate +// the output to make the list more manageable. The MaxResults parameter sets +// the maximum number of results returned in a single page. If the list of results +// exceeds your MaxResults value, then that number of results is returned along +// with a NextToken value that can be passed to a subsequent DescribeSnapshots +// request to retrieve the remaining results. +// +// To get the state of fast snapshot restores for a snapshot, use DescribeFastSnapshotRestores. // // For more information about EBS snapshots, see Amazon EBS Snapshots (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html) // in the Amazon Elastic Compute Cloud User Guide. @@ -20186,7 +21846,7 @@ func (c *EC2) DescribeSpotDatafeedSubscriptionRequest(input *DescribeSpotDatafee // DescribeSpotDatafeedSubscription API operation for Amazon Elastic Compute Cloud. // // Describes the data feed for Spot Instances. For more information, see Spot -// Instance Data Feed (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html) +// Instance data feed (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html) // in the Amazon EC2 User Guide for Linux Instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -20560,8 +22220,8 @@ func (c *EC2) DescribeSpotInstanceRequestsRequest(input *DescribeSpotInstanceReq // You can use DescribeSpotInstanceRequests to find a running Spot Instance // by examining the response. If the status of the Spot Instance is fulfilled, // the instance ID appears in the response and contains the identifier of the -// instance. Alternatively, you can use DescribeInstances with a filter to look -// for instances where the instance lifecycle is spot. +// instance. Alternatively, you can use DescribeInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances) +// with a filter to look for instances where the instance lifecycle is spot. // // We recommend that you set MaxResults to a value between 5 and 1000 to limit // the number of results returned. This paginates the output, which makes the @@ -20704,7 +22364,7 @@ func (c *EC2) DescribeSpotPriceHistoryRequest(input *DescribeSpotPriceHistoryInp // DescribeSpotPriceHistory API operation for Amazon Elastic Compute Cloud. // // Describes the Spot price history. For more information, see Spot Instance -// Pricing History (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances-history.html) +// pricing history (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances-history.html) // in the Amazon EC2 User Guide for Linux Instances. // // When you specify a start and end time, this operation returns the prices @@ -21760,6 +23420,12 @@ func (c *EC2) DescribeTransitGatewayMulticastDomainsRequest(input *DescribeTrans Name: opDescribeTransitGatewayMulticastDomains, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -21803,6 +23469,58 @@ func (c *EC2) DescribeTransitGatewayMulticastDomainsWithContext(ctx aws.Context, return out, req.Send() } +// DescribeTransitGatewayMulticastDomainsPages iterates over the pages of a DescribeTransitGatewayMulticastDomains operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTransitGatewayMulticastDomains method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTransitGatewayMulticastDomains operation. +// pageNum := 0 +// err := client.DescribeTransitGatewayMulticastDomainsPages(params, +// func(page *ec2.DescribeTransitGatewayMulticastDomainsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTransitGatewayMulticastDomainsPages(input *DescribeTransitGatewayMulticastDomainsInput, fn func(*DescribeTransitGatewayMulticastDomainsOutput, bool) bool) error { + return c.DescribeTransitGatewayMulticastDomainsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTransitGatewayMulticastDomainsPagesWithContext same as DescribeTransitGatewayMulticastDomainsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayMulticastDomainsPagesWithContext(ctx aws.Context, input *DescribeTransitGatewayMulticastDomainsInput, fn func(*DescribeTransitGatewayMulticastDomainsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTransitGatewayMulticastDomainsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTransitGatewayMulticastDomainsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTransitGatewayMulticastDomainsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeTransitGatewayPeeringAttachments = "DescribeTransitGatewayPeeringAttachments" // DescribeTransitGatewayPeeringAttachmentsRequest generates a "aws/request.Request" representing the @@ -21834,6 +23552,12 @@ func (c *EC2) DescribeTransitGatewayPeeringAttachmentsRequest(input *DescribeTra Name: opDescribeTransitGatewayPeeringAttachments, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -21877,6 +23601,58 @@ func (c *EC2) DescribeTransitGatewayPeeringAttachmentsWithContext(ctx aws.Contex return out, req.Send() } +// DescribeTransitGatewayPeeringAttachmentsPages iterates over the pages of a DescribeTransitGatewayPeeringAttachments operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTransitGatewayPeeringAttachments method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTransitGatewayPeeringAttachments operation. +// pageNum := 0 +// err := client.DescribeTransitGatewayPeeringAttachmentsPages(params, +// func(page *ec2.DescribeTransitGatewayPeeringAttachmentsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTransitGatewayPeeringAttachmentsPages(input *DescribeTransitGatewayPeeringAttachmentsInput, fn func(*DescribeTransitGatewayPeeringAttachmentsOutput, bool) bool) error { + return c.DescribeTransitGatewayPeeringAttachmentsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTransitGatewayPeeringAttachmentsPagesWithContext same as DescribeTransitGatewayPeeringAttachmentsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayPeeringAttachmentsPagesWithContext(ctx aws.Context, input *DescribeTransitGatewayPeeringAttachmentsInput, fn func(*DescribeTransitGatewayPeeringAttachmentsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTransitGatewayPeeringAttachmentsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTransitGatewayPeeringAttachmentsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTransitGatewayPeeringAttachmentsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeTransitGatewayRouteTables = "DescribeTransitGatewayRouteTables" // DescribeTransitGatewayRouteTablesRequest generates a "aws/request.Request" representing the @@ -22421,7 +24197,7 @@ func (c *EC2) DescribeVolumeStatusRequest(input *DescribeVolumeStatusInput) (req // status of the volume is ok. If the check fails, the overall status is impaired. // If the status is insufficient-data, then the checks may still be taking place // on your volume at the time. We recommend that you retry the request. For -// more information about volume status, see Monitoring the Status of Your Volumes +// more information about volume status, see Monitoring the status of your volumes // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-status.html) // in the Amazon Elastic Compute Cloud User Guide. // @@ -22573,12 +24349,12 @@ func (c *EC2) DescribeVolumesRequest(input *DescribeVolumesInput) (req *request. // // Describes the specified EBS volumes or all of your EBS volumes. // -// If you are describing a long list of volumes, you can paginate the output -// to make the list more manageable. The MaxResults parameter sets the maximum -// number of results returned in a single page. If the list of results exceeds -// your MaxResults value, then that number of results is returned along with -// a NextToken value that can be passed to a subsequent DescribeVolumes request -// to retrieve the remaining results. +// If you are describing a long list of volumes, we recommend that you paginate +// the output to make the list more manageable. The MaxResults parameter sets +// the maximum number of results returned in a single page. If the list of results +// exceeds your MaxResults value, then that number of results is returned along +// with a NextToken value that can be passed to a subsequent DescribeVolumes +// request to retrieve the remaining results. // // For more information about EBS volumes, see Amazon EBS Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html) // in the Amazon Elastic Compute Cloud User Guide. @@ -22713,19 +24489,17 @@ func (c *EC2) DescribeVolumesModificationsRequest(input *DescribeVolumesModifica // DescribeVolumesModifications API operation for Amazon Elastic Compute Cloud. // -// Reports the current modification status of EBS volumes. +// Describes the most recent volume modification request for the specified EBS +// volumes. // -// Current-generation EBS volumes support modification of attributes including -// type, size, and (for io1 volumes) IOPS provisioning while either attached -// to or detached from an instance. Following an action from the API or the -// console to modify a volume, the status of the modification may be modifying, -// optimizing, completed, or failed. If a volume has never been modified, then -// certain elements of the returned VolumeModification objects are null. +// If a volume has never been modified, some information in the output will +// be null. If a volume has been modified more than once, the output includes +// only the most recent modification request. // // You can also use CloudWatch Events to check the status of a modification // to an EBS volume. For information about CloudWatch Events, see the Amazon // CloudWatch Events User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). -// For more information, see Monitoring Volume Modifications" (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods) +// For more information, see Monitoring volume modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -23672,6 +25446,13 @@ func (c *EC2) DescribeVpcEndpointServicesRequest(input *DescribeVpcEndpointServi // // Describes available services to which you can create a VPC endpoint. // +// When the service provider and the consumer have different accounts multiple +// Availability Zones, and the consumer views the VPC endpoint service information, +// the response only includes the common Availability Zones. For example, when +// the service provider account uses us-east-1a and us-east-1c and the consumer +// uses us-east-1a and us-east-1a and us-east-1b, the response includes the +// VPC endpoint services in the common Availability Zone, us-east-1a. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -24534,7 +26315,7 @@ func (c *EC2) DetachVolumeRequest(input *DetachVolumeInput) (req *request.Reques // When a volume with an AWS Marketplace product code is detached from an instance, // the product code is no longer associated with the instance. // -// For more information, see Detaching an Amazon EBS Volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) +// For more information, see Detaching an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -25081,6 +26862,8 @@ func (c *EC2) DisableVpcClassicLinkDnsSupportRequest(input *DisableVpcClassicLin // ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) // in the Amazon Elastic Compute Cloud User Guide. // +// You must specify a VPC ID in the request. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -25276,6 +27059,86 @@ func (c *EC2) DisassociateClientVpnTargetNetworkWithContext(ctx aws.Context, inp return out, req.Send() } +const opDisassociateEnclaveCertificateIamRole = "DisassociateEnclaveCertificateIamRole" + +// DisassociateEnclaveCertificateIamRoleRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateEnclaveCertificateIamRole operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateEnclaveCertificateIamRole for more information on using the DisassociateEnclaveCertificateIamRole +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DisassociateEnclaveCertificateIamRoleRequest method. +// req, resp := client.DisassociateEnclaveCertificateIamRoleRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateEnclaveCertificateIamRole +func (c *EC2) DisassociateEnclaveCertificateIamRoleRequest(input *DisassociateEnclaveCertificateIamRoleInput) (req *request.Request, output *DisassociateEnclaveCertificateIamRoleOutput) { + op := &request.Operation{ + Name: opDisassociateEnclaveCertificateIamRole, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisassociateEnclaveCertificateIamRoleInput{} + } + + output = &DisassociateEnclaveCertificateIamRoleOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateEnclaveCertificateIamRole API operation for Amazon Elastic Compute Cloud. +// +// Disassociates an IAM role from an AWS Certificate Manager (ACM) certificate. +// Disassociating an IAM role from an ACM certificate removes the Amazon S3 +// object that contains the certificate, certificate chain, and encrypted private +// key from the Amazon S3 bucket. It also revokes the IAM role's permission +// to use the AWS Key Management Service (KMS) customer master key (CMK) used +// to encrypt the private key. This effectively revokes the role's permission +// to use the certificate. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisassociateEnclaveCertificateIamRole for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateEnclaveCertificateIamRole +func (c *EC2) DisassociateEnclaveCertificateIamRole(input *DisassociateEnclaveCertificateIamRoleInput) (*DisassociateEnclaveCertificateIamRoleOutput, error) { + req, out := c.DisassociateEnclaveCertificateIamRoleRequest(input) + return out, req.Send() +} + +// DisassociateEnclaveCertificateIamRoleWithContext is the same as DisassociateEnclaveCertificateIamRole with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateEnclaveCertificateIamRole for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisassociateEnclaveCertificateIamRoleWithContext(ctx aws.Context, input *DisassociateEnclaveCertificateIamRoleInput, opts ...request.Option) (*DisassociateEnclaveCertificateIamRoleOutput, error) { + req, out := c.DisassociateEnclaveCertificateIamRoleRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisassociateIamInstanceProfile = "DisassociateIamInstanceProfile" // DisassociateIamInstanceProfileRequest generates a "aws/request.Request" representing the @@ -25397,7 +27260,7 @@ func (c *EC2) DisassociateRouteTableRequest(input *DisassociateRouteTableInput) // DisassociateRouteTable API operation for Amazon Elastic Compute Cloud. // -// Disassociates a subnet from a route table. +// Disassociates a subnet or gateway from a route table. // // After you perform this action, the subnet no longer uses the routes in the // route table. Instead, it uses the routes in the VPC's main route table. For @@ -25796,7 +27659,7 @@ func (c *EC2) EnableEbsEncryptionByDefaultRequest(input *EnableEbsEncryptionByDe // // After you enable encryption by default, you can no longer launch instances // using instance types that do not support encryption. For more information, -// see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). +// see Supported instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -25877,6 +27740,9 @@ func (c *EC2) EnableFastSnapshotRestoresRequest(input *EnableFastSnapshotRestore // state. To get the current state of fast snapshot restores, use DescribeFastSnapshotRestores. // To disable fast snapshot restores, use DisableFastSnapshotRestores. // +// For more information, see Amazon EBS fast snapshot restore (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-fast-snapshot-restore.html) +// in the Amazon Elastic Compute Cloud User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26264,6 +28130,8 @@ func (c *EC2) EnableVpcClassicLinkDnsSupportRequest(input *EnableVpcClassicLinkD // see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) // in the Amazon Elastic Compute Cloud User Guide. // +// You must specify a VPC ID in the request. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26568,6 +28436,10 @@ func (c *EC2) ExportTransitGatewayRoutesRequest(input *ExportTransitGatewayRoute // S3 bucket. By default, all routes are exported. Alternatively, you can filter // by CIDR range. // +// The routes are saved to the specified bucket in a JSON file. For more information, +// see Export Route Tables to Amazon S3 (https://docs.aws.amazon.com/vpc/latest/tgw/tgw-route-tables.html#tgw-export-route-tables) +// in Transit Gateways. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26596,6 +28468,218 @@ func (c *EC2) ExportTransitGatewayRoutesWithContext(ctx aws.Context, input *Expo return out, req.Send() } +const opGetAssociatedEnclaveCertificateIamRoles = "GetAssociatedEnclaveCertificateIamRoles" + +// GetAssociatedEnclaveCertificateIamRolesRequest generates a "aws/request.Request" representing the +// client's request for the GetAssociatedEnclaveCertificateIamRoles operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetAssociatedEnclaveCertificateIamRoles for more information on using the GetAssociatedEnclaveCertificateIamRoles +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetAssociatedEnclaveCertificateIamRolesRequest method. +// req, resp := client.GetAssociatedEnclaveCertificateIamRolesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetAssociatedEnclaveCertificateIamRoles +func (c *EC2) GetAssociatedEnclaveCertificateIamRolesRequest(input *GetAssociatedEnclaveCertificateIamRolesInput) (req *request.Request, output *GetAssociatedEnclaveCertificateIamRolesOutput) { + op := &request.Operation{ + Name: opGetAssociatedEnclaveCertificateIamRoles, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetAssociatedEnclaveCertificateIamRolesInput{} + } + + output = &GetAssociatedEnclaveCertificateIamRolesOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetAssociatedEnclaveCertificateIamRoles API operation for Amazon Elastic Compute Cloud. +// +// Returns the IAM roles that are associated with the specified AWS Certificate +// Manager (ACM) certificate. It also returns the name of the Amazon S3 bucket +// and the Amazon S3 object key where the certificate, certificate chain, and +// encrypted private key bundle are stored, and the ARN of the AWS Key Management +// Service (KMS) customer master key (CMK) that's used to encrypt the private +// key. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetAssociatedEnclaveCertificateIamRoles for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetAssociatedEnclaveCertificateIamRoles +func (c *EC2) GetAssociatedEnclaveCertificateIamRoles(input *GetAssociatedEnclaveCertificateIamRolesInput) (*GetAssociatedEnclaveCertificateIamRolesOutput, error) { + req, out := c.GetAssociatedEnclaveCertificateIamRolesRequest(input) + return out, req.Send() +} + +// GetAssociatedEnclaveCertificateIamRolesWithContext is the same as GetAssociatedEnclaveCertificateIamRoles with the addition of +// the ability to pass a context and additional request options. +// +// See GetAssociatedEnclaveCertificateIamRoles for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetAssociatedEnclaveCertificateIamRolesWithContext(ctx aws.Context, input *GetAssociatedEnclaveCertificateIamRolesInput, opts ...request.Option) (*GetAssociatedEnclaveCertificateIamRolesOutput, error) { + req, out := c.GetAssociatedEnclaveCertificateIamRolesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetAssociatedIpv6PoolCidrs = "GetAssociatedIpv6PoolCidrs" + +// GetAssociatedIpv6PoolCidrsRequest generates a "aws/request.Request" representing the +// client's request for the GetAssociatedIpv6PoolCidrs operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetAssociatedIpv6PoolCidrs for more information on using the GetAssociatedIpv6PoolCidrs +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetAssociatedIpv6PoolCidrsRequest method. +// req, resp := client.GetAssociatedIpv6PoolCidrsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetAssociatedIpv6PoolCidrs +func (c *EC2) GetAssociatedIpv6PoolCidrsRequest(input *GetAssociatedIpv6PoolCidrsInput) (req *request.Request, output *GetAssociatedIpv6PoolCidrsOutput) { + op := &request.Operation{ + Name: opGetAssociatedIpv6PoolCidrs, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetAssociatedIpv6PoolCidrsInput{} + } + + output = &GetAssociatedIpv6PoolCidrsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetAssociatedIpv6PoolCidrs API operation for Amazon Elastic Compute Cloud. +// +// Gets information about the IPv6 CIDR block associations for a specified IPv6 +// address pool. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetAssociatedIpv6PoolCidrs for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetAssociatedIpv6PoolCidrs +func (c *EC2) GetAssociatedIpv6PoolCidrs(input *GetAssociatedIpv6PoolCidrsInput) (*GetAssociatedIpv6PoolCidrsOutput, error) { + req, out := c.GetAssociatedIpv6PoolCidrsRequest(input) + return out, req.Send() +} + +// GetAssociatedIpv6PoolCidrsWithContext is the same as GetAssociatedIpv6PoolCidrs with the addition of +// the ability to pass a context and additional request options. +// +// See GetAssociatedIpv6PoolCidrs for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetAssociatedIpv6PoolCidrsWithContext(ctx aws.Context, input *GetAssociatedIpv6PoolCidrsInput, opts ...request.Option) (*GetAssociatedIpv6PoolCidrsOutput, error) { + req, out := c.GetAssociatedIpv6PoolCidrsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetAssociatedIpv6PoolCidrsPages iterates over the pages of a GetAssociatedIpv6PoolCidrs operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetAssociatedIpv6PoolCidrs method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetAssociatedIpv6PoolCidrs operation. +// pageNum := 0 +// err := client.GetAssociatedIpv6PoolCidrsPages(params, +// func(page *ec2.GetAssociatedIpv6PoolCidrsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) GetAssociatedIpv6PoolCidrsPages(input *GetAssociatedIpv6PoolCidrsInput, fn func(*GetAssociatedIpv6PoolCidrsOutput, bool) bool) error { + return c.GetAssociatedIpv6PoolCidrsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetAssociatedIpv6PoolCidrsPagesWithContext same as GetAssociatedIpv6PoolCidrsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetAssociatedIpv6PoolCidrsPagesWithContext(ctx aws.Context, input *GetAssociatedIpv6PoolCidrsInput, fn func(*GetAssociatedIpv6PoolCidrsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetAssociatedIpv6PoolCidrsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetAssociatedIpv6PoolCidrsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetAssociatedIpv6PoolCidrsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetCapacityReservationUsage = "GetCapacityReservationUsage" // GetCapacityReservationUsageRequest generates a "aws/request.Request" representing the @@ -26961,7 +29045,7 @@ func (c *EC2) GetDefaultCreditSpecificationRequest(input *GetDefaultCreditSpecif // Describes the default credit option for CPU usage of a burstable performance // instance family. // -// For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) +// For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -27149,6 +29233,138 @@ func (c *EC2) GetEbsEncryptionByDefaultWithContext(ctx aws.Context, input *GetEb return out, req.Send() } +const opGetGroupsForCapacityReservation = "GetGroupsForCapacityReservation" + +// GetGroupsForCapacityReservationRequest generates a "aws/request.Request" representing the +// client's request for the GetGroupsForCapacityReservation operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetGroupsForCapacityReservation for more information on using the GetGroupsForCapacityReservation +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetGroupsForCapacityReservationRequest method. +// req, resp := client.GetGroupsForCapacityReservationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetGroupsForCapacityReservation +func (c *EC2) GetGroupsForCapacityReservationRequest(input *GetGroupsForCapacityReservationInput) (req *request.Request, output *GetGroupsForCapacityReservationOutput) { + op := &request.Operation{ + Name: opGetGroupsForCapacityReservation, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetGroupsForCapacityReservationInput{} + } + + output = &GetGroupsForCapacityReservationOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetGroupsForCapacityReservation API operation for Amazon Elastic Compute Cloud. +// +// Lists the resource groups to which a Capacity Reservation has been added. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetGroupsForCapacityReservation for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetGroupsForCapacityReservation +func (c *EC2) GetGroupsForCapacityReservation(input *GetGroupsForCapacityReservationInput) (*GetGroupsForCapacityReservationOutput, error) { + req, out := c.GetGroupsForCapacityReservationRequest(input) + return out, req.Send() +} + +// GetGroupsForCapacityReservationWithContext is the same as GetGroupsForCapacityReservation with the addition of +// the ability to pass a context and additional request options. +// +// See GetGroupsForCapacityReservation for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetGroupsForCapacityReservationWithContext(ctx aws.Context, input *GetGroupsForCapacityReservationInput, opts ...request.Option) (*GetGroupsForCapacityReservationOutput, error) { + req, out := c.GetGroupsForCapacityReservationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetGroupsForCapacityReservationPages iterates over the pages of a GetGroupsForCapacityReservation operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetGroupsForCapacityReservation method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetGroupsForCapacityReservation operation. +// pageNum := 0 +// err := client.GetGroupsForCapacityReservationPages(params, +// func(page *ec2.GetGroupsForCapacityReservationOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) GetGroupsForCapacityReservationPages(input *GetGroupsForCapacityReservationInput, fn func(*GetGroupsForCapacityReservationOutput, bool) bool) error { + return c.GetGroupsForCapacityReservationPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetGroupsForCapacityReservationPagesWithContext same as GetGroupsForCapacityReservationPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetGroupsForCapacityReservationPagesWithContext(ctx aws.Context, input *GetGroupsForCapacityReservationInput, fn func(*GetGroupsForCapacityReservationOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetGroupsForCapacityReservationInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetGroupsForCapacityReservationRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetGroupsForCapacityReservationOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetHostReservationPurchasePreview = "GetHostReservationPurchasePreview" // GetHostReservationPurchasePreviewRequest generates a "aws/request.Request" representing the @@ -27275,6 +29491,12 @@ func (c *EC2) GetLaunchTemplateDataRequest(input *GetLaunchTemplateDataInput) (r // Retrieves the configuration data of the specified instance. You can use this // data to create a launch template. // +// This action calls on other describe actions to get instance information. +// Depending on your instance configuration, you may need to allow the following +// actions in your IAM policy: DescribeSpotInstanceRequests, DescribeInstanceCreditSpecifications, +// DescribeVolumes, DescribeInstanceAttribute, and DescribeElasticGpus. Or, +// you can allow describe* depending on your instance requirements. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -27303,6 +29525,271 @@ func (c *EC2) GetLaunchTemplateDataWithContext(ctx aws.Context, input *GetLaunch return out, req.Send() } +const opGetManagedPrefixListAssociations = "GetManagedPrefixListAssociations" + +// GetManagedPrefixListAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the GetManagedPrefixListAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetManagedPrefixListAssociations for more information on using the GetManagedPrefixListAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetManagedPrefixListAssociationsRequest method. +// req, resp := client.GetManagedPrefixListAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetManagedPrefixListAssociations +func (c *EC2) GetManagedPrefixListAssociationsRequest(input *GetManagedPrefixListAssociationsInput) (req *request.Request, output *GetManagedPrefixListAssociationsOutput) { + op := &request.Operation{ + Name: opGetManagedPrefixListAssociations, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetManagedPrefixListAssociationsInput{} + } + + output = &GetManagedPrefixListAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetManagedPrefixListAssociations API operation for Amazon Elastic Compute Cloud. +// +// Gets information about the resources that are associated with the specified +// managed prefix list. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetManagedPrefixListAssociations for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetManagedPrefixListAssociations +func (c *EC2) GetManagedPrefixListAssociations(input *GetManagedPrefixListAssociationsInput) (*GetManagedPrefixListAssociationsOutput, error) { + req, out := c.GetManagedPrefixListAssociationsRequest(input) + return out, req.Send() +} + +// GetManagedPrefixListAssociationsWithContext is the same as GetManagedPrefixListAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See GetManagedPrefixListAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetManagedPrefixListAssociationsWithContext(ctx aws.Context, input *GetManagedPrefixListAssociationsInput, opts ...request.Option) (*GetManagedPrefixListAssociationsOutput, error) { + req, out := c.GetManagedPrefixListAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetManagedPrefixListAssociationsPages iterates over the pages of a GetManagedPrefixListAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetManagedPrefixListAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetManagedPrefixListAssociations operation. +// pageNum := 0 +// err := client.GetManagedPrefixListAssociationsPages(params, +// func(page *ec2.GetManagedPrefixListAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) GetManagedPrefixListAssociationsPages(input *GetManagedPrefixListAssociationsInput, fn func(*GetManagedPrefixListAssociationsOutput, bool) bool) error { + return c.GetManagedPrefixListAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetManagedPrefixListAssociationsPagesWithContext same as GetManagedPrefixListAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetManagedPrefixListAssociationsPagesWithContext(ctx aws.Context, input *GetManagedPrefixListAssociationsInput, fn func(*GetManagedPrefixListAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetManagedPrefixListAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetManagedPrefixListAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetManagedPrefixListAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetManagedPrefixListEntries = "GetManagedPrefixListEntries" + +// GetManagedPrefixListEntriesRequest generates a "aws/request.Request" representing the +// client's request for the GetManagedPrefixListEntries operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetManagedPrefixListEntries for more information on using the GetManagedPrefixListEntries +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetManagedPrefixListEntriesRequest method. +// req, resp := client.GetManagedPrefixListEntriesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetManagedPrefixListEntries +func (c *EC2) GetManagedPrefixListEntriesRequest(input *GetManagedPrefixListEntriesInput) (req *request.Request, output *GetManagedPrefixListEntriesOutput) { + op := &request.Operation{ + Name: opGetManagedPrefixListEntries, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetManagedPrefixListEntriesInput{} + } + + output = &GetManagedPrefixListEntriesOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetManagedPrefixListEntries API operation for Amazon Elastic Compute Cloud. +// +// Gets information about the entries for a specified managed prefix list. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetManagedPrefixListEntries for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetManagedPrefixListEntries +func (c *EC2) GetManagedPrefixListEntries(input *GetManagedPrefixListEntriesInput) (*GetManagedPrefixListEntriesOutput, error) { + req, out := c.GetManagedPrefixListEntriesRequest(input) + return out, req.Send() +} + +// GetManagedPrefixListEntriesWithContext is the same as GetManagedPrefixListEntries with the addition of +// the ability to pass a context and additional request options. +// +// See GetManagedPrefixListEntries for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetManagedPrefixListEntriesWithContext(ctx aws.Context, input *GetManagedPrefixListEntriesInput, opts ...request.Option) (*GetManagedPrefixListEntriesOutput, error) { + req, out := c.GetManagedPrefixListEntriesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetManagedPrefixListEntriesPages iterates over the pages of a GetManagedPrefixListEntries operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetManagedPrefixListEntries method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetManagedPrefixListEntries operation. +// pageNum := 0 +// err := client.GetManagedPrefixListEntriesPages(params, +// func(page *ec2.GetManagedPrefixListEntriesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) GetManagedPrefixListEntriesPages(input *GetManagedPrefixListEntriesInput, fn func(*GetManagedPrefixListEntriesOutput, bool) bool) error { + return c.GetManagedPrefixListEntriesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetManagedPrefixListEntriesPagesWithContext same as GetManagedPrefixListEntriesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetManagedPrefixListEntriesPagesWithContext(ctx aws.Context, input *GetManagedPrefixListEntriesInput, fn func(*GetManagedPrefixListEntriesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetManagedPrefixListEntriesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetManagedPrefixListEntriesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetManagedPrefixListEntriesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetPasswordData = "GetPasswordData" // GetPasswordDataRequest generates a "aws/request.Request" representing the @@ -27635,6 +30122,12 @@ func (c *EC2) GetTransitGatewayMulticastDomainAssociationsRequest(input *GetTran Name: opGetTransitGatewayMulticastDomainAssociations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -27679,6 +30172,191 @@ func (c *EC2) GetTransitGatewayMulticastDomainAssociationsWithContext(ctx aws.Co return out, req.Send() } +// GetTransitGatewayMulticastDomainAssociationsPages iterates over the pages of a GetTransitGatewayMulticastDomainAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetTransitGatewayMulticastDomainAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetTransitGatewayMulticastDomainAssociations operation. +// pageNum := 0 +// err := client.GetTransitGatewayMulticastDomainAssociationsPages(params, +// func(page *ec2.GetTransitGatewayMulticastDomainAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) GetTransitGatewayMulticastDomainAssociationsPages(input *GetTransitGatewayMulticastDomainAssociationsInput, fn func(*GetTransitGatewayMulticastDomainAssociationsOutput, bool) bool) error { + return c.GetTransitGatewayMulticastDomainAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetTransitGatewayMulticastDomainAssociationsPagesWithContext same as GetTransitGatewayMulticastDomainAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetTransitGatewayMulticastDomainAssociationsPagesWithContext(ctx aws.Context, input *GetTransitGatewayMulticastDomainAssociationsInput, fn func(*GetTransitGatewayMulticastDomainAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetTransitGatewayMulticastDomainAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetTransitGatewayMulticastDomainAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetTransitGatewayMulticastDomainAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetTransitGatewayPrefixListReferences = "GetTransitGatewayPrefixListReferences" + +// GetTransitGatewayPrefixListReferencesRequest generates a "aws/request.Request" representing the +// client's request for the GetTransitGatewayPrefixListReferences operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetTransitGatewayPrefixListReferences for more information on using the GetTransitGatewayPrefixListReferences +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetTransitGatewayPrefixListReferencesRequest method. +// req, resp := client.GetTransitGatewayPrefixListReferencesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetTransitGatewayPrefixListReferences +func (c *EC2) GetTransitGatewayPrefixListReferencesRequest(input *GetTransitGatewayPrefixListReferencesInput) (req *request.Request, output *GetTransitGatewayPrefixListReferencesOutput) { + op := &request.Operation{ + Name: opGetTransitGatewayPrefixListReferences, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetTransitGatewayPrefixListReferencesInput{} + } + + output = &GetTransitGatewayPrefixListReferencesOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetTransitGatewayPrefixListReferences API operation for Amazon Elastic Compute Cloud. +// +// Gets information about the prefix list references in a specified transit +// gateway route table. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetTransitGatewayPrefixListReferences for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetTransitGatewayPrefixListReferences +func (c *EC2) GetTransitGatewayPrefixListReferences(input *GetTransitGatewayPrefixListReferencesInput) (*GetTransitGatewayPrefixListReferencesOutput, error) { + req, out := c.GetTransitGatewayPrefixListReferencesRequest(input) + return out, req.Send() +} + +// GetTransitGatewayPrefixListReferencesWithContext is the same as GetTransitGatewayPrefixListReferences with the addition of +// the ability to pass a context and additional request options. +// +// See GetTransitGatewayPrefixListReferences for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetTransitGatewayPrefixListReferencesWithContext(ctx aws.Context, input *GetTransitGatewayPrefixListReferencesInput, opts ...request.Option) (*GetTransitGatewayPrefixListReferencesOutput, error) { + req, out := c.GetTransitGatewayPrefixListReferencesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetTransitGatewayPrefixListReferencesPages iterates over the pages of a GetTransitGatewayPrefixListReferences operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetTransitGatewayPrefixListReferences method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetTransitGatewayPrefixListReferences operation. +// pageNum := 0 +// err := client.GetTransitGatewayPrefixListReferencesPages(params, +// func(page *ec2.GetTransitGatewayPrefixListReferencesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) GetTransitGatewayPrefixListReferencesPages(input *GetTransitGatewayPrefixListReferencesInput, fn func(*GetTransitGatewayPrefixListReferencesOutput, bool) bool) error { + return c.GetTransitGatewayPrefixListReferencesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetTransitGatewayPrefixListReferencesPagesWithContext same as GetTransitGatewayPrefixListReferencesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetTransitGatewayPrefixListReferencesPagesWithContext(ctx aws.Context, input *GetTransitGatewayPrefixListReferencesInput, fn func(*GetTransitGatewayPrefixListReferencesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetTransitGatewayPrefixListReferencesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetTransitGatewayPrefixListReferencesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetTransitGatewayPrefixListReferencesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetTransitGatewayRouteTableAssociations = "GetTransitGatewayRouteTableAssociations" // GetTransitGatewayRouteTableAssociationsRequest generates a "aws/request.Request" representing the @@ -28413,6 +31091,84 @@ func (c *EC2) ImportVolumeWithContext(ctx aws.Context, input *ImportVolumeInput, return out, req.Send() } +const opModifyAvailabilityZoneGroup = "ModifyAvailabilityZoneGroup" + +// ModifyAvailabilityZoneGroupRequest generates a "aws/request.Request" representing the +// client's request for the ModifyAvailabilityZoneGroup operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyAvailabilityZoneGroup for more information on using the ModifyAvailabilityZoneGroup +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyAvailabilityZoneGroupRequest method. +// req, resp := client.ModifyAvailabilityZoneGroupRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyAvailabilityZoneGroup +func (c *EC2) ModifyAvailabilityZoneGroupRequest(input *ModifyAvailabilityZoneGroupInput) (req *request.Request, output *ModifyAvailabilityZoneGroupOutput) { + op := &request.Operation{ + Name: opModifyAvailabilityZoneGroup, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyAvailabilityZoneGroupInput{} + } + + output = &ModifyAvailabilityZoneGroupOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyAvailabilityZoneGroup API operation for Amazon Elastic Compute Cloud. +// +// Changes the opt-in status of the Local Zone and Wavelength Zone group for +// your account. +// +// Use DescribeAvailabilityZones (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) +// to view the value for GroupName. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyAvailabilityZoneGroup for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyAvailabilityZoneGroup +func (c *EC2) ModifyAvailabilityZoneGroup(input *ModifyAvailabilityZoneGroupInput) (*ModifyAvailabilityZoneGroupOutput, error) { + req, out := c.ModifyAvailabilityZoneGroupRequest(input) + return out, req.Send() +} + +// ModifyAvailabilityZoneGroupWithContext is the same as ModifyAvailabilityZoneGroup with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyAvailabilityZoneGroup for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyAvailabilityZoneGroupWithContext(ctx aws.Context, input *ModifyAvailabilityZoneGroupInput, opts ...request.Option) (*ModifyAvailabilityZoneGroupOutput, error) { + req, out := c.ModifyAvailabilityZoneGroupRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyCapacityReservation = "ModifyCapacityReservation" // ModifyCapacityReservationRequest generates a "aws/request.Request" representing the @@ -28536,10 +31292,8 @@ func (c *EC2) ModifyClientVpnEndpointRequest(input *ModifyClientVpnEndpointInput // ModifyClientVpnEndpoint API operation for Amazon Elastic Compute Cloud. // -// Modifies the specified Client VPN endpoint. You can only modify an endpoint's -// server certificate information, client connection logging information, DNS -// server, and description. Modifying the DNS server resets existing client -// connections. +// Modifies the specified Client VPN endpoint. Modifying the DNS server resets +// existing client connections. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -28626,7 +31380,7 @@ func (c *EC2) ModifyDefaultCreditSpecificationRequest(input *ModifyDefaultCredit // can call GetDefaultCreditSpecification and check DefaultCreditSpecification // for updates. // -// For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) +// For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -29338,7 +32092,7 @@ func (c *EC2) ModifyInstanceAttributeRequest(input *ModifyInstanceAttributeInput // we recommend that you use the ModifyNetworkInterfaceAttribute action. // // To modify some attributes, the instance must be stopped. For more information, -// see Modifying Attributes of a Stopped Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingAttributesWhileInstanceStopped.html) +// see Modifying attributes of a stopped instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingAttributesWhileInstanceStopped.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -29493,7 +32247,7 @@ func (c *EC2) ModifyInstanceCreditSpecificationRequest(input *ModifyInstanceCred // Modifies the credit option for CPU usage on a running or stopped burstable // performance instance. The credit options are standard and unlimited. // -// For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) +// For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -29648,7 +32402,7 @@ func (c *EC2) ModifyInstanceMetadataOptionsRequest(input *ModifyInstanceMetadata // the API responds with a state of “pending”. After the parameter modifications // are successfully applied to the instance, the state of the modifications // changes from “pending” to “applied” in subsequent describe-instances -// API calls. For more information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). +// API calls. For more information, see Instance metadata and user data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -29849,6 +32603,86 @@ func (c *EC2) ModifyLaunchTemplateWithContext(ctx aws.Context, input *ModifyLaun return out, req.Send() } +const opModifyManagedPrefixList = "ModifyManagedPrefixList" + +// ModifyManagedPrefixListRequest generates a "aws/request.Request" representing the +// client's request for the ModifyManagedPrefixList operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyManagedPrefixList for more information on using the ModifyManagedPrefixList +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyManagedPrefixListRequest method. +// req, resp := client.ModifyManagedPrefixListRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyManagedPrefixList +func (c *EC2) ModifyManagedPrefixListRequest(input *ModifyManagedPrefixListInput) (req *request.Request, output *ModifyManagedPrefixListOutput) { + op := &request.Operation{ + Name: opModifyManagedPrefixList, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyManagedPrefixListInput{} + } + + output = &ModifyManagedPrefixListOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyManagedPrefixList API operation for Amazon Elastic Compute Cloud. +// +// Modifies the specified managed prefix list. +// +// Adding or removing entries in a prefix list creates a new version of the +// prefix list. Changing the name of the prefix list does not affect the version. +// +// If you specify a current version number that does not match the true current +// version number, the request fails. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyManagedPrefixList for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyManagedPrefixList +func (c *EC2) ModifyManagedPrefixList(input *ModifyManagedPrefixListInput) (*ModifyManagedPrefixListOutput, error) { + req, out := c.ModifyManagedPrefixListRequest(input) + return out, req.Send() +} + +// ModifyManagedPrefixListWithContext is the same as ModifyManagedPrefixList with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyManagedPrefixList for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyManagedPrefixListWithContext(ctx aws.Context, input *ModifyManagedPrefixListInput, opts ...request.Option) (*ModifyManagedPrefixListOutput, error) { + req, out := c.ModifyManagedPrefixListRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyNetworkInterfaceAttribute = "ModifyNetworkInterfaceAttribute" // ModifyNetworkInterfaceAttributeRequest generates a "aws/request.Request" representing the @@ -30061,7 +32895,7 @@ func (c *EC2) ModifySnapshotAttributeRequest(input *ModifySnapshotAttributeInput // be made public. Snapshots encrypted with your default CMK cannot be shared // with other accounts. // -// For more information about modifying snapshot permissions, see Sharing Snapshots +// For more information about modifying snapshot permissions, see Sharing snapshots // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) // in the Amazon Elastic Compute Cloud User Guide. // @@ -30506,6 +33340,157 @@ func (c *EC2) ModifyTrafficMirrorSessionWithContext(ctx aws.Context, input *Modi return out, req.Send() } +const opModifyTransitGateway = "ModifyTransitGateway" + +// ModifyTransitGatewayRequest generates a "aws/request.Request" representing the +// client's request for the ModifyTransitGateway operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyTransitGateway for more information on using the ModifyTransitGateway +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyTransitGatewayRequest method. +// req, resp := client.ModifyTransitGatewayRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTransitGateway +func (c *EC2) ModifyTransitGatewayRequest(input *ModifyTransitGatewayInput) (req *request.Request, output *ModifyTransitGatewayOutput) { + op := &request.Operation{ + Name: opModifyTransitGateway, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyTransitGatewayInput{} + } + + output = &ModifyTransitGatewayOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyTransitGateway API operation for Amazon Elastic Compute Cloud. +// +// Modifies the specified transit gateway. When you modify a transit gateway, +// the modified options are applied to new transit gateway attachments only. +// Your existing transit gateway attachments are not modified. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyTransitGateway for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTransitGateway +func (c *EC2) ModifyTransitGateway(input *ModifyTransitGatewayInput) (*ModifyTransitGatewayOutput, error) { + req, out := c.ModifyTransitGatewayRequest(input) + return out, req.Send() +} + +// ModifyTransitGatewayWithContext is the same as ModifyTransitGateway with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyTransitGateway for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyTransitGatewayWithContext(ctx aws.Context, input *ModifyTransitGatewayInput, opts ...request.Option) (*ModifyTransitGatewayOutput, error) { + req, out := c.ModifyTransitGatewayRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyTransitGatewayPrefixListReference = "ModifyTransitGatewayPrefixListReference" + +// ModifyTransitGatewayPrefixListReferenceRequest generates a "aws/request.Request" representing the +// client's request for the ModifyTransitGatewayPrefixListReference operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyTransitGatewayPrefixListReference for more information on using the ModifyTransitGatewayPrefixListReference +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyTransitGatewayPrefixListReferenceRequest method. +// req, resp := client.ModifyTransitGatewayPrefixListReferenceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTransitGatewayPrefixListReference +func (c *EC2) ModifyTransitGatewayPrefixListReferenceRequest(input *ModifyTransitGatewayPrefixListReferenceInput) (req *request.Request, output *ModifyTransitGatewayPrefixListReferenceOutput) { + op := &request.Operation{ + Name: opModifyTransitGatewayPrefixListReference, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyTransitGatewayPrefixListReferenceInput{} + } + + output = &ModifyTransitGatewayPrefixListReferenceOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyTransitGatewayPrefixListReference API operation for Amazon Elastic Compute Cloud. +// +// Modifies a reference (route) to a prefix list in a specified transit gateway +// route table. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyTransitGatewayPrefixListReference for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTransitGatewayPrefixListReference +func (c *EC2) ModifyTransitGatewayPrefixListReference(input *ModifyTransitGatewayPrefixListReferenceInput) (*ModifyTransitGatewayPrefixListReferenceOutput, error) { + req, out := c.ModifyTransitGatewayPrefixListReferenceRequest(input) + return out, req.Send() +} + +// ModifyTransitGatewayPrefixListReferenceWithContext is the same as ModifyTransitGatewayPrefixListReference with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyTransitGatewayPrefixListReference for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyTransitGatewayPrefixListReferenceWithContext(ctx aws.Context, input *ModifyTransitGatewayPrefixListReferenceInput, opts ...request.Option) (*ModifyTransitGatewayPrefixListReferenceOutput, error) { + req, out := c.ModifyTransitGatewayPrefixListReferenceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyTransitGatewayVpcAttachment = "ModifyTransitGatewayVpcAttachment" // ModifyTransitGatewayVpcAttachmentRequest generates a "aws/request.Request" representing the @@ -30628,30 +33613,30 @@ func (c *EC2) ModifyVolumeRequest(input *ModifyVolumeInput) (req *request.Reques // size, volume type, and IOPS capacity. If your EBS volume is attached to a // current-generation EC2 instance type, you may be able to apply these changes // without stopping the instance or detaching the volume from it. For more information -// about modifying an EBS volume running Linux, see Modifying the Size, IOPS, -// or Type of an EBS Volume on Linux (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html). +// about modifying an EBS volume running Linux, see Modifying the size, IOPS, +// or type of an EBS volume on Linux (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html). // For more information about modifying an EBS volume running Windows, see Modifying -// the Size, IOPS, or Type of an EBS Volume on Windows (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html). +// the size, IOPS, or type of an EBS volume on Windows (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html). // // When you complete a resize operation on your volume, you need to extend the // volume's file-system size to take advantage of the new storage capacity. // For information about extending a Linux file system, see Extending a Linux -// File System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#recognize-expanded-volume-linux). +// file system (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#recognize-expanded-volume-linux). // For information about extending a Windows file system, see Extending a Windows -// File System (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html#recognize-expanded-volume-windows). +// file system (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html#recognize-expanded-volume-windows). // // You can use CloudWatch Events to check the status of a modification to an // EBS volume. For information about CloudWatch Events, see the Amazon CloudWatch // Events User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). // You can also track the status of a modification using DescribeVolumesModifications. // For information about tracking status changes using either method, see Monitoring -// Volume Modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods). +// volume modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods). // // With previous-generation instance types, resizing an EBS volume may require // detaching and reattaching the volume or stopping and restarting the instance. -// For more information, see Modifying the Size, IOPS, or Type of an EBS Volume +// For more information, see Modifying the size, IOPS, or type of an EBS volume // on Linux (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html) -// and Modifying the Size, IOPS, or Type of an EBS Volume on Windows (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html). +// and Modifying the size, IOPS, or type of an EBS volume on Windows (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html). // // If you reach the maximum volume modification rate per volume limit, you will // need to wait at least six hours before applying further modifications to @@ -31384,8 +34369,9 @@ func (c *EC2) ModifyVpnConnectionRequest(input *ModifyVpnConnectionInput) (req * // ModifyVpnConnection API operation for Amazon Elastic Compute Cloud. // -// Modifies the target gateway of an AWS Site-to-Site VPN connection. The following -// migration options are available: +// Modifies the customer gateway or the target gateway of an AWS Site-to-Site +// VPN connection. To modify the target gateway, the following migration options +// are available: // // * An existing virtual private gateway to a new virtual private gateway // @@ -31421,9 +34407,9 @@ func (c *EC2) ModifyVpnConnectionRequest(input *ModifyVpnConnectionInput) (req * // gateway route table. // // After you perform this operation, the AWS VPN endpoint's IP addresses on -// the AWS side and the tunnel options remain intact. Your s2slong; connection -// will be temporarily unavailable for approximately 10 minutes while we provision -// the new endpoints +// the AWS side and the tunnel options remain intact. Your AWS Site-to-Site +// VPN connection will be temporarily unavailable for a brief period while we +// provision the new endpoints. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31453,6 +34439,85 @@ func (c *EC2) ModifyVpnConnectionWithContext(ctx aws.Context, input *ModifyVpnCo return out, req.Send() } +const opModifyVpnConnectionOptions = "ModifyVpnConnectionOptions" + +// ModifyVpnConnectionOptionsRequest generates a "aws/request.Request" representing the +// client's request for the ModifyVpnConnectionOptions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyVpnConnectionOptions for more information on using the ModifyVpnConnectionOptions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyVpnConnectionOptionsRequest method. +// req, resp := client.ModifyVpnConnectionOptionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnConnectionOptions +func (c *EC2) ModifyVpnConnectionOptionsRequest(input *ModifyVpnConnectionOptionsInput) (req *request.Request, output *ModifyVpnConnectionOptionsOutput) { + op := &request.Operation{ + Name: opModifyVpnConnectionOptions, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyVpnConnectionOptionsInput{} + } + + output = &ModifyVpnConnectionOptionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyVpnConnectionOptions API operation for Amazon Elastic Compute Cloud. +// +// Modifies the connection options for your Site-to-Site VPN connection. +// +// When you modify the VPN connection options, the VPN endpoint IP addresses +// on the AWS side do not change, and the tunnel options do not change. Your +// VPN connection will be temporarily unavailable for a brief period while the +// VPN connection is updated. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyVpnConnectionOptions for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnConnectionOptions +func (c *EC2) ModifyVpnConnectionOptions(input *ModifyVpnConnectionOptionsInput) (*ModifyVpnConnectionOptionsOutput, error) { + req, out := c.ModifyVpnConnectionOptionsRequest(input) + return out, req.Send() +} + +// ModifyVpnConnectionOptionsWithContext is the same as ModifyVpnConnectionOptions with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyVpnConnectionOptions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyVpnConnectionOptionsWithContext(ctx aws.Context, input *ModifyVpnConnectionOptionsInput, opts ...request.Option) (*ModifyVpnConnectionOptionsOutput, error) { + req, out := c.ModifyVpnConnectionOptionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyVpnTunnelCertificate = "ModifyVpnTunnelCertificate" // ModifyVpnTunnelCertificateRequest generates a "aws/request.Request" representing the @@ -31650,7 +34715,7 @@ func (c *EC2) MonitorInstancesRequest(input *MonitorInstancesInput) (req *reques // MonitorInstances API operation for Amazon Elastic Compute Cloud. // // Enables detailed monitoring for a running instance. Otherwise, basic monitoring -// is enabled. For more information, see Monitoring Your Instances and Volumes +// is enabled. For more information, see Monitoring your instances and volumes // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html) // in the Amazon Elastic Compute Cloud User Guide. // @@ -31808,9 +34873,10 @@ func (c *EC2) ProvisionByoipCidrRequest(input *ProvisionByoipCidrInput) (req *re // ProvisionByoipCidr API operation for Amazon Elastic Compute Cloud. // -// Provisions an address range for use with your AWS resources through bring -// your own IP addresses (BYOIP) and creates a corresponding address pool. After -// the address range is provisioned, it is ready to be advertised using AdvertiseByoipCidr. +// Provisions an IPv4 or IPv6 address range for use with your AWS resources +// through bring your own IP addresses (BYOIP) and creates a corresponding address +// pool. After the address range is provisioned, it is ready to be advertised +// using AdvertiseByoipCidr. // // AWS verifies that you own the address range and are authorized to advertise // it. You must ensure that the address range is registered to you and that @@ -31823,8 +34889,8 @@ func (c *EC2) ProvisionByoipCidrRequest(input *ProvisionByoipCidrInput) (req *re // immediately, but the address range is not ready to use until its status changes // from pending-provision to provisioned. To monitor the status of an address // range, use DescribeByoipCidrs. To allocate an Elastic IP address from your -// address pool, use AllocateAddress with either the specific address from the -// address pool or the ID of the address pool. +// IPv4 address pool, use AllocateAddress with either the specific address from +// the address pool or the ID of the address pool. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32150,11 +35216,11 @@ func (c *EC2) RebootInstancesRequest(input *RebootInstancesInput) (req *request. // succeeds if the instances are valid and belong to you. Requests to reboot // terminated instances are ignored. // -// If an instance does not cleanly shut down within four minutes, Amazon EC2 +// If an instance does not cleanly shut down within a few minutes, Amazon EC2 // performs a hard reboot. // -// For more information about troubleshooting, see Getting Console Output and -// Rebooting Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html) +// For more information about troubleshooting, see Getting console output and +// rebooting instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -32231,7 +35297,7 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // // Registers an AMI. When you're creating an AMI, this is the final step you // must complete before you can launch an instance from the AMI. For more information -// about creating AMIs, see Creating Your Own AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html) +// about creating AMIs, see Creating your own AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html) // in the Amazon Elastic Compute Cloud User Guide. // // For Amazon EBS-backed instances, CreateImage creates and registers the AMI @@ -32239,31 +35305,34 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // // You can also use RegisterImage to create an Amazon EBS-backed Linux AMI from // a snapshot of a root device volume. You specify the snapshot using the block -// device mapping. For more information, see Launching a Linux Instance from -// a Backup (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-launch-snapshot.html) +// device mapping. For more information, see Launching a Linux instance from +// a backup (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-launch-snapshot.html) // in the Amazon Elastic Compute Cloud User Guide. // -// You can't register an image where a secondary (non-root) snapshot has AWS -// Marketplace product codes. +// If any snapshots have AWS Marketplace product codes, they are copied to the +// new AMI. // // Windows and some Linux distributions, such as Red Hat Enterprise Linux (RHEL) // and SUSE Linux Enterprise Server (SLES), use the EC2 billing product code // associated with an AMI to verify the subscription status for package updates. // To create a new AMI for operating systems that require a billing product -// code, do the following: +// code, instead of registering the AMI, do the following to preserve the billing +// product code association: // // Launch an instance from an existing AMI with that billing product code. // // Customize the instance. // -// Create a new AMI from the instance using CreateImage to preserve the billing -// product code association. +// Create an AMI from the instance using CreateImage. // // If you purchase a Reserved Instance to apply to an On-Demand Instance that // was launched from an AMI with a billing product code, make sure that the // Reserved Instance has the matching billing product code. If you purchase // a Reserved Instance without the matching billing product code, the Reserved -// Instance will not be applied to the On-Demand Instance. +// Instance will not be applied to the On-Demand Instance. For information about +// how to obtain the platform details and billing information of an AMI, see +// Obtaining billing information (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html) +// in the Amazon Elastic Compute Cloud User Guide. // // If needed, you can deregister an AMI at any time. Any modifications you make // to an AMI backed by an instance store volume invalidates its registration. @@ -32298,6 +35367,83 @@ func (c *EC2) RegisterImageWithContext(ctx aws.Context, input *RegisterImageInpu return out, req.Send() } +const opRegisterInstanceEventNotificationAttributes = "RegisterInstanceEventNotificationAttributes" + +// RegisterInstanceEventNotificationAttributesRequest generates a "aws/request.Request" representing the +// client's request for the RegisterInstanceEventNotificationAttributes operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RegisterInstanceEventNotificationAttributes for more information on using the RegisterInstanceEventNotificationAttributes +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the RegisterInstanceEventNotificationAttributesRequest method. +// req, resp := client.RegisterInstanceEventNotificationAttributesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RegisterInstanceEventNotificationAttributes +func (c *EC2) RegisterInstanceEventNotificationAttributesRequest(input *RegisterInstanceEventNotificationAttributesInput) (req *request.Request, output *RegisterInstanceEventNotificationAttributesOutput) { + op := &request.Operation{ + Name: opRegisterInstanceEventNotificationAttributes, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &RegisterInstanceEventNotificationAttributesInput{} + } + + output = &RegisterInstanceEventNotificationAttributesOutput{} + req = c.newRequest(op, input, output) + return +} + +// RegisterInstanceEventNotificationAttributes API operation for Amazon Elastic Compute Cloud. +// +// Registers a set of tag keys to include in scheduled event notifications for +// your resources. +// +// To remove tags, use . +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation RegisterInstanceEventNotificationAttributes for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RegisterInstanceEventNotificationAttributes +func (c *EC2) RegisterInstanceEventNotificationAttributes(input *RegisterInstanceEventNotificationAttributesInput) (*RegisterInstanceEventNotificationAttributesOutput, error) { + req, out := c.RegisterInstanceEventNotificationAttributesRequest(input) + return out, req.Send() +} + +// RegisterInstanceEventNotificationAttributesWithContext is the same as RegisterInstanceEventNotificationAttributes with the addition of +// the ability to pass a context and additional request options. +// +// See RegisterInstanceEventNotificationAttributes for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) RegisterInstanceEventNotificationAttributesWithContext(ctx aws.Context, input *RegisterInstanceEventNotificationAttributesInput, opts ...request.Option) (*RegisterInstanceEventNotificationAttributesOutput, error) { + req, out := c.RegisterInstanceEventNotificationAttributesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opRegisterTransitGatewayMulticastGroupMembers = "RegisterTransitGatewayMulticastGroupMembers" // RegisterTransitGatewayMulticastGroupMembersRequest generates a "aws/request.Request" representing the @@ -33559,11 +36705,11 @@ func (c *EC2) RequestSpotFleetRequest(input *RequestSpotFleetInput) (req *reques // ensuring that the Spot Instances in your Spot Fleet are in different Spot // pools, you can improve the availability of your fleet. // -// You can specify tags for the Spot Instances. You cannot tag other resource -// types in a Spot Fleet request because only the instance resource type is -// supported. +// You can specify tags for the Spot Fleet request and instances launched by +// the fleet. You cannot tag other resource types in a Spot Fleet request because +// only the spot-fleet-request and instance resource types are supported. // -// For more information, see Spot Fleet Requests (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html) +// For more information, see Spot Fleet requests (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html) // in the Amazon EC2 User Guide for Linux Instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -33640,7 +36786,7 @@ func (c *EC2) RequestSpotInstancesRequest(input *RequestSpotInstancesInput) (req // // Creates a Spot Instance request. // -// For more information, see Spot Instance Requests (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html) +// For more information, see Spot Instance requests (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html) // in the Amazon EC2 User Guide for Linux Instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -34109,7 +37255,7 @@ func (c *EC2) ResetSnapshotAttributeRequest(input *ResetSnapshotAttributeInput) // // Resets permission settings for the specified snapshot. // -// For more information about modifying snapshot permissions, see Sharing Snapshots +// For more information about modifying snapshot permissions, see Sharing snapshots // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) // in the Amazon Elastic Compute Cloud User Guide. // @@ -34218,6 +37364,81 @@ func (c *EC2) RestoreAddressToClassicWithContext(ctx aws.Context, input *Restore return out, req.Send() } +const opRestoreManagedPrefixListVersion = "RestoreManagedPrefixListVersion" + +// RestoreManagedPrefixListVersionRequest generates a "aws/request.Request" representing the +// client's request for the RestoreManagedPrefixListVersion operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RestoreManagedPrefixListVersion for more information on using the RestoreManagedPrefixListVersion +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the RestoreManagedPrefixListVersionRequest method. +// req, resp := client.RestoreManagedPrefixListVersionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RestoreManagedPrefixListVersion +func (c *EC2) RestoreManagedPrefixListVersionRequest(input *RestoreManagedPrefixListVersionInput) (req *request.Request, output *RestoreManagedPrefixListVersionOutput) { + op := &request.Operation{ + Name: opRestoreManagedPrefixListVersion, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &RestoreManagedPrefixListVersionInput{} + } + + output = &RestoreManagedPrefixListVersionOutput{} + req = c.newRequest(op, input, output) + return +} + +// RestoreManagedPrefixListVersion API operation for Amazon Elastic Compute Cloud. +// +// Restores the entries from a previous version of a managed prefix list to +// a new version of the prefix list. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation RestoreManagedPrefixListVersion for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RestoreManagedPrefixListVersion +func (c *EC2) RestoreManagedPrefixListVersion(input *RestoreManagedPrefixListVersionInput) (*RestoreManagedPrefixListVersionOutput, error) { + req, out := c.RestoreManagedPrefixListVersionRequest(input) + return out, req.Send() +} + +// RestoreManagedPrefixListVersionWithContext is the same as RestoreManagedPrefixListVersion with the addition of +// the ability to pass a context and additional request options. +// +// See RestoreManagedPrefixListVersion for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) RestoreManagedPrefixListVersionWithContext(ctx aws.Context, input *RestoreManagedPrefixListVersionInput, opts ...request.Option) (*RestoreManagedPrefixListVersionOutput, error) { + req, out := c.RestoreManagedPrefixListVersionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opRevokeClientVpnIngress = "RevokeClientVpnIngress" // RevokeClientVpnIngressRequest generates a "aws/request.Request" representing the @@ -34331,16 +37552,22 @@ func (c *EC2) RevokeSecurityGroupEgressRequest(input *RevokeSecurityGroupEgressI output = &RevokeSecurityGroupEgressOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } // RevokeSecurityGroupEgress API operation for Amazon Elastic Compute Cloud. // // [VPC only] Removes the specified egress rules from a security group for EC2-VPC. -// This action doesn't apply to security groups for use in EC2-Classic. To remove -// a rule, the values that you specify (for example, ports) must match the existing -// rule's values exactly. +// This action does not apply to security groups for use in EC2-Classic. To +// remove a rule, the values that you specify (for example, ports) must match +// the existing rule's values exactly. +// +// [Default VPC] If the values you specify do not match the existing rule's +// values, no error is returned, and the output describes the security group +// rules that were not revoked. +// +// AWS recommends that you use DescribeSecurityGroups to verify that the rule +// has been removed. // // Each rule consists of the protocol and the IPv4 or IPv6 CIDR range or source // security group. For the TCP and UDP protocols, you must also specify the @@ -34418,7 +37645,6 @@ func (c *EC2) RevokeSecurityGroupIngressRequest(input *RevokeSecurityGroupIngres output = &RevokeSecurityGroupIngressOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -34428,9 +37654,12 @@ func (c *EC2) RevokeSecurityGroupIngressRequest(input *RevokeSecurityGroupIngres // the values that you specify (for example, ports) must match the existing // rule's values exactly. // -// [EC2-Classic only] If the values you specify do not match the existing rule's -// values, no error is returned. Use DescribeSecurityGroups to verify that the -// rule has been removed. +// [EC2-Classic , default VPC] If the values you specify do not match the existing +// rule's values, no error is returned, and the output describes the security +// group rules that were not revoked. +// +// AWS recommends that you use DescribeSecurityGroups to verify that the rule +// has been removed. // // Each rule consists of the protocol and the CIDR range or source security // group. For the TCP and UDP protocols, you must also specify the destination @@ -34528,17 +37757,17 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques // // * Some instance types must be launched into a VPC. If you do not have // a default VPC, or if you do not specify a subnet ID, the request fails. -// For more information, see Instance Types Available Only in a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types). +// For more information, see Instance types available only in a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types). // // * [EC2-VPC] All instances have a network interface with a primary private // IPv4 address. If you don't specify this address, we choose one from the // IPv4 range of your subnet. // // * Not all instance types support IPv6 addresses. For more information, -// see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). +// see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). // // * If you don't specify a security group ID, we use the default security -// group. For more information, see Security Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html). +// group. For more information, see Security groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html). // // * If any of the AMIs have a product code attached for which the user has // not subscribed, the request fails. @@ -34555,17 +37784,17 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques // An instance is ready for you to use when it's in the running state. You can // check the state of your instance using DescribeInstances. You can tag instances // and EBS volumes during launch, after launch, or both. For more information, -// see CreateTags and Tagging Your Amazon EC2 Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html). +// see CreateTags and Tagging your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html). // // Linux instances have access to the public key of the key pair at boot. You // can use this key to provide secure access to the instance. Amazon EC2 public // images use this feature to provide secure access without passwords. For more -// information, see Key Pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) +// information, see Key pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For troubleshooting, see What To Do If An Instance Immediately Terminates +// For troubleshooting, see What to do if an instance immediately terminates // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html), -// and Troubleshooting Connecting to Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html) +// and Troubleshooting connecting to your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -34711,6 +37940,12 @@ func (c *EC2) SearchLocalGatewayRoutesRequest(input *SearchLocalGatewayRoutesInp Name: opSearchLocalGatewayRoutes, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -34754,6 +37989,58 @@ func (c *EC2) SearchLocalGatewayRoutesWithContext(ctx aws.Context, input *Search return out, req.Send() } +// SearchLocalGatewayRoutesPages iterates over the pages of a SearchLocalGatewayRoutes operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See SearchLocalGatewayRoutes method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a SearchLocalGatewayRoutes operation. +// pageNum := 0 +// err := client.SearchLocalGatewayRoutesPages(params, +// func(page *ec2.SearchLocalGatewayRoutesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) SearchLocalGatewayRoutesPages(input *SearchLocalGatewayRoutesInput, fn func(*SearchLocalGatewayRoutesOutput, bool) bool) error { + return c.SearchLocalGatewayRoutesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// SearchLocalGatewayRoutesPagesWithContext same as SearchLocalGatewayRoutesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) SearchLocalGatewayRoutesPagesWithContext(ctx aws.Context, input *SearchLocalGatewayRoutesInput, fn func(*SearchLocalGatewayRoutesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *SearchLocalGatewayRoutesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.SearchLocalGatewayRoutesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*SearchLocalGatewayRoutesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opSearchTransitGatewayMulticastGroups = "SearchTransitGatewayMulticastGroups" // SearchTransitGatewayMulticastGroupsRequest generates a "aws/request.Request" representing the @@ -34785,6 +38072,12 @@ func (c *EC2) SearchTransitGatewayMulticastGroupsRequest(input *SearchTransitGat Name: opSearchTransitGatewayMulticastGroups, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -34829,6 +38122,58 @@ func (c *EC2) SearchTransitGatewayMulticastGroupsWithContext(ctx aws.Context, in return out, req.Send() } +// SearchTransitGatewayMulticastGroupsPages iterates over the pages of a SearchTransitGatewayMulticastGroups operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See SearchTransitGatewayMulticastGroups method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a SearchTransitGatewayMulticastGroups operation. +// pageNum := 0 +// err := client.SearchTransitGatewayMulticastGroupsPages(params, +// func(page *ec2.SearchTransitGatewayMulticastGroupsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) SearchTransitGatewayMulticastGroupsPages(input *SearchTransitGatewayMulticastGroupsInput, fn func(*SearchTransitGatewayMulticastGroupsOutput, bool) bool) error { + return c.SearchTransitGatewayMulticastGroupsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// SearchTransitGatewayMulticastGroupsPagesWithContext same as SearchTransitGatewayMulticastGroupsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) SearchTransitGatewayMulticastGroupsPagesWithContext(ctx aws.Context, input *SearchTransitGatewayMulticastGroupsInput, fn func(*SearchTransitGatewayMulticastGroupsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *SearchTransitGatewayMulticastGroupsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.SearchTransitGatewayMulticastGroupsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*SearchTransitGatewayMulticastGroupsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opSearchTransitGatewayRoutes = "SearchTransitGatewayRoutes" // SearchTransitGatewayRoutesRequest generates a "aws/request.Request" representing the @@ -34962,8 +38307,8 @@ func (c *EC2) SendDiagnosticInterruptRequest(input *SendDiagnosticInterruptInput // system is configured to perform the required diagnostic tasks. // // For more information about configuring your operating system to generate -// a crash dump when a kernel panic or stop error occurs, see Send a Diagnostic -// Interrupt (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/diagnostic-interrupt.html) +// a crash dump when a kernel panic or stop error occurs, see Send a diagnostic +// interrupt (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/diagnostic-interrupt.html) // (Linux instances) or Send a Diagnostic Interrupt (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/diagnostic-interrupt.html) // (Windows instances). // @@ -35060,7 +38405,7 @@ func (c *EC2) StartInstancesRequest(input *StartInstancesInput) (req *request.Re // Performing this operation on an instance that uses an instance store as its // root device returns an error. // -// For more information, see Stopping Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html) +// For more information, see Stopping instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -35143,7 +38488,7 @@ func (c *EC2) StartVpcEndpointServicePrivateDnsVerificationRequest(input *StartV // // Before the service provider runs this command, they must add a record to // the DNS server. For more information, see Adding a TXT Record to Your Domain's -// DNS Server (https://docs.aws.amazon.com/vpc/latest/userguide/ndpoint-services-dns-validation.html#add-dns-txt-record) +// DNS Server (https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-dns-validation.html#add-dns-txt-record) // in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -35223,7 +38568,7 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // You can use the Stop action to hibernate an instance if the instance is enabled // for hibernation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#enabling-hibernation) // and it meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). -// For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) +// For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. // // We don't charge usage for a stopped instance, or data transfer fees; however, @@ -35236,9 +38581,10 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // your Linux instance, Amazon EC2 charges a one-minute minimum for instance // usage, and thereafter charges per second for instance usage. // -// You can't start, stop, or hibernate Spot Instances, and you can't stop or -// hibernate instance store-backed instances. For information about using hibernation -// for Spot Instances, see Hibernating Interrupted Spot Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html#hibernate-spot-instances) +// You can't stop or hibernate instance store-backed instances. You can't use +// the Stop action to hibernate Spot Instances, but you can specify that Amazon +// EC2 should hibernate Spot Instances when they are interrupted. For more information, +// see Hibernating interrupted Spot Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html#hibernate-spot-instances) // in the Amazon Elastic Compute Cloud User Guide. // // When you stop or hibernate an instance, we shut it down. You can restart @@ -35254,13 +38600,13 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // an instance, the root device and any other devices attached during the instance // launch are automatically deleted. For more information about the differences // between rebooting, stopping, hibernating, and terminating instances, see -// Instance Lifecycle (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) +// Instance lifecycle (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) // in the Amazon Elastic Compute Cloud User Guide. // // When you stop an instance, we attempt to shut it down forcibly after a short // while. If your instance appears stuck in the stopping state after a period // of time, there may be an issue with the underlying host computer. For more -// information, see Troubleshooting Stopping Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesStopping.html) +// information, see Troubleshooting stopping your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesStopping.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -35430,11 +38776,11 @@ func (c *EC2) TerminateInstancesRequest(input *TerminateInstancesInput) (req *re // an instance, any attached EBS volumes with the DeleteOnTermination block // device mapping parameter set to true are automatically deleted. For more // information about the differences between stopping and terminating instances, -// see Instance Lifecycle (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) +// see Instance lifecycle (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For more information about troubleshooting, see Troubleshooting Terminating -// Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesShuttingDown.html) +// For more information about troubleshooting, see Troubleshooting terminating +// your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesShuttingDown.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -35659,7 +39005,7 @@ func (c *EC2) UnmonitorInstancesRequest(input *UnmonitorInstancesInput) (req *re // UnmonitorInstances API operation for Amazon Elastic Compute Cloud. // // Disables detailed monitoring for a running instance. For more information, -// see Monitoring Your Instances and Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html) +// see Monitoring your instances and volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -35894,8 +39240,7 @@ func (c *EC2) WithdrawByoipCidrRequest(input *WithdrawByoipCidrInput) (req *requ // WithdrawByoipCidr API operation for Amazon Elastic Compute Cloud. // -// Stops advertising an IPv4 address range that is provisioned as an address -// pool. +// Stops advertising an address range that is provisioned as an address pool. // // You can perform this operation at most once every 10 seconds, even if you // specify different address ranges each time. @@ -36429,7 +39774,57 @@ func (s *ActiveInstance) SetSpotInstanceRequestId(v string) *ActiveInstance { return s } -// Describes an Elastic IP address. +// An entry for a prefix list. +type AddPrefixListEntry struct { + _ struct{} `type:"structure"` + + // The CIDR block. + // + // Cidr is a required field + Cidr *string `type:"string" required:"true"` + + // A description for the entry. + // + // Constraints: Up to 255 characters in length. + Description *string `type:"string"` +} + +// String returns the string representation +func (s AddPrefixListEntry) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AddPrefixListEntry) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AddPrefixListEntry) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AddPrefixListEntry"} + if s.Cidr == nil { + invalidParams.Add(request.NewErrParamRequired("Cidr")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCidr sets the Cidr field's value. +func (s *AddPrefixListEntry) SetCidr(v string) *AddPrefixListEntry { + s.Cidr = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *AddPrefixListEntry) SetDescription(v string) *AddPrefixListEntry { + s.Description = &v + return s +} + +// Describes an Elastic IP address, or a carrier IP address. type Address struct { _ struct{} `type:"structure"` @@ -36440,6 +39835,11 @@ type Address struct { // VPC. AssociationId *string `locationName:"associationId" type:"string"` + // The carrier IP address associated. This option is only available for network + // interfaces which reside in a subnet in a Wavelength Zone (for example an + // EC2 instance). + CarrierIp *string `locationName:"carrierIp" type:"string"` + // The customer-owned IP address. CustomerOwnedIp *string `locationName:"customerOwnedIp" type:"string"` @@ -36453,7 +39853,8 @@ type Address struct { // The ID of the instance that the address is associated with (if any). InstanceId *string `locationName:"instanceId" type:"string"` - // The name of the location from which the IP address is advertised. + // The name of the unique set of Availability Zones, Local Zones, or Wavelength + // Zones from which AWS advertises IP addresses. NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` // The ID of the network interface. @@ -36497,6 +39898,12 @@ func (s *Address) SetAssociationId(v string) *Address { return s } +// SetCarrierIp sets the CarrierIp field's value. +func (s *Address) SetCarrierIp(v string) *Address { + s.CarrierIp = &v + return s +} + // SetCustomerOwnedIp sets the CustomerOwnedIp field's value. func (s *Address) SetCustomerOwnedIp(v string) *Address { s.CustomerOwnedIp = &v @@ -36566,8 +39973,8 @@ func (s *Address) SetTags(v []*Tag) *Address { type AdvertiseByoipCidrInput struct { _ struct{} `type:"structure"` - // The IPv4 address range, in CIDR notation. This must be the exact range that - // you provisioned. You can't advertise only a portion of the provisioned range. + // The address range, in CIDR notation. This must be the exact range that you + // provisioned. You can't advertise only a portion of the provisioned range. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -36649,9 +40056,11 @@ type AllocateAddressInput struct { // address from the address pool. CustomerOwnedIpv4Pool *string `type:"string"` - // Set to vpc to allocate the address for use with instances in a VPC. + // Indicates whether the Elastic IP address is for use with instances in a VPC + // or instances in EC2-Classic. // - // Default: The address is for use with instances in EC2-Classic. + // Default: If the Region supports EC2-Classic, the default is standard. Otherwise, + // the default is vpc. Domain *string `type:"string" enum:"DomainType"` // Checks whether you have the required permissions for the action, without @@ -36660,10 +40069,11 @@ type AllocateAddressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The location from which the IP address is advertised. Use this parameter - // to limit the address to this location. + // A unique set of Availability Zones, Local Zones, or Wavelength Zones from + // which AWS advertises IP addresses. Use this parameter to limit the IP address + // to this location. IP addresses cannot move between network border groups. // - // Use DescribeVpcs (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html) + // Use DescribeAvailabilityZones (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) // to view the network border groups. // // You cannot use a network border group with EC2 Classic. If you attempt this @@ -36730,17 +40140,22 @@ type AllocateAddressOutput struct { // IP address for use with instances in a VPC. AllocationId *string `locationName:"allocationId" type:"string"` + // The carrier IP address. This option is only available for network interfaces + // which reside in a subnet in a Wavelength Zone (for example an EC2 instance). + CarrierIp *string `locationName:"carrierIp" type:"string"` + // The customer-owned IP address. CustomerOwnedIp *string `locationName:"customerOwnedIp" type:"string"` // The ID of the customer-owned address pool. CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` - // Indicates whether this Elastic IP address is for use with instances in EC2-Classic - // (standard) or instances in a VPC (vpc). + // Indicates whether the Elastic IP address is for use with instances in a VPC + // (vpc) or instances in EC2-Classic (standard). Domain *string `locationName:"domain" type:"string" enum:"DomainType"` - // The location from which the IP address is advertised. + // The set of Availability Zones, Local Zones, or Wavelength Zones from which + // AWS advertises IP addresses. NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` // The Elastic IP address. @@ -36766,6 +40181,12 @@ func (s *AllocateAddressOutput) SetAllocationId(v string) *AllocateAddressOutput return s } +// SetCarrierIp sets the CarrierIp field's value. +func (s *AllocateAddressOutput) SetCarrierIp(v string) *AllocateAddressOutput { + s.CarrierIp = &v + return s +} + // SetCustomerOwnedIp sets the CustomerOwnedIp field's value. func (s *AllocateAddressOutput) SetCustomerOwnedIp(v string) *AllocateAddressOutput { s.CustomerOwnedIp = &v @@ -37616,6 +41037,109 @@ func (s AssociateDhcpOptionsOutput) GoString() string { return s.String() } +type AssociateEnclaveCertificateIamRoleInput struct { + _ struct{} `type:"structure"` + + // The ARN of the ACM certificate with which to associate the IAM role. + CertificateArn *string `min:"1" type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ARN of the IAM role to associate with the ACM certificate. You can associate + // up to 16 IAM roles with an ACM certificate. + RoleArn *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s AssociateEnclaveCertificateIamRoleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssociateEnclaveCertificateIamRoleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateEnclaveCertificateIamRoleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateEnclaveCertificateIamRoleInput"} + if s.CertificateArn != nil && len(*s.CertificateArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 1)) + } + if s.RoleArn != nil && len(*s.RoleArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCertificateArn sets the CertificateArn field's value. +func (s *AssociateEnclaveCertificateIamRoleInput) SetCertificateArn(v string) *AssociateEnclaveCertificateIamRoleInput { + s.CertificateArn = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *AssociateEnclaveCertificateIamRoleInput) SetDryRun(v bool) *AssociateEnclaveCertificateIamRoleInput { + s.DryRun = &v + return s +} + +// SetRoleArn sets the RoleArn field's value. +func (s *AssociateEnclaveCertificateIamRoleInput) SetRoleArn(v string) *AssociateEnclaveCertificateIamRoleInput { + s.RoleArn = &v + return s +} + +type AssociateEnclaveCertificateIamRoleOutput struct { + _ struct{} `type:"structure"` + + // The name of the Amazon S3 bucket to which the certificate was uploaded. + CertificateS3BucketName *string `locationName:"certificateS3BucketName" type:"string"` + + // The Amazon S3 object key where the certificate, certificate chain, and encrypted + // private key bundle are stored. The object key is formatted as follows: certificate_arn/role_arn. + CertificateS3ObjectKey *string `locationName:"certificateS3ObjectKey" type:"string"` + + // The ID of the AWS KMS CMK used to encrypt the private key of the certificate. + EncryptionKmsKeyId *string `locationName:"encryptionKmsKeyId" type:"string"` +} + +// String returns the string representation +func (s AssociateEnclaveCertificateIamRoleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssociateEnclaveCertificateIamRoleOutput) GoString() string { + return s.String() +} + +// SetCertificateS3BucketName sets the CertificateS3BucketName field's value. +func (s *AssociateEnclaveCertificateIamRoleOutput) SetCertificateS3BucketName(v string) *AssociateEnclaveCertificateIamRoleOutput { + s.CertificateS3BucketName = &v + return s +} + +// SetCertificateS3ObjectKey sets the CertificateS3ObjectKey field's value. +func (s *AssociateEnclaveCertificateIamRoleOutput) SetCertificateS3ObjectKey(v string) *AssociateEnclaveCertificateIamRoleOutput { + s.CertificateS3ObjectKey = &v + return s +} + +// SetEncryptionKmsKeyId sets the EncryptionKmsKeyId field's value. +func (s *AssociateEnclaveCertificateIamRoleOutput) SetEncryptionKmsKeyId(v string) *AssociateEnclaveCertificateIamRoleOutput { + s.EncryptionKmsKeyId = &v + return s +} + type AssociateIamInstanceProfileInput struct { _ struct{} `type:"structure"` @@ -38051,14 +41575,23 @@ type AssociateVpcCidrBlockInput struct { // An IPv4 CIDR block to associate with the VPC. CidrBlock *string `type:"string"` + // An IPv6 CIDR block from the IPv6 address pool. You must also specify Ipv6Pool + // in the request. + // + // To let Amazon choose the IPv6 CIDR block for you, omit this parameter. + Ipv6CidrBlock *string `type:"string"` + // The name of the location from which we advertise the IPV6 CIDR block. Use - // this parameter to limit the CiDR block to this location. + // this parameter to limit the CIDR block to this location. // // You must set AmazonProvidedIpv6CidrBlock to true to use this parameter. // // You can have one IPv6 CIDR block association per network border group. Ipv6CidrBlockNetworkBorderGroup *string `type:"string"` + // The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block. + Ipv6Pool *string `type:"string"` + // The ID of the VPC. // // VpcId is a required field @@ -38100,12 +41633,24 @@ func (s *AssociateVpcCidrBlockInput) SetCidrBlock(v string) *AssociateVpcCidrBlo return s } +// SetIpv6CidrBlock sets the Ipv6CidrBlock field's value. +func (s *AssociateVpcCidrBlockInput) SetIpv6CidrBlock(v string) *AssociateVpcCidrBlockInput { + s.Ipv6CidrBlock = &v + return s +} + // SetIpv6CidrBlockNetworkBorderGroup sets the Ipv6CidrBlockNetworkBorderGroup field's value. func (s *AssociateVpcCidrBlockInput) SetIpv6CidrBlockNetworkBorderGroup(v string) *AssociateVpcCidrBlockInput { s.Ipv6CidrBlockNetworkBorderGroup = &v return s } +// SetIpv6Pool sets the Ipv6Pool field's value. +func (s *AssociateVpcCidrBlockInput) SetIpv6Pool(v string) *AssociateVpcCidrBlockInput { + s.Ipv6Pool = &v + return s +} + // SetVpcId sets the VpcId field's value. func (s *AssociateVpcCidrBlockInput) SetVpcId(v string) *AssociateVpcCidrBlockInput { s.VpcId = &v @@ -38153,6 +41698,59 @@ func (s *AssociateVpcCidrBlockOutput) SetVpcId(v string) *AssociateVpcCidrBlockO return s } +// Information about the associated IAM roles. +type AssociatedRole struct { + _ struct{} `type:"structure"` + + // The ARN of the associated IAM role. + AssociatedRoleArn *string `locationName:"associatedRoleArn" min:"1" type:"string"` + + // The name of the Amazon S3 bucket in which the Amazon S3 object is stored. + CertificateS3BucketName *string `locationName:"certificateS3BucketName" type:"string"` + + // The key of the Amazon S3 object ey where the certificate, certificate chain, + // and encrypted private key bundle is stored. The object key is formated as + // follows: certificate_arn/role_arn. + CertificateS3ObjectKey *string `locationName:"certificateS3ObjectKey" type:"string"` + + // The ID of the KMS customer master key (CMK) used to encrypt the private key. + EncryptionKmsKeyId *string `locationName:"encryptionKmsKeyId" type:"string"` +} + +// String returns the string representation +func (s AssociatedRole) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssociatedRole) GoString() string { + return s.String() +} + +// SetAssociatedRoleArn sets the AssociatedRoleArn field's value. +func (s *AssociatedRole) SetAssociatedRoleArn(v string) *AssociatedRole { + s.AssociatedRoleArn = &v + return s +} + +// SetCertificateS3BucketName sets the CertificateS3BucketName field's value. +func (s *AssociatedRole) SetCertificateS3BucketName(v string) *AssociatedRole { + s.CertificateS3BucketName = &v + return s +} + +// SetCertificateS3ObjectKey sets the CertificateS3ObjectKey field's value. +func (s *AssociatedRole) SetCertificateS3ObjectKey(v string) *AssociatedRole { + s.CertificateS3ObjectKey = &v + return s +} + +// SetEncryptionKmsKeyId sets the EncryptionKmsKeyId field's value. +func (s *AssociatedRole) SetEncryptionKmsKeyId(v string) *AssociatedRole { + s.EncryptionKmsKeyId = &v + return s +} + // Describes a target network that is associated with a Client VPN endpoint. // A target network is a subnet in a VPC. type AssociatedTargetNetwork struct { @@ -38420,6 +42018,11 @@ type AttachNetworkInterfaceInput struct { // InstanceId is a required field InstanceId *string `locationName:"instanceId" type:"string" required:"true"` + // The index of the network card. Some instance types support multiple network + // cards. The primary network interface must be assigned to network card index + // 0. The default is network card index 0. + NetworkCardIndex *int64 `type:"integer"` + // The ID of the network interface. // // NetworkInterfaceId is a required field @@ -38473,6 +42076,12 @@ func (s *AttachNetworkInterfaceInput) SetInstanceId(v string) *AttachNetworkInte return s } +// SetNetworkCardIndex sets the NetworkCardIndex field's value. +func (s *AttachNetworkInterfaceInput) SetNetworkCardIndex(v int64) *AttachNetworkInterfaceInput { + s.NetworkCardIndex = &v + return s +} + // SetNetworkInterfaceId sets the NetworkInterfaceId field's value. func (s *AttachNetworkInterfaceInput) SetNetworkInterfaceId(v string) *AttachNetworkInterfaceInput { s.NetworkInterfaceId = &v @@ -38485,6 +42094,9 @@ type AttachNetworkInterfaceOutput struct { // The ID of the network interface attachment. AttachmentId *string `locationName:"attachmentId" type:"string"` + + // The index of the network card. + NetworkCardIndex *int64 `locationName:"networkCardIndex" type:"integer"` } // String returns the string representation @@ -38503,6 +42115,12 @@ func (s *AttachNetworkInterfaceOutput) SetAttachmentId(v string) *AttachNetworkI return s } +// SetNetworkCardIndex sets the NetworkCardIndex field's value. +func (s *AttachNetworkInterfaceOutput) SetNetworkCardIndex(v int64) *AttachNetworkInterfaceOutput { + s.NetworkCardIndex = &v + return s +} + type AttachVolumeInput struct { _ struct{} `type:"structure"` @@ -38793,11 +42411,14 @@ func (s *AuthorizationRule) SetStatus(v *ClientVpnAuthorizationRuleStatus) *Auth type AuthorizeClientVpnIngressInput struct { _ struct{} `type:"structure"` - // The ID of the Active Directory group to grant access. + // The ID of the group to grant access to, for example, the Active Directory + // group or identity provider (IdP) group. Required if AuthorizeAllGroups is + // false or not specified. AccessGroupId *string `type:"string"` - // Indicates whether to grant access to all clients. Use true to grant all clients - // who successfully establish a VPN connection access to the network. + // Indicates whether to grant access to all clients. Specify true to grant all + // clients who successfully establish a VPN connection access to the network. + // Must be set to true if AccessGroupId is not specified. AuthorizeAllGroups *bool `type:"boolean"` // Unique, case-sensitive identifier that you provide to ensure the idempotency @@ -39205,38 +42826,52 @@ func (s AuthorizeSecurityGroupIngressOutput) GoString() string { return s.String() } -// Describes an Availability Zone or Local Zone. +// Describes Availability Zones, Local Zones, and Wavelength Zones. type AvailabilityZone struct { _ struct{} `type:"structure"` // For Availability Zones, this parameter has the same value as the Region name. // // For Local Zones, the name of the associated group, for example us-west-2-lax-1. + // + // For Wavelength Zones, the name of the associated group, for example us-east-1-wl1-bos-wlz-1. GroupName *string `locationName:"groupName" type:"string"` - // Any messages about the Availability Zone or Local Zone. + // Any messages about the Availability Zone, Local Zone, or Wavelength Zone. Messages []*AvailabilityZoneMessage `locationName:"messageSet" locationNameList:"item" type:"list"` - // The name of the location from which the address is advertised. + // The name of the network border group. NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` // For Availability Zones, this parameter always has the value of opt-in-not-required. // - // For Local Zones, this parameter is the opt in status. The possible values - // are opted-in, and not-opted-in. + // For Local Zones and Wavelength Zones, this parameter is the opt-in status. + // The possible values are opted-in, and not-opted-in. OptInStatus *string `locationName:"optInStatus" type:"string" enum:"AvailabilityZoneOptInStatus"` + // The ID of the zone that handles some of the Local Zone or Wavelength Zone + // control plane operations, such as API calls. + ParentZoneId *string `locationName:"parentZoneId" type:"string"` + + // The name of the zone that handles some of the Local Zone or Wavelength Zone + // control plane operations, such as API calls. + ParentZoneName *string `locationName:"parentZoneName" type:"string"` + // The name of the Region. RegionName *string `locationName:"regionName" type:"string"` - // The state of the Availability Zone or Local Zone. + // The state of the Availability Zone, Local Zone, or Wavelength Zone. State *string `locationName:"zoneState" type:"string" enum:"AvailabilityZoneState"` - // The ID of the Availability Zone or Local Zone. + // The ID of the Availability Zone, Local Zone, or Wavelength Zone. ZoneId *string `locationName:"zoneId" type:"string"` - // The name of the Availability Zone or Local Zone. + // The name of the Availability Zone, Local Zone, or Wavelength Zone. ZoneName *string `locationName:"zoneName" type:"string"` + + // The type of zone. The valid values are availability-zone, local-zone, and + // wavelength-zone. + ZoneType *string `locationName:"zoneType" type:"string"` } // String returns the string representation @@ -39273,6 +42908,18 @@ func (s *AvailabilityZone) SetOptInStatus(v string) *AvailabilityZone { return s } +// SetParentZoneId sets the ParentZoneId field's value. +func (s *AvailabilityZone) SetParentZoneId(v string) *AvailabilityZone { + s.ParentZoneId = &v + return s +} + +// SetParentZoneName sets the ParentZoneName field's value. +func (s *AvailabilityZone) SetParentZoneName(v string) *AvailabilityZone { + s.ParentZoneName = &v + return s +} + // SetRegionName sets the RegionName field's value. func (s *AvailabilityZone) SetRegionName(v string) *AvailabilityZone { s.RegionName = &v @@ -39297,11 +42944,18 @@ func (s *AvailabilityZone) SetZoneName(v string) *AvailabilityZone { return s } -// Describes a message about an Availability Zone or Local Zone. +// SetZoneType sets the ZoneType field's value. +func (s *AvailabilityZone) SetZoneType(v string) *AvailabilityZone { + s.ZoneType = &v + return s +} + +// Describes a message about an Availability Zone, Local Zone, or Wavelength +// Zone. type AvailabilityZoneMessage struct { _ struct{} `type:"structure"` - // The message about the Availability Zone or Local Zone. + // The message about the Availability Zone, Local Zone, or Wavelength Zone. Message *string `locationName:"message" type:"string"` } @@ -39669,7 +43323,7 @@ func (s *BundleTaskError) SetMessage(v string) *BundleTaskError { type ByoipCidr struct { _ struct{} `type:"structure"` - // The public IPv4 address range, in CIDR notation. + // The address range, in CIDR notation. Cidr *string `locationName:"cidr" type:"string"` // The description of the address range. @@ -40684,6 +44338,39 @@ func (s *CapacityReservation) SetTotalInstanceCount(v int64) *CapacityReservatio return s } +// Describes a resource group to which a Capacity Reservation has been added. +type CapacityReservationGroup struct { + _ struct{} `type:"structure"` + + // The ARN of the resource group. + GroupArn *string `locationName:"groupArn" type:"string"` + + // The ID of the AWS account that owns the resource group. + OwnerId *string `locationName:"ownerId" type:"string"` +} + +// String returns the string representation +func (s CapacityReservationGroup) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CapacityReservationGroup) GoString() string { + return s.String() +} + +// SetGroupArn sets the GroupArn field's value. +func (s *CapacityReservationGroup) SetGroupArn(v string) *CapacityReservationGroup { + s.GroupArn = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *CapacityReservationGroup) SetOwnerId(v string) *CapacityReservationGroup { + s.OwnerId = &v + return s +} + // Describes the strategy for using unused Capacity Reservations for fulfilling // On-Demand capacity. // @@ -40692,7 +44379,7 @@ func (s *CapacityReservation) SetTotalInstanceCount(v int64) *CapacityReservatio // For more information about Capacity Reservations, see On-Demand Capacity // Reservations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html) // in the Amazon Elastic Compute Cloud User Guide. For examples of using Capacity -// Reservations in an EC2 Fleet, see EC2 Fleet Example Configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) +// Reservations in an EC2 Fleet, see EC2 Fleet example configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) // in the Amazon Elastic Compute Cloud User Guide. type CapacityReservationOptions struct { _ struct{} `type:"structure"` @@ -40737,7 +44424,7 @@ func (s *CapacityReservationOptions) SetUsageStrategy(v string) *CapacityReserva // For more information about Capacity Reservations, see On-Demand Capacity // Reservations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html) // in the Amazon Elastic Compute Cloud User Guide. For examples of using Capacity -// Reservations in an EC2 Fleet, see EC2 Fleet Example Configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) +// Reservations in an EC2 Fleet, see EC2 Fleet example configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) // in the Amazon Elastic Compute Cloud User Guide. type CapacityReservationOptionsRequest struct { _ struct{} `type:"structure"` @@ -40782,7 +44469,7 @@ func (s *CapacityReservationOptionsRequest) SetUsageStrategy(v string) *Capacity // to run as an On-Demand Instance or to run in any open Capacity Reservation // that has matching attributes (instance type, platform, Availability Zone). // Use the CapacityReservationTarget parameter to explicitly target a specific -// Capacity Reservation. +// Capacity Reservation or a Capacity Reservation group. type CapacityReservationSpecification struct { _ struct{} `type:"structure"` @@ -40796,7 +44483,8 @@ type CapacityReservationSpecification struct { // one is available. The instance runs as an On-Demand Instance. CapacityReservationPreference *string `type:"string" enum:"CapacityReservationPreference"` - // Information about the target Capacity Reservation. + // Information about the target Capacity Reservation or Capacity Reservation + // group. CapacityReservationTarget *CapacityReservationTarget `type:"structure"` } @@ -40827,7 +44515,8 @@ func (s *CapacityReservationSpecification) SetCapacityReservationTarget(v *Capac // instance is configured to run in On-Demand capacity, or if it is configured // in run in any open Capacity Reservation that has matching attributes (instance // type, platform, Availability Zone). The action returns the capacityReservationTarget -// response element if the instance explicily targets a specific Capacity Reservation. +// response element if the instance explicily targets a specific Capacity Reservation +// or Capacity Reservation group. type CapacityReservationSpecificationResponse struct { _ struct{} `type:"structure"` @@ -40841,7 +44530,8 @@ type CapacityReservationSpecificationResponse struct { // one is available. The instance runs in On-Demand capacity. CapacityReservationPreference *string `locationName:"capacityReservationPreference" type:"string" enum:"CapacityReservationPreference"` - // Information about the targeted Capacity Reservation. + // Information about the targeted Capacity Reservation or Capacity Reservation + // group. CapacityReservationTarget *CapacityReservationTargetResponse `locationName:"capacityReservationTarget" type:"structure"` } @@ -40867,12 +44557,15 @@ func (s *CapacityReservationSpecificationResponse) SetCapacityReservationTarget( return s } -// Describes a target Capacity Reservation. +// Describes a target Capacity Reservation or Capacity Reservation group. type CapacityReservationTarget struct { _ struct{} `type:"structure"` - // The ID of the Capacity Reservation. + // The ID of the Capacity Reservation in which to run the instance. CapacityReservationId *string `type:"string"` + + // The ARN of the Capacity Reservation resource group in which to run the instance. + CapacityReservationResourceGroupArn *string `type:"string"` } // String returns the string representation @@ -40891,12 +44584,21 @@ func (s *CapacityReservationTarget) SetCapacityReservationId(v string) *Capacity return s } -// Describes a target Capacity Reservation. +// SetCapacityReservationResourceGroupArn sets the CapacityReservationResourceGroupArn field's value. +func (s *CapacityReservationTarget) SetCapacityReservationResourceGroupArn(v string) *CapacityReservationTarget { + s.CapacityReservationResourceGroupArn = &v + return s +} + +// Describes a target Capacity Reservation or Capacity Reservation group. type CapacityReservationTargetResponse struct { _ struct{} `type:"structure"` - // The ID of the Capacity Reservation. + // The ID of the targeted Capacity Reservation. CapacityReservationId *string `locationName:"capacityReservationId" type:"string"` + + // The ARN of the targeted Capacity Reservation group. + CapacityReservationResourceGroupArn *string `locationName:"capacityReservationResourceGroupArn" type:"string"` } // String returns the string representation @@ -40915,6 +44617,72 @@ func (s *CapacityReservationTargetResponse) SetCapacityReservationId(v string) * return s } +// SetCapacityReservationResourceGroupArn sets the CapacityReservationResourceGroupArn field's value. +func (s *CapacityReservationTargetResponse) SetCapacityReservationResourceGroupArn(v string) *CapacityReservationTargetResponse { + s.CapacityReservationResourceGroupArn = &v + return s +} + +// Describes a carrier gateway. +type CarrierGateway struct { + _ struct{} `type:"structure"` + + // The ID of the carrier gateway. + CarrierGatewayId *string `locationName:"carrierGatewayId" type:"string"` + + // The AWS account ID of the owner of the carrier gateway. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The state of the carrier gateway. + State *string `locationName:"state" type:"string" enum:"CarrierGatewayState"` + + // The tags assigned to the carrier gateway. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the VPC associated with the carrier gateway. + VpcId *string `locationName:"vpcId" type:"string"` +} + +// String returns the string representation +func (s CarrierGateway) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CarrierGateway) GoString() string { + return s.String() +} + +// SetCarrierGatewayId sets the CarrierGatewayId field's value. +func (s *CarrierGateway) SetCarrierGatewayId(v string) *CarrierGateway { + s.CarrierGatewayId = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *CarrierGateway) SetOwnerId(v string) *CarrierGateway { + s.OwnerId = &v + return s +} + +// SetState sets the State field's value. +func (s *CarrierGateway) SetState(v string) *CarrierGateway { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CarrierGateway) SetTags(v []*Tag) *CarrierGateway { + s.Tags = v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *CarrierGateway) SetVpcId(v string) *CarrierGateway { + s.VpcId = &v + return s +} + // Information about the client certificate used for authentication. type CertificateAuthentication struct { _ struct{} `type:"structure"` @@ -41225,6 +44993,84 @@ func (s *ClientCertificateRevocationListStatus) SetMessage(v string) *ClientCert return s } +// The options for managing connection authorization for new client connections. +type ClientConnectOptions struct { + _ struct{} `type:"structure"` + + // Indicates whether client connect options are enabled. The default is false + // (not enabled). + Enabled *bool `type:"boolean"` + + // The Amazon Resource Name (ARN) of the AWS Lambda function used for connection + // authorization. + LambdaFunctionArn *string `type:"string"` +} + +// String returns the string representation +func (s ClientConnectOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ClientConnectOptions) GoString() string { + return s.String() +} + +// SetEnabled sets the Enabled field's value. +func (s *ClientConnectOptions) SetEnabled(v bool) *ClientConnectOptions { + s.Enabled = &v + return s +} + +// SetLambdaFunctionArn sets the LambdaFunctionArn field's value. +func (s *ClientConnectOptions) SetLambdaFunctionArn(v string) *ClientConnectOptions { + s.LambdaFunctionArn = &v + return s +} + +// The options for managing connection authorization for new client connections. +type ClientConnectResponseOptions struct { + _ struct{} `type:"structure"` + + // Indicates whether client connect options are enabled. + Enabled *bool `locationName:"enabled" type:"boolean"` + + // The Amazon Resource Name (ARN) of the AWS Lambda function used for connection + // authorization. + LambdaFunctionArn *string `locationName:"lambdaFunctionArn" type:"string"` + + // The status of any updates to the client connect options. + Status *ClientVpnEndpointAttributeStatus `locationName:"status" type:"structure"` +} + +// String returns the string representation +func (s ClientConnectResponseOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ClientConnectResponseOptions) GoString() string { + return s.String() +} + +// SetEnabled sets the Enabled field's value. +func (s *ClientConnectResponseOptions) SetEnabled(v bool) *ClientConnectResponseOptions { + s.Enabled = &v + return s +} + +// SetLambdaFunctionArn sets the LambdaFunctionArn field's value. +func (s *ClientConnectResponseOptions) SetLambdaFunctionArn(v string) *ClientConnectResponseOptions { + s.LambdaFunctionArn = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *ClientConnectResponseOptions) SetStatus(v *ClientVpnEndpointAttributeStatus) *ClientConnectResponseOptions { + s.Status = v + return s +} + // Describes the client-specific data. type ClientData struct { _ struct{} `type:"structure"` @@ -41276,9 +45122,8 @@ func (s *ClientData) SetUploadStart(v time.Time) *ClientData { return s } -// Describes the authentication methods used by a Client VPN endpoint. Client -// VPN supports Active Directory and mutual authentication. For more information, -// see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) +// Describes the authentication methods used by a Client VPN endpoint. For more +// information, see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/client-authentication.html) // in the AWS Client VPN Administrator Guide. type ClientVpnAuthentication struct { _ struct{} `type:"structure"` @@ -41286,6 +45131,9 @@ type ClientVpnAuthentication struct { // Information about the Active Directory, if applicable. ActiveDirectory *DirectoryServiceAuthentication `locationName:"activeDirectory" type:"structure"` + // Information about the IAM SAML identity provider, if applicable. + FederatedAuthentication *FederatedAuthentication `locationName:"federatedAuthentication" type:"structure"` + // Information about the authentication certificates, if applicable. MutualAuthentication *CertificateAuthentication `locationName:"mutualAuthentication" type:"structure"` @@ -41309,6 +45157,12 @@ func (s *ClientVpnAuthentication) SetActiveDirectory(v *DirectoryServiceAuthenti return s } +// SetFederatedAuthentication sets the FederatedAuthentication field's value. +func (s *ClientVpnAuthentication) SetFederatedAuthentication(v *FederatedAuthentication) *ClientVpnAuthentication { + s.FederatedAuthentication = v + return s +} + // SetMutualAuthentication sets the MutualAuthentication field's value. func (s *ClientVpnAuthentication) SetMutualAuthentication(v *CertificateAuthentication) *ClientVpnAuthentication { s.MutualAuthentication = v @@ -41322,8 +45176,7 @@ func (s *ClientVpnAuthentication) SetType(v string) *ClientVpnAuthentication { } // Describes the authentication method to be used by a Client VPN endpoint. -// Client VPN supports Active Directory and mutual authentication. For more -// information, see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) +// For more information, see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) // in the AWS Client VPN Administrator Guide. type ClientVpnAuthenticationRequest struct { _ struct{} `type:"structure"` @@ -41332,13 +45185,15 @@ type ClientVpnAuthenticationRequest struct { // provide this information if Type is directory-service-authentication. ActiveDirectory *DirectoryServiceAuthenticationRequest `type:"structure"` + // Information about the IAM SAML identity provider to be used, if applicable. + // You must provide this information if Type is federated-authentication. + FederatedAuthentication *FederatedAuthenticationRequest `type:"structure"` + // Information about the authentication certificates to be used, if applicable. // You must provide this information if Type is certificate-authentication. MutualAuthentication *CertificateAuthenticationRequest `type:"structure"` - // The type of client authentication to be used. Specify certificate-authentication - // to use certificate-based authentication, or directory-service-authentication - // to use Active Directory authentication. + // The type of client authentication to be used. Type *string `type:"string" enum:"ClientVpnAuthenticationType"` } @@ -41358,6 +45213,12 @@ func (s *ClientVpnAuthenticationRequest) SetActiveDirectory(v *DirectoryServiceA return s } +// SetFederatedAuthentication sets the FederatedAuthentication field's value. +func (s *ClientVpnAuthenticationRequest) SetFederatedAuthentication(v *FederatedAuthenticationRequest) *ClientVpnAuthenticationRequest { + s.FederatedAuthentication = v + return s +} + // SetMutualAuthentication sets the MutualAuthentication field's value. func (s *ClientVpnAuthenticationRequest) SetMutualAuthentication(v *CertificateAuthenticationRequest) *ClientVpnAuthenticationRequest { s.MutualAuthentication = v @@ -41438,6 +45299,10 @@ type ClientVpnConnection struct { // The number of packets sent by the client. IngressPackets *string `locationName:"ingressPackets" type:"string"` + // The statuses returned by the client connect handler for posture compliance, + // if applicable. + PostureComplianceStatuses []*string `locationName:"postureComplianceStatusSet" locationNameList:"item" type:"list"` + // The current state of the client connection. Status *ClientVpnConnectionStatus `locationName:"status" type:"structure"` @@ -41519,6 +45384,12 @@ func (s *ClientVpnConnection) SetIngressPackets(v string) *ClientVpnConnection { return s } +// SetPostureComplianceStatuses sets the PostureComplianceStatuses field's value. +func (s *ClientVpnConnection) SetPostureComplianceStatuses(v []*string) *ClientVpnConnection { + s.PostureComplianceStatuses = v + return s +} + // SetStatus sets the Status field's value. func (s *ClientVpnConnection) SetStatus(v *ClientVpnConnectionStatus) *ClientVpnConnection { s.Status = v @@ -41587,6 +45458,9 @@ type ClientVpnEndpoint struct { // are assigned. ClientCidrBlock *string `locationName:"clientCidrBlock" type:"string"` + // The options for managing connection authorization for new client connections. + ClientConnectOptions *ClientConnectResponseOptions `locationName:"clientConnectOptions" type:"structure"` + // The ID of the Client VPN endpoint. ClientVpnEndpointId *string `locationName:"clientVpnEndpointId" type:"string"` @@ -41609,6 +45483,12 @@ type ClientVpnEndpoint struct { // Information about the DNS servers to be used for DNS resolution. DnsServers []*string `locationName:"dnsServer" locationNameList:"item" type:"list"` + // The IDs of the security groups for the target network. + SecurityGroupIds []*string `locationName:"securityGroupIdSet" locationNameList:"item" type:"list"` + + // The URL of the self-service portal. + SelfServicePortalUrl *string `locationName:"selfServicePortalUrl" type:"string"` + // The ARN of the server certificate. ServerCertificateArn *string `locationName:"serverCertificateArn" type:"string"` @@ -41628,6 +45508,12 @@ type ClientVpnEndpoint struct { // The transport protocol used by the Client VPN endpoint. TransportProtocol *string `locationName:"transportProtocol" type:"string" enum:"TransportProtocol"` + // The ID of the VPC. + VpcId *string `locationName:"vpcId" type:"string"` + + // The port number for the Client VPN endpoint. + VpnPort *int64 `locationName:"vpnPort" type:"integer"` + // The protocol used by the VPN session. VpnProtocol *string `locationName:"vpnProtocol" type:"string" enum:"VpnProtocol"` } @@ -41660,6 +45546,12 @@ func (s *ClientVpnEndpoint) SetClientCidrBlock(v string) *ClientVpnEndpoint { return s } +// SetClientConnectOptions sets the ClientConnectOptions field's value. +func (s *ClientVpnEndpoint) SetClientConnectOptions(v *ClientConnectResponseOptions) *ClientVpnEndpoint { + s.ClientConnectOptions = v + return s +} + // SetClientVpnEndpointId sets the ClientVpnEndpointId field's value. func (s *ClientVpnEndpoint) SetClientVpnEndpointId(v string) *ClientVpnEndpoint { s.ClientVpnEndpointId = &v @@ -41702,6 +45594,18 @@ func (s *ClientVpnEndpoint) SetDnsServers(v []*string) *ClientVpnEndpoint { return s } +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *ClientVpnEndpoint) SetSecurityGroupIds(v []*string) *ClientVpnEndpoint { + s.SecurityGroupIds = v + return s +} + +// SetSelfServicePortalUrl sets the SelfServicePortalUrl field's value. +func (s *ClientVpnEndpoint) SetSelfServicePortalUrl(v string) *ClientVpnEndpoint { + s.SelfServicePortalUrl = &v + return s +} + // SetServerCertificateArn sets the ServerCertificateArn field's value. func (s *ClientVpnEndpoint) SetServerCertificateArn(v string) *ClientVpnEndpoint { s.ServerCertificateArn = &v @@ -41732,12 +45636,57 @@ func (s *ClientVpnEndpoint) SetTransportProtocol(v string) *ClientVpnEndpoint { return s } +// SetVpcId sets the VpcId field's value. +func (s *ClientVpnEndpoint) SetVpcId(v string) *ClientVpnEndpoint { + s.VpcId = &v + return s +} + +// SetVpnPort sets the VpnPort field's value. +func (s *ClientVpnEndpoint) SetVpnPort(v int64) *ClientVpnEndpoint { + s.VpnPort = &v + return s +} + // SetVpnProtocol sets the VpnProtocol field's value. func (s *ClientVpnEndpoint) SetVpnProtocol(v string) *ClientVpnEndpoint { s.VpnProtocol = &v return s } +// Describes the status of the Client VPN endpoint attribute. +type ClientVpnEndpointAttributeStatus struct { + _ struct{} `type:"structure"` + + // The status code. + Code *string `locationName:"code" type:"string" enum:"ClientVpnEndpointAttributeStatusCode"` + + // The status message. + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ClientVpnEndpointAttributeStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ClientVpnEndpointAttributeStatus) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *ClientVpnEndpointAttributeStatus) SetCode(v string) *ClientVpnEndpointAttributeStatus { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *ClientVpnEndpointAttributeStatus) SetMessage(v string) *ClientVpnEndpointAttributeStatus { + s.Message = &v + return s +} + // Describes the state of a Client VPN endpoint. type ClientVpnEndpointStatus struct { _ struct{} `type:"structure"` @@ -41956,6 +45905,9 @@ type CoipPool struct { // The ID of the local gateway route table. LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` + // The ARN of the address pool. + PoolArn *string `locationName:"poolArn" min:"1" type:"string"` + // The address ranges of the address pool. PoolCidrs []*string `locationName:"poolCidrSet" locationNameList:"item" type:"list"` @@ -41982,6 +45934,12 @@ func (s *CoipPool) SetLocalGatewayRouteTableId(v string) *CoipPool { return s } +// SetPoolArn sets the PoolArn field's value. +func (s *CoipPool) SetPoolArn(v string) *CoipPool { + s.PoolArn = &v + return s +} + // SetPoolCidrs sets the PoolCidrs field's value. func (s *CoipPool) SetPoolCidrs(v []*string) *CoipPool { s.PoolCidrs = v @@ -42102,7 +46060,8 @@ func (s *ConfirmProductInstanceOutput) SetReturn(v bool) *ConfirmProductInstance type ConnectionLogOptions struct { _ struct{} `type:"structure"` - // The name of the CloudWatch Logs log group. + // The name of the CloudWatch Logs log group. Required if connection logging + // is enabled. CloudwatchLogGroup *string `type:"string"` // The name of the CloudWatch Logs log stream to which the connection data is @@ -42489,29 +46448,25 @@ type CopyImageInput struct { // in the Amazon Elastic Compute Cloud User Guide. Encrypted *bool `locationName:"encrypted" type:"boolean"` - // An identifier for the symmetric AWS Key Management Service (AWS KMS) customer - // master key (CMK) to use when creating the encrypted volume. This parameter - // is only required if you want to use a non-default CMK; if this parameter - // is not specified, the default CMK for EBS is used. If a KmsKeyId is specified, - // the Encrypted flag must also be set. + // The identifier of the symmetric AWS Key Management Service (AWS KMS) customer + // master key (CMK) to use when creating encrypted volumes. If this parameter + // is not specified, your AWS managed CMK for EBS is used. If you specify a + // CMK, you must also set the encrypted state to true. // - // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, - // or alias ARN. When using an alias name, prefix it with "alias/". For example: + // You can specify a CMK using any of the following: // - // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab + // * Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab. // - // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + // * Key alias. For example, alias/ExampleAlias. // - // * Alias name: alias/ExampleAlias + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab. // - // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias + // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // - // AWS parses KmsKeyId asynchronously, meaning that the action you call may - // appear to complete even though you provided an invalid identifier. This action - // will eventually report failure. + // AWS authenticates the CMK asynchronously. Therefore, if you specify an identifier + // that is not valid, the action can appear to complete, but eventually fails. // - // The specified CMK must exist in the Region that the snapshot is being copied - // to. + // The specified CMK must exist in the destination Region. // // Amazon EBS does not support asymmetric CMKs. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` @@ -42670,11 +46625,11 @@ type CopySnapshotInput struct { // // You can specify the CMK using any of the following: // - // * Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. + // * Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab. // // * Key alias. For example, alias/ExampleAlias. // - // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab. // // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // @@ -42903,8 +46858,6 @@ type CreateCapacityReservationInput struct { // Unique, case-sensitive identifier that you provide to ensure the idempotency // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). - // - // Constraint: Maximum 64 ASCII characters. ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -43132,6 +47085,98 @@ func (s *CreateCapacityReservationOutput) SetCapacityReservation(v *CapacityRese return s } +type CreateCarrierGatewayInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The tags to associate with the carrier gateway. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + + // The ID of the VPC to associate with the carrier gateway. + // + // VpcId is a required field + VpcId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateCarrierGatewayInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateCarrierGatewayInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateCarrierGatewayInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateCarrierGatewayInput"} + if s.VpcId == nil { + invalidParams.Add(request.NewErrParamRequired("VpcId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateCarrierGatewayInput) SetClientToken(v string) *CreateCarrierGatewayInput { + s.ClientToken = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateCarrierGatewayInput) SetDryRun(v bool) *CreateCarrierGatewayInput { + s.DryRun = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateCarrierGatewayInput) SetTagSpecifications(v []*TagSpecification) *CreateCarrierGatewayInput { + s.TagSpecifications = v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *CreateCarrierGatewayInput) SetVpcId(v string) *CreateCarrierGatewayInput { + s.VpcId = &v + return s +} + +type CreateCarrierGatewayOutput struct { + _ struct{} `type:"structure"` + + // Information about the carrier gateway. + CarrierGateway *CarrierGateway `locationName:"carrierGateway" type:"structure"` +} + +// String returns the string representation +func (s CreateCarrierGatewayOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateCarrierGatewayOutput) GoString() string { + return s.String() +} + +// SetCarrierGateway sets the CarrierGateway field's value. +func (s *CreateCarrierGatewayOutput) SetCarrierGateway(v *CarrierGateway) *CreateCarrierGatewayOutput { + s.CarrierGateway = v + return s +} + type CreateClientVpnEndpointInput struct { _ struct{} `type:"structure"` @@ -43149,6 +47194,9 @@ type CreateClientVpnEndpointInput struct { // ClientCidrBlock is a required field ClientCidrBlock *string `type:"string" required:"true"` + // The options for managing connection authorization for new client connections. + ClientConnectOptions *ClientConnectOptions `type:"structure"` + // Unique, case-sensitive identifier that you provide to ensure the idempotency // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` @@ -43183,6 +47231,15 @@ type CreateClientVpnEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + // The IDs of one or more security groups to apply to the target network. You + // must also specify the ID of the VPC that contains the security groups. + SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"` + + // Specify whether to enable the self-service portal for the Client VPN endpoint. + // + // Default Value: enabled + SelfServicePortal *string `type:"string" enum:"SelfServicePortal"` + // The ARN of the server certificate. For more information, see the AWS Certificate // Manager User Guide (https://docs.aws.amazon.com/acm/latest/userguide/). // @@ -43205,6 +47262,18 @@ type CreateClientVpnEndpointInput struct { // // Default value: udp TransportProtocol *string `type:"string" enum:"TransportProtocol"` + + // The ID of the VPC to associate with the Client VPN endpoint. If no security + // group IDs are specified in the request, the default security group for the + // VPC is applied. + VpcId *string `type:"string"` + + // The port number to assign to the Client VPN endpoint for TCP and UDP traffic. + // + // Valid Values: 443 | 1194 + // + // Default Value: 443 + VpnPort *int64 `type:"integer"` } // String returns the string representation @@ -43251,6 +47320,12 @@ func (s *CreateClientVpnEndpointInput) SetClientCidrBlock(v string) *CreateClien return s } +// SetClientConnectOptions sets the ClientConnectOptions field's value. +func (s *CreateClientVpnEndpointInput) SetClientConnectOptions(v *ClientConnectOptions) *CreateClientVpnEndpointInput { + s.ClientConnectOptions = v + return s +} + // SetClientToken sets the ClientToken field's value. func (s *CreateClientVpnEndpointInput) SetClientToken(v string) *CreateClientVpnEndpointInput { s.ClientToken = &v @@ -43281,6 +47356,18 @@ func (s *CreateClientVpnEndpointInput) SetDryRun(v bool) *CreateClientVpnEndpoin return s } +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *CreateClientVpnEndpointInput) SetSecurityGroupIds(v []*string) *CreateClientVpnEndpointInput { + s.SecurityGroupIds = v + return s +} + +// SetSelfServicePortal sets the SelfServicePortal field's value. +func (s *CreateClientVpnEndpointInput) SetSelfServicePortal(v string) *CreateClientVpnEndpointInput { + s.SelfServicePortal = &v + return s +} + // SetServerCertificateArn sets the ServerCertificateArn field's value. func (s *CreateClientVpnEndpointInput) SetServerCertificateArn(v string) *CreateClientVpnEndpointInput { s.ServerCertificateArn = &v @@ -43305,6 +47392,18 @@ func (s *CreateClientVpnEndpointInput) SetTransportProtocol(v string) *CreateCli return s } +// SetVpcId sets the VpcId field's value. +func (s *CreateClientVpnEndpointInput) SetVpcId(v string) *CreateClientVpnEndpointInput { + s.VpcId = &v + return s +} + +// SetVpnPort sets the VpnPort field's value. +func (s *CreateClientVpnEndpointInput) SetVpnPort(v int64) *CreateClientVpnEndpointInput { + s.VpnPort = &v + return s +} + type CreateClientVpnEndpointOutput struct { _ struct{} `type:"structure"` @@ -43370,8 +47469,7 @@ type CreateClientVpnRouteInput struct { // * To add a route for an on-premises network, enter the AWS Site-to-Site // VPN connection's IPv4 CIDR range // - // Route address ranges cannot overlap with the CIDR range specified for client - // allocation. + // * To add a route for the local network, enter the client CIDR range // // DestinationCidrBlock is a required field DestinationCidrBlock *string `type:"string" required:"true"` @@ -43385,6 +47483,8 @@ type CreateClientVpnRouteInput struct { // The ID of the subnet through which you want to route traffic. The specified // subnet must be an existing target network of the Client VPN endpoint. // + // Alternatively, if you're adding a route for the local network, specify local. + // // TargetVpcSubnetId is a required field TargetVpcSubnetId *string `type:"string" required:"true"` } @@ -43506,6 +47606,9 @@ type CreateCustomerGatewayInput struct { // The address must be static. PublicIp *string `locationName:"IpAddress" type:"string"` + // The tags to apply to the customer gateway. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The type of VPN connection that this customer gateway supports (ipsec.1). // // Type is a required field @@ -43568,6 +47671,12 @@ func (s *CreateCustomerGatewayInput) SetPublicIp(v string) *CreateCustomerGatewa return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateCustomerGatewayInput) SetTagSpecifications(v []*TagSpecification) *CreateCustomerGatewayInput { + s.TagSpecifications = v + return s +} + // SetType sets the Type field's value. func (s *CreateCustomerGatewayInput) SetType(v string) *CreateCustomerGatewayInput { s.Type = &v @@ -43733,6 +47842,9 @@ type CreateDhcpOptionsInput struct { // the required permissions, the error response is DryRunOperation. Otherwise, // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + + // The tags to assign to the DHCP option. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -43770,6 +47882,12 @@ func (s *CreateDhcpOptionsInput) SetDryRun(v bool) *CreateDhcpOptionsInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateDhcpOptionsInput) SetTagSpecifications(v []*TagSpecification) *CreateDhcpOptionsInput { + s.TagSpecifications = v + return s +} + type CreateDhcpOptionsOutput struct { _ struct{} `type:"structure"` @@ -43806,6 +47924,9 @@ type CreateEgressOnlyInternetGatewayInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + // The tags to assign to the egress-only internet gateway. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The ID of the VPC for which to create the egress-only internet gateway. // // VpcId is a required field @@ -43847,6 +47968,12 @@ func (s *CreateEgressOnlyInternetGatewayInput) SetDryRun(v bool) *CreateEgressOn return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateEgressOnlyInternetGatewayInput) SetTagSpecifications(v []*TagSpecification) *CreateEgressOnlyInternetGatewayInput { + s.TagSpecifications = v + return s +} + // SetVpcId sets the VpcId field's value. func (s *CreateEgressOnlyInternetGatewayInput) SetVpcId(v string) *CreateEgressOnlyInternetGatewayInput { s.VpcId = &v @@ -43977,7 +48104,7 @@ type CreateFleetInput struct { // The key-value pair for tagging the EC2 Fleet request on creation. The value // for ResourceType must be fleet, otherwise the fleet request fails. To tag // instances at launch, specify the tags in the launch template (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template). - // For information about tagging after launch, see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). + // For information about tagging after launch, see Tagging your resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The number of units to request. @@ -43989,13 +48116,22 @@ type CreateFleetInput struct { // expires. TerminateInstancesWithExpiration *bool `type:"boolean"` - // The type of the request. By default, the EC2 Fleet places an asynchronous - // request for your desired capacity, and maintains it by replenishing interrupted - // Spot Instances (maintain). A value of instant places a synchronous one-time - // request, and returns errors for any instances that could not be launched. - // A value of request places an asynchronous one-time request without maintaining - // capacity or submitting requests in alternative capacity pools if capacity - // is unavailable. For more information, see EC2 Fleet Request Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-configuration-strategies.html#ec2-fleet-request-type) + // The type of request. The default value is maintain. + // + // * maintain - The EC2 Fleet plaees an asynchronous request for your desired + // capacity, and continues to maintain your desired Spot capacity by replenishing + // interrupted Spot Instances. + // + // * request - The EC2 Fleet places an asynchronous one-time request for + // your desired capacity, but does submit Spot requests in alternative capacity + // pools if Spot capacity is unavailable, and does not maintain Spot capacity + // if Spot Instances are interrupted. + // + // * instant - The EC2 Fleet places a synchronous one-time request for your + // desired capacity, and returns errors for any instances that could not + // be launched. + // + // For more information, see EC2 Fleet request types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-configuration-strategies.html#ec2-fleet-request-type) // in the Amazon Elastic Compute Cloud User Guide. Type *string `type:"string" enum:"FleetType"` @@ -44290,8 +48426,6 @@ type CreateFlowLogsInput struct { // // Specify the fields using the ${field-id} format, separated by spaces. For // the AWS CLI, use single quotation marks (' ') to surround the parameter value. - // - // Only applicable to flow logs that are published to an Amazon S3 bucket. LogFormat *string `type:"string"` // The name of a new or existing CloudWatch Logs log group where Amazon EC2 @@ -44301,6 +48435,17 @@ type CreateFlowLogsInput struct { // or LogGroupName. LogGroupName *string `type:"string"` + // The maximum interval of time during which a flow of packets is captured and + // aggregated into a flow log record. You can specify 60 seconds (1 minute) + // or 600 seconds (10 minutes). + // + // When a network interface is attached to a Nitro-based instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances), + // the aggregation interval is always 60 seconds or less, regardless of the + // value that you specify. + // + // Default: 600 + MaxAggregationInterval *int64 `type:"integer"` + // The ID of the subnet, network interface, or VPC for which you want to create // a flow log. // @@ -44315,6 +48460,9 @@ type CreateFlowLogsInput struct { // ResourceType is a required field ResourceType *string `type:"string" required:"true" enum:"FlowLogsResourceType"` + // The tags to apply to the flow logs. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The type of traffic to log. You can log traffic that the resource accepts // or rejects, or all traffic. // @@ -44393,6 +48541,12 @@ func (s *CreateFlowLogsInput) SetLogGroupName(v string) *CreateFlowLogsInput { return s } +// SetMaxAggregationInterval sets the MaxAggregationInterval field's value. +func (s *CreateFlowLogsInput) SetMaxAggregationInterval(v int64) *CreateFlowLogsInput { + s.MaxAggregationInterval = &v + return s +} + // SetResourceIds sets the ResourceIds field's value. func (s *CreateFlowLogsInput) SetResourceIds(v []*string) *CreateFlowLogsInput { s.ResourceIds = v @@ -44405,6 +48559,12 @@ func (s *CreateFlowLogsInput) SetResourceType(v string) *CreateFlowLogsInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateFlowLogsInput) SetTagSpecifications(v []*TagSpecification) *CreateFlowLogsInput { + s.TagSpecifications = v + return s +} + // SetTrafficType sets the TrafficType field's value. func (s *CreateFlowLogsInput) SetTrafficType(v string) *CreateFlowLogsInput { s.TrafficType = &v @@ -44709,19 +48869,26 @@ type CreateInstanceExportTaskInput struct { _ struct{} `type:"structure"` // A description for the conversion task or the resource being exported. The - // maximum length is 255 bytes. + // maximum length is 255 characters. Description *string `locationName:"description" type:"string"` // The format and location for an instance export task. - ExportToS3Task *ExportToS3TaskSpecification `locationName:"exportToS3" type:"structure"` + // + // ExportToS3Task is a required field + ExportToS3Task *ExportToS3TaskSpecification `locationName:"exportToS3" type:"structure" required:"true"` // The ID of the instance. // // InstanceId is a required field InstanceId *string `locationName:"instanceId" type:"string" required:"true"` + // The tags to apply to the instance export task during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The target virtualization environment. - TargetEnvironment *string `locationName:"targetEnvironment" type:"string" enum:"ExportEnvironment"` + // + // TargetEnvironment is a required field + TargetEnvironment *string `locationName:"targetEnvironment" type:"string" required:"true" enum:"ExportEnvironment"` } // String returns the string representation @@ -44737,9 +48904,15 @@ func (s CreateInstanceExportTaskInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateInstanceExportTaskInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateInstanceExportTaskInput"} + if s.ExportToS3Task == nil { + invalidParams.Add(request.NewErrParamRequired("ExportToS3Task")) + } if s.InstanceId == nil { invalidParams.Add(request.NewErrParamRequired("InstanceId")) } + if s.TargetEnvironment == nil { + invalidParams.Add(request.NewErrParamRequired("TargetEnvironment")) + } if invalidParams.Len() > 0 { return invalidParams @@ -44765,6 +48938,12 @@ func (s *CreateInstanceExportTaskInput) SetInstanceId(v string) *CreateInstanceE return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateInstanceExportTaskInput) SetTagSpecifications(v []*TagSpecification) *CreateInstanceExportTaskInput { + s.TagSpecifications = v + return s +} + // SetTargetEnvironment sets the TargetEnvironment field's value. func (s *CreateInstanceExportTaskInput) SetTargetEnvironment(v string) *CreateInstanceExportTaskInput { s.TargetEnvironment = &v @@ -44802,6 +48981,9 @@ type CreateInternetGatewayInput struct { // the required permissions, the error response is DryRunOperation. Otherwise, // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + + // The tags to assign to the internet gateway. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -44820,6 +49002,12 @@ func (s *CreateInternetGatewayInput) SetDryRun(v bool) *CreateInternetGatewayInp return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateInternetGatewayInput) SetTagSpecifications(v []*TagSpecification) *CreateInternetGatewayInput { + s.TagSpecifications = v + return s +} + type CreateInternetGatewayOutput struct { _ struct{} `type:"structure"` @@ -44858,6 +49046,9 @@ type CreateKeyPairInput struct { // // KeyName is a required field KeyName *string `type:"string" required:"true"` + + // The tags to apply to the new key pair. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -44895,6 +49086,12 @@ func (s *CreateKeyPairInput) SetKeyName(v string) *CreateKeyPairInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateKeyPairInput) SetTagSpecifications(v []*TagSpecification) *CreateKeyPairInput { + s.TagSpecifications = v + return s +} + // Describes a key pair. type CreateKeyPairOutput struct { _ struct{} `type:"structure"` @@ -44910,6 +49107,9 @@ type CreateKeyPairOutput struct { // The ID of the key pair. KeyPairId *string `locationName:"keyPairId" type:"string"` + + // Any tags applied to the key pair. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -44946,6 +49146,12 @@ func (s *CreateKeyPairOutput) SetKeyPairId(v string) *CreateKeyPairOutput { return s } +// SetTags sets the Tags field's value. +func (s *CreateKeyPairOutput) SetTags(v []*Tag) *CreateKeyPairOutput { + s.Tags = v + return s +} + type CreateLaunchTemplateInput struct { _ struct{} `type:"structure"` @@ -45053,6 +49259,11 @@ type CreateLaunchTemplateOutput struct { // Information about the launch template. LaunchTemplate *LaunchTemplate `locationName:"launchTemplate" type:"structure"` + + // If the launch template contains parameters or parameter combinations that + // are not valid, an error code and an error message are returned for each issue + // that's found. + Warning *ValidationWarning `locationName:"warning" type:"structure"` } // String returns the string representation @@ -45071,6 +49282,12 @@ func (s *CreateLaunchTemplateOutput) SetLaunchTemplate(v *LaunchTemplate) *Creat return s } +// SetWarning sets the Warning field's value. +func (s *CreateLaunchTemplateOutput) SetWarning(v *ValidationWarning) *CreateLaunchTemplateOutput { + s.Warning = v + return s +} + type CreateLaunchTemplateVersionInput struct { _ struct{} `type:"structure"` @@ -45188,6 +49405,11 @@ type CreateLaunchTemplateVersionOutput struct { // Information about the launch template version. LaunchTemplateVersion *LaunchTemplateVersion `locationName:"launchTemplateVersion" type:"structure"` + + // If the new version of the launch template contains parameters or parameter + // combinations that are not valid, an error code and an error message are returned + // for each issue that's found. + Warning *ValidationWarning `locationName:"warning" type:"structure"` } // String returns the string representation @@ -45206,6 +49428,12 @@ func (s *CreateLaunchTemplateVersionOutput) SetLaunchTemplateVersion(v *LaunchTe return s } +// SetWarning sets the Warning field's value. +func (s *CreateLaunchTemplateVersionOutput) SetWarning(v *ValidationWarning) *CreateLaunchTemplateVersionOutput { + s.Warning = v + return s +} + type CreateLocalGatewayRouteInput struct { _ struct{} `type:"structure"` @@ -45322,6 +49550,9 @@ type CreateLocalGatewayRouteTableVpcAssociationInput struct { // LocalGatewayRouteTableId is a required field LocalGatewayRouteTableId *string `type:"string" required:"true"` + // The tags to assign to the local gateway route table VPC association. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The ID of the VPC. // // VpcId is a required field @@ -45366,6 +49597,12 @@ func (s *CreateLocalGatewayRouteTableVpcAssociationInput) SetLocalGatewayRouteTa return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateLocalGatewayRouteTableVpcAssociationInput) SetTagSpecifications(v []*TagSpecification) *CreateLocalGatewayRouteTableVpcAssociationInput { + s.TagSpecifications = v + return s +} + // SetVpcId sets the VpcId field's value. func (s *CreateLocalGatewayRouteTableVpcAssociationInput) SetVpcId(v string) *CreateLocalGatewayRouteTableVpcAssociationInput { s.VpcId = &v @@ -45395,6 +49632,151 @@ func (s *CreateLocalGatewayRouteTableVpcAssociationOutput) SetLocalGatewayRouteT return s } +type CreateManagedPrefixListInput struct { + _ struct{} `type:"structure"` + + // The IP address type. + // + // Valid Values: IPv4 | IPv6 + // + // AddressFamily is a required field + AddressFamily *string `type:"string" required:"true"` + + // Unique, case-sensitive identifier you provide to ensure the idempotency of + // the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // + // Constraints: Up to 255 UTF-8 characters in length. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more entries for the prefix list. + Entries []*AddPrefixListEntry `locationName:"Entry" type:"list"` + + // The maximum number of entries for the prefix list. + // + // MaxEntries is a required field + MaxEntries *int64 `type:"integer" required:"true"` + + // A name for the prefix list. + // + // Constraints: Up to 255 characters in length. The name cannot start with com.amazonaws. + // + // PrefixListName is a required field + PrefixListName *string `type:"string" required:"true"` + + // The tags to apply to the prefix list during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s CreateManagedPrefixListInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateManagedPrefixListInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateManagedPrefixListInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateManagedPrefixListInput"} + if s.AddressFamily == nil { + invalidParams.Add(request.NewErrParamRequired("AddressFamily")) + } + if s.MaxEntries == nil { + invalidParams.Add(request.NewErrParamRequired("MaxEntries")) + } + if s.PrefixListName == nil { + invalidParams.Add(request.NewErrParamRequired("PrefixListName")) + } + if s.Entries != nil { + for i, v := range s.Entries { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Entries", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAddressFamily sets the AddressFamily field's value. +func (s *CreateManagedPrefixListInput) SetAddressFamily(v string) *CreateManagedPrefixListInput { + s.AddressFamily = &v + return s +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateManagedPrefixListInput) SetClientToken(v string) *CreateManagedPrefixListInput { + s.ClientToken = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateManagedPrefixListInput) SetDryRun(v bool) *CreateManagedPrefixListInput { + s.DryRun = &v + return s +} + +// SetEntries sets the Entries field's value. +func (s *CreateManagedPrefixListInput) SetEntries(v []*AddPrefixListEntry) *CreateManagedPrefixListInput { + s.Entries = v + return s +} + +// SetMaxEntries sets the MaxEntries field's value. +func (s *CreateManagedPrefixListInput) SetMaxEntries(v int64) *CreateManagedPrefixListInput { + s.MaxEntries = &v + return s +} + +// SetPrefixListName sets the PrefixListName field's value. +func (s *CreateManagedPrefixListInput) SetPrefixListName(v string) *CreateManagedPrefixListInput { + s.PrefixListName = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateManagedPrefixListInput) SetTagSpecifications(v []*TagSpecification) *CreateManagedPrefixListInput { + s.TagSpecifications = v + return s +} + +type CreateManagedPrefixListOutput struct { + _ struct{} `type:"structure"` + + // Information about the prefix list. + PrefixList *ManagedPrefixList `locationName:"prefixList" type:"structure"` +} + +// String returns the string representation +func (s CreateManagedPrefixListOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateManagedPrefixListOutput) GoString() string { + return s.String() +} + +// SetPrefixList sets the PrefixList field's value. +func (s *CreateManagedPrefixListOutput) SetPrefixList(v *ManagedPrefixList) *CreateManagedPrefixListOutput { + s.PrefixList = v + return s +} + type CreateNatGatewayInput struct { _ struct{} `type:"structure"` @@ -45409,12 +49791,21 @@ type CreateNatGatewayInput struct { // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraint: Maximum 64 ASCII characters. - ClientToken *string `type:"string"` + ClientToken *string `type:"string" idempotencyToken:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` // The subnet in which to create the NAT gateway. // // SubnetId is a required field SubnetId *string `type:"string" required:"true"` + + // The tags to assign to the NAT gateway. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -45455,12 +49846,24 @@ func (s *CreateNatGatewayInput) SetClientToken(v string) *CreateNatGatewayInput return s } +// SetDryRun sets the DryRun field's value. +func (s *CreateNatGatewayInput) SetDryRun(v bool) *CreateNatGatewayInput { + s.DryRun = &v + return s +} + // SetSubnetId sets the SubnetId field's value. func (s *CreateNatGatewayInput) SetSubnetId(v string) *CreateNatGatewayInput { s.SubnetId = &v return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateNatGatewayInput) SetTagSpecifications(v []*TagSpecification) *CreateNatGatewayInput { + s.TagSpecifications = v + return s +} + type CreateNatGatewayOutput struct { _ struct{} `type:"structure"` @@ -45498,6 +49901,8 @@ type CreateNetworkAclEntryInput struct { _ struct{} `type:"structure"` // The IPv4 network range to allow or deny, in CIDR notation (for example 172.16.0.0/24). + // We modify the specified CIDR block to its canonical form; for example, if + // you specify 100.68.0.18/18, we modify it to 100.68.0.0/18. CidrBlock *string `locationName:"cidrBlock" type:"string"` // Checks whether you have the required permissions for the action, without @@ -45672,6 +50077,9 @@ type CreateNetworkAclInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + // The tags to assign to the network ACL. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The ID of the VPC. // // VpcId is a required field @@ -45707,6 +50115,12 @@ func (s *CreateNetworkAclInput) SetDryRun(v bool) *CreateNetworkAclInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateNetworkAclInput) SetTagSpecifications(v []*TagSpecification) *CreateNetworkAclInput { + s.TagSpecifications = v + return s +} + // SetVpcId sets the VpcId field's value. func (s *CreateNetworkAclInput) SetVpcId(v string) *CreateNetworkAclInput { s.VpcId = &v @@ -45793,6 +50207,9 @@ type CreateNetworkInterfaceInput struct { // // SubnetId is a required field SubnetId *string `locationName:"subnetId" type:"string" required:"true"` + + // The tags to apply to the new network interface. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -45878,6 +50295,12 @@ func (s *CreateNetworkInterfaceInput) SetSubnetId(v string) *CreateNetworkInterf return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateNetworkInterfaceInput) SetTagSpecifications(v []*TagSpecification) *CreateNetworkInterfaceInput { + s.TagSpecifications = v + return s +} + // Contains the output of CreateNetworkInterface. type CreateNetworkInterfaceOutput struct { _ struct{} `type:"structure"` @@ -46029,6 +50452,9 @@ type CreatePlacementGroupInput struct { // The placement strategy. Strategy *string `locationName:"strategy" type:"string" enum:"PlacementStrategy"` + + // The tags to apply to the new placement group. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -46065,8 +50491,17 @@ func (s *CreatePlacementGroupInput) SetStrategy(v string) *CreatePlacementGroupI return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreatePlacementGroupInput) SetTagSpecifications(v []*TagSpecification) *CreatePlacementGroupInput { + s.TagSpecifications = v + return s +} + type CreatePlacementGroupOutput struct { _ struct{} `type:"structure"` + + // Describes a placement group. + PlacementGroup *PlacementGroup `locationName:"placementGroup" type:"structure"` } // String returns the string representation @@ -46079,6 +50514,12 @@ func (s CreatePlacementGroupOutput) GoString() string { return s.String() } +// SetPlacementGroup sets the PlacementGroup field's value. +func (s *CreatePlacementGroupOutput) SetPlacementGroup(v *PlacementGroup) *CreatePlacementGroupOutput { + s.PlacementGroup = v + return s +} + // Contains the parameters for CreateReservedInstancesListing. type CreateReservedInstancesListingInput struct { _ struct{} `type:"structure"` @@ -46193,14 +50634,25 @@ func (s *CreateReservedInstancesListingOutput) SetReservedInstancesListings(v [] type CreateRouteInput struct { _ struct{} `type:"structure"` + // The ID of the carrier gateway. + // + // You can only use this option when the VPC contains a subnet which is associated + // with a Wavelength Zone. + CarrierGatewayId *string `type:"string"` + // The IPv4 CIDR address block used for the destination match. Routing decisions - // are based on the most specific match. + // are based on the most specific match. We modify the specified CIDR block + // to its canonical form; for example, if you specify 100.68.0.18/18, we modify + // it to 100.68.0.0/18. DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` // The IPv6 CIDR block used for the destination match. Routing decisions are // based on the most specific match. DestinationIpv6CidrBlock *string `locationName:"destinationIpv6CidrBlock" type:"string"` + // The ID of a prefix list used for the destination match. + DestinationPrefixListId *string `type:"string"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -46262,6 +50714,12 @@ func (s *CreateRouteInput) Validate() error { return nil } +// SetCarrierGatewayId sets the CarrierGatewayId field's value. +func (s *CreateRouteInput) SetCarrierGatewayId(v string) *CreateRouteInput { + s.CarrierGatewayId = &v + return s +} + // SetDestinationCidrBlock sets the DestinationCidrBlock field's value. func (s *CreateRouteInput) SetDestinationCidrBlock(v string) *CreateRouteInput { s.DestinationCidrBlock = &v @@ -46274,6 +50732,12 @@ func (s *CreateRouteInput) SetDestinationIpv6CidrBlock(v string) *CreateRouteInp return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *CreateRouteInput) SetDestinationPrefixListId(v string) *CreateRouteInput { + s.DestinationPrefixListId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateRouteInput) SetDryRun(v bool) *CreateRouteInput { s.DryRun = &v @@ -46366,6 +50830,9 @@ type CreateRouteTableInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + // The tags to assign to the route table. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The ID of the VPC. // // VpcId is a required field @@ -46401,6 +50868,12 @@ func (s *CreateRouteTableInput) SetDryRun(v bool) *CreateRouteTableInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateRouteTableInput) SetTagSpecifications(v []*TagSpecification) *CreateRouteTableInput { + s.TagSpecifications = v + return s +} + // SetVpcId sets the VpcId field's value. func (s *CreateRouteTableInput) SetVpcId(v string) *CreateRouteTableInput { s.VpcId = &v @@ -46461,6 +50934,9 @@ type CreateSecurityGroupInput struct { // GroupName is a required field GroupName *string `type:"string" required:"true"` + // The tags to assign to the security group. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // [EC2-VPC] The ID of the VPC. Required for EC2-VPC. VpcId *string `type:"string"` } @@ -46509,6 +50985,12 @@ func (s *CreateSecurityGroupInput) SetGroupName(v string) *CreateSecurityGroupIn return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateSecurityGroupInput) SetTagSpecifications(v []*TagSpecification) *CreateSecurityGroupInput { + s.TagSpecifications = v + return s +} + // SetVpcId sets the VpcId field's value. func (s *CreateSecurityGroupInput) SetVpcId(v string) *CreateSecurityGroupInput { s.VpcId = &v @@ -46520,6 +51002,9 @@ type CreateSecurityGroupOutput struct { // The ID of the security group. GroupId *string `locationName:"groupId" type:"string"` + + // The tags assigned to the security group. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -46538,6 +51023,12 @@ func (s *CreateSecurityGroupOutput) SetGroupId(v string) *CreateSecurityGroupOut return s } +// SetTags sets the Tags field's value. +func (s *CreateSecurityGroupOutput) SetTags(v []*Tag) *CreateSecurityGroupOutput { + s.Tags = v + return s +} + type CreateSnapshotInput struct { _ struct{} `type:"structure"` @@ -46710,7 +51201,10 @@ func (s *CreateSnapshotsOutput) SetSnapshots(v []*SnapshotInfo) *CreateSnapshots type CreateSpotDatafeedSubscriptionInput struct { _ struct{} `type:"structure"` - // The Amazon S3 bucket in which to store the Spot Instance data feed. + // The name of the Amazon S3 bucket in which to store the Spot Instance data + // feed. For more information about bucket names, see Rules for bucket naming + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) + // in the Amazon S3 Developer Guide. // // Bucket is a required field Bucket *string `locationName:"bucket" type:"string" required:"true"` @@ -46721,7 +51215,7 @@ type CreateSpotDatafeedSubscriptionInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // A prefix for the data feed file names. + // The prefix for the data feed file names. Prefix *string `locationName:"prefix" type:"string"` } @@ -46802,12 +51296,17 @@ type CreateSubnetInput struct { // for example us-west-2-lax-1a. For information about the Regions that support // Local Zones, see Available Regions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions) // in the Amazon Elastic Compute Cloud User Guide. + // + // To create a subnet in an Outpost, set this value to the Availability Zone + // for the Outpost and specify the Outpost ARN. AvailabilityZone *string `type:"string"` // The AZ ID or the Local Zone ID of the subnet. AvailabilityZoneId *string `type:"string"` // The IPv4 network range for the subnet, in CIDR notation. For example, 10.0.0.0/24. + // We modify the specified CIDR block to its canonical form; for example, if + // you specify 100.68.0.18/18, we modify it to 100.68.0.0/18. // // CidrBlock is a required field CidrBlock *string `type:"string" required:"true"` @@ -46822,9 +51321,13 @@ type CreateSubnetInput struct { // must use a /64 prefix length. Ipv6CidrBlock *string `type:"string"` - // The Amazon Resource Name (ARN) of the Outpost. + // The Amazon Resource Name (ARN) of the Outpost. If you specify an Outpost + // ARN, you must also specify the Availability Zone of the Outpost subnet. OutpostArn *string `type:"string"` + // The tags to assign to the subnet. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The ID of the VPC. // // VpcId is a required field @@ -46893,6 +51396,12 @@ func (s *CreateSubnetInput) SetOutpostArn(v string) *CreateSubnetInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateSubnetInput) SetTagSpecifications(v []*TagSpecification) *CreateSubnetInput { + s.TagSpecifications = v + return s +} + // SetVpcId sets the VpcId field's value. func (s *CreateSubnetInput) SetVpcId(v string) *CreateSubnetInput { s.VpcId = &v @@ -47869,6 +52378,111 @@ func (s *CreateTransitGatewayPeeringAttachmentOutput) SetTransitGatewayPeeringAt return s } +type CreateTransitGatewayPrefixListReferenceInput struct { + _ struct{} `type:"structure"` + + // Indicates whether to drop traffic that matches this route. + Blackhole *bool `type:"boolean"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the prefix list that is used for destination matches. + // + // PrefixListId is a required field + PrefixListId *string `type:"string" required:"true"` + + // The ID of the attachment to which traffic is routed. + TransitGatewayAttachmentId *string `type:"string"` + + // The ID of the transit gateway route table. + // + // TransitGatewayRouteTableId is a required field + TransitGatewayRouteTableId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateTransitGatewayPrefixListReferenceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayPrefixListReferenceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTransitGatewayPrefixListReferenceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTransitGatewayPrefixListReferenceInput"} + if s.PrefixListId == nil { + invalidParams.Add(request.NewErrParamRequired("PrefixListId")) + } + if s.TransitGatewayRouteTableId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayRouteTableId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBlackhole sets the Blackhole field's value. +func (s *CreateTransitGatewayPrefixListReferenceInput) SetBlackhole(v bool) *CreateTransitGatewayPrefixListReferenceInput { + s.Blackhole = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTransitGatewayPrefixListReferenceInput) SetDryRun(v bool) *CreateTransitGatewayPrefixListReferenceInput { + s.DryRun = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *CreateTransitGatewayPrefixListReferenceInput) SetPrefixListId(v string) *CreateTransitGatewayPrefixListReferenceInput { + s.PrefixListId = &v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *CreateTransitGatewayPrefixListReferenceInput) SetTransitGatewayAttachmentId(v string) *CreateTransitGatewayPrefixListReferenceInput { + s.TransitGatewayAttachmentId = &v + return s +} + +// SetTransitGatewayRouteTableId sets the TransitGatewayRouteTableId field's value. +func (s *CreateTransitGatewayPrefixListReferenceInput) SetTransitGatewayRouteTableId(v string) *CreateTransitGatewayPrefixListReferenceInput { + s.TransitGatewayRouteTableId = &v + return s +} + +type CreateTransitGatewayPrefixListReferenceOutput struct { + _ struct{} `type:"structure"` + + // Information about the prefix list reference. + TransitGatewayPrefixListReference *TransitGatewayPrefixListReference `locationName:"transitGatewayPrefixListReference" type:"structure"` +} + +// String returns the string representation +func (s CreateTransitGatewayPrefixListReferenceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayPrefixListReferenceOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayPrefixListReference sets the TransitGatewayPrefixListReference field's value. +func (s *CreateTransitGatewayPrefixListReferenceOutput) SetTransitGatewayPrefixListReference(v *TransitGatewayPrefixListReference) *CreateTransitGatewayPrefixListReferenceOutput { + s.TransitGatewayPrefixListReference = v + return s +} + type CreateTransitGatewayRouteInput struct { _ struct{} `type:"structure"` @@ -48183,10 +52797,15 @@ func (s *CreateTransitGatewayVpcAttachmentOutput) SetTransitGatewayVpcAttachment type CreateTransitGatewayVpcAttachmentRequestOptions struct { _ struct{} `type:"structure"` + // Enable or disable support for appliance mode. If enabled, a traffic flow + // between a source and destination uses the same Availability Zone for the + // VPC attachment for the lifetime of that flow. The default is disable. + ApplianceModeSupport *string `type:"string" enum:"ApplianceModeSupportValue"` + // Enable or disable DNS support. The default is enable. DnsSupport *string `type:"string" enum:"DnsSupportValue"` - // Enable or disable IPv6 support. The default is enable. + // Enable or disable IPv6 support. Ipv6Support *string `type:"string" enum:"Ipv6SupportValue"` } @@ -48200,6 +52819,12 @@ func (s CreateTransitGatewayVpcAttachmentRequestOptions) GoString() string { return s.String() } +// SetApplianceModeSupport sets the ApplianceModeSupport field's value. +func (s *CreateTransitGatewayVpcAttachmentRequestOptions) SetApplianceModeSupport(v string) *CreateTransitGatewayVpcAttachmentRequestOptions { + s.ApplianceModeSupport = &v + return s +} + // SetDnsSupport sets the DnsSupport field's value. func (s *CreateTransitGatewayVpcAttachmentRequestOptions) SetDnsSupport(v string) *CreateTransitGatewayVpcAttachmentRequestOptions { s.DnsSupport = &v @@ -48229,22 +52854,22 @@ type CreateVolumeInput struct { // Specifies whether the volume should be encrypted. The effect of setting the // encryption state to true depends on the volume origin (new or from a snapshot), // starting encryption state, ownership, and whether encryption by default is - // enabled. For more information, see Encryption by Default (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) + // enabled. For more information, see Encryption by default (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) // in the Amazon Elastic Compute Cloud User Guide. // // Encrypted Amazon EBS volumes must be attached to instances that support Amazon - // EBS encryption. For more information, see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). + // EBS encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). Encrypted *bool `locationName:"encrypted" type:"boolean"` - // The number of I/O operations per second (IOPS) to provision for the volume, - // with a maximum ratio of 50 IOPS/GiB. Range is 100 to 64,000 IOPS for volumes - // in most Regions. Maximum IOPS of 64,000 is guaranteed only on Nitro-based - // instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // The number of I/O operations per second (IOPS) to provision for an io1 or + // io2 volume, with a maximum ratio of 50 IOPS/GiB for io1, and 500 IOPS/GiB + // for io2. Range is 100 to 64,000 IOPS for volumes in most Regions. Maximum + // IOPS of 64,000 is guaranteed only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). // Other instance families guarantee performance up to 32,000 IOPS. For more - // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // - // This parameter is valid only for Provisioned IOPS SSD (io1) volumes. + // This parameter is valid only for Provisioned IOPS SSD (io1 and io2) volumes. Iops *int64 `type:"integer"` // The identifier of the AWS Key Management Service (AWS KMS) customer master @@ -48254,11 +52879,11 @@ type CreateVolumeInput struct { // // You can specify the CMK using any of the following: // - // * Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. + // * Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab. // // * Key alias. For example, alias/ExampleAlias. // - // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab. // // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // @@ -48267,32 +52892,37 @@ type CreateVolumeInput struct { // fails. KmsKeyId *string `type:"string"` + // Specifies whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, + // you can attach the volume to up to 16 Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) + // in the same Availability Zone. For more information, see Amazon EBS Multi-Attach + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html) + // in the Amazon Elastic Compute Cloud User Guide. + MultiAttachEnabled *bool `type:"boolean"` + // The Amazon Resource Name (ARN) of the Outpost. OutpostArn *string `type:"string"` - // The size of the volume, in GiBs. + // The size of the volume, in GiBs. You must specify either a snapshot ID or + // a volume size. // - // Constraints: 1-16,384 for gp2, 4-16,384 for io1, 500-16,384 for st1, 500-16,384 - // for sc1, and 1-1,024 for standard. If you specify a snapshot, the volume - // size must be equal to or larger than the snapshot size. + // Constraints: 1-16,384 for gp2, 4-16,384 for io1 and io2, 500-16,384 for st1, + // 500-16,384 for sc1, and 1-1,024 for standard. If you specify a snapshot, + // the volume size must be equal to or larger than the snapshot size. // // Default: If you're creating the volume from a snapshot and don't specify // a volume size, the default is the snapshot size. - // - // At least one of Size or SnapshotId is required. Size *int64 `type:"integer"` - // The snapshot from which to create the volume. - // - // At least one of Size or SnapshotId are required. + // The snapshot from which to create the volume. You must specify either a snapshot + // ID or a volume size. SnapshotId *string `type:"string"` // The tags to apply to the volume during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The volume type. This can be gp2 for General Purpose SSD, io1 for Provisioned - // IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, or standard - // for Magnetic volumes. + // The volume type. This can be gp2 for General Purpose SSD, io1 or io2 for + // Provisioned IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, + // or standard for Magnetic volumes. // // Default: gp2 VolumeType *string `type:"string" enum:"VolumeType"` @@ -48351,6 +52981,12 @@ func (s *CreateVolumeInput) SetKmsKeyId(v string) *CreateVolumeInput { return s } +// SetMultiAttachEnabled sets the MultiAttachEnabled field's value. +func (s *CreateVolumeInput) SetMultiAttachEnabled(v bool) *CreateVolumeInput { + s.MultiAttachEnabled = &v + return s +} + // SetOutpostArn sets the OutpostArn field's value. func (s *CreateVolumeInput) SetOutpostArn(v string) *CreateVolumeInput { s.OutpostArn = &v @@ -48625,6 +53261,9 @@ type CreateVpcEndpointInput struct { // endpoint network interface. SubnetIds []*string `locationName:"SubnetId" locationNameList:"item" type:"list"` + // The tags to associate with the endpoint. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The type of endpoint. // // Default: Gateway @@ -48710,6 +53349,12 @@ func (s *CreateVpcEndpointInput) SetSubnetIds(v []*string) *CreateVpcEndpointInp return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateVpcEndpointInput) SetTagSpecifications(v []*TagSpecification) *CreateVpcEndpointInput { + s.TagSpecifications = v + return s +} + // SetVpcEndpointType sets the VpcEndpointType field's value. func (s *CreateVpcEndpointInput) SetVpcEndpointType(v string) *CreateVpcEndpointInput { s.VpcEndpointType = &v @@ -48781,6 +53426,9 @@ type CreateVpcEndpointServiceConfigurationInput struct { // The private DNS name to assign to the VPC endpoint service. PrivateDnsName *string `type:"string"` + + // The tags to associate with the service. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -48836,6 +53484,12 @@ func (s *CreateVpcEndpointServiceConfigurationInput) SetPrivateDnsName(v string) return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateVpcEndpointServiceConfigurationInput) SetTagSpecifications(v []*TagSpecification) *CreateVpcEndpointServiceConfigurationInput { + s.TagSpecifications = v + return s +} + type CreateVpcEndpointServiceConfigurationOutput struct { _ struct{} `type:"structure"` @@ -48878,6 +53532,8 @@ type CreateVpcInput struct { AmazonProvidedIpv6CidrBlock *bool `locationName:"amazonProvidedIpv6CidrBlock" type:"boolean"` // The IPv4 network range for the VPC, in CIDR notation. For example, 10.0.0.0/16. + // We modify the specified CIDR block to its canonical form; for example, if + // you specify 100.68.0.18/18, we modify it to 100.68.0.0/18. // // CidrBlock is a required field CidrBlock *string `type:"string" required:"true"` @@ -48900,11 +53556,23 @@ type CreateVpcInput struct { // Default: default InstanceTenancy *string `locationName:"instanceTenancy" type:"string" enum:"Tenancy"` + // The IPv6 CIDR block from the IPv6 address pool. You must also specify Ipv6Pool + // in the request. + // + // To let Amazon choose the IPv6 CIDR block for you, omit this parameter. + Ipv6CidrBlock *string `type:"string"` + // The name of the location from which we advertise the IPV6 CIDR block. Use // this parameter to limit the address to this location. // // You must set AmazonProvidedIpv6CidrBlock to true to use this parameter. Ipv6CidrBlockNetworkBorderGroup *string `type:"string"` + + // The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block. + Ipv6Pool *string `type:"string"` + + // The tags to assign to the VPC. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -48954,12 +53622,30 @@ func (s *CreateVpcInput) SetInstanceTenancy(v string) *CreateVpcInput { return s } +// SetIpv6CidrBlock sets the Ipv6CidrBlock field's value. +func (s *CreateVpcInput) SetIpv6CidrBlock(v string) *CreateVpcInput { + s.Ipv6CidrBlock = &v + return s +} + // SetIpv6CidrBlockNetworkBorderGroup sets the Ipv6CidrBlockNetworkBorderGroup field's value. func (s *CreateVpcInput) SetIpv6CidrBlockNetworkBorderGroup(v string) *CreateVpcInput { s.Ipv6CidrBlockNetworkBorderGroup = &v return s } +// SetIpv6Pool sets the Ipv6Pool field's value. +func (s *CreateVpcInput) SetIpv6Pool(v string) *CreateVpcInput { + s.Ipv6Pool = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateVpcInput) SetTagSpecifications(v []*TagSpecification) *CreateVpcInput { + s.TagSpecifications = v + return s +} + type CreateVpcOutput struct { _ struct{} `type:"structure"` @@ -49007,6 +53693,9 @@ type CreateVpcPeeringConnectionInput struct { // You must specify this parameter in the request. PeerVpcId *string `locationName:"peerVpcId" type:"string"` + // The tags to assign to the peering connection. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The ID of the requester VPC. You must specify this parameter in the request. VpcId *string `locationName:"vpcId" type:"string"` } @@ -49045,6 +53734,12 @@ func (s *CreateVpcPeeringConnectionInput) SetPeerVpcId(v string) *CreateVpcPeeri return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateVpcPeeringConnectionInput) SetTagSpecifications(v []*TagSpecification) *CreateVpcPeeringConnectionInput { + s.TagSpecifications = v + return s +} + // SetVpcId sets the VpcId field's value. func (s *CreateVpcPeeringConnectionInput) SetVpcId(v string) *CreateVpcPeeringConnectionInput { s.VpcId = &v @@ -49092,6 +53787,9 @@ type CreateVpnConnectionInput struct { // The options for the VPN connection. Options *VpnConnectionOptionsSpecification `locationName:"options" type:"structure"` + // The tags to apply to the VPN connection. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The ID of the transit gateway. If you specify a transit gateway, you cannot // specify a virtual private gateway. TransitGatewayId *string `type:"string"` @@ -49150,6 +53848,12 @@ func (s *CreateVpnConnectionInput) SetOptions(v *VpnConnectionOptionsSpecificati return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateVpnConnectionInput) SetTagSpecifications(v []*TagSpecification) *CreateVpnConnectionInput { + s.TagSpecifications = v + return s +} + // SetTransitGatewayId sets the TransitGatewayId field's value. func (s *CreateVpnConnectionInput) SetTransitGatewayId(v string) *CreateVpnConnectionInput { s.TransitGatewayId = &v @@ -49279,6 +53983,9 @@ type CreateVpnGatewayInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + // The tags to apply to the virtual private gateway. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The type of VPN connection this virtual private gateway supports. // // Type is a required field @@ -49326,6 +54033,12 @@ func (s *CreateVpnGatewayInput) SetDryRun(v bool) *CreateVpnGatewayInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateVpnGatewayInput) SetTagSpecifications(v []*TagSpecification) *CreateVpnGatewayInput { + s.TagSpecifications = v + return s +} + // SetType sets the Type field's value. func (s *CreateVpnGatewayInput) SetType(v string) *CreateVpnGatewayInput { s.Type = &v @@ -49356,12 +54069,12 @@ func (s *CreateVpnGatewayOutput) SetVpnGateway(v *VpnGateway) *CreateVpnGatewayO return s } -// Describes the credit option for CPU usage of a T2 or T3 instance. +// Describes the credit option for CPU usage of a T2, T3, or T3a instance. type CreditSpecification struct { _ struct{} `type:"structure"` - // The credit option for CPU usage of a T2 or T3 instance. Valid values are - // standard and unlimited. + // The credit option for CPU usage of a T2, T3, or T3a instance. Valid values + // are standard and unlimited. CpuCredits *string `locationName:"cpuCredits" type:"string"` } @@ -49381,12 +54094,12 @@ func (s *CreditSpecification) SetCpuCredits(v string) *CreditSpecification { return s } -// The credit option for CPU usage of a T2 or T3 instance. +// The credit option for CPU usage of a T2, T3, or T3a instance. type CreditSpecificationRequest struct { _ struct{} `type:"structure"` - // The credit option for CPU usage of a T2 or T3 instance. Valid values are - // standard and unlimited. + // The credit option for CPU usage of a T2, T3, or T3a instance. Valid values + // are standard and unlimited. // // CpuCredits is a required field CpuCredits *string `type:"string" required:"true"` @@ -49510,6 +54223,79 @@ func (s *CustomerGateway) SetType(v string) *CustomerGateway { return s } +type DeleteCarrierGatewayInput struct { + _ struct{} `type:"structure"` + + // The ID of the carrier gateway. + // + // CarrierGatewayId is a required field + CarrierGatewayId *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s DeleteCarrierGatewayInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteCarrierGatewayInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteCarrierGatewayInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteCarrierGatewayInput"} + if s.CarrierGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("CarrierGatewayId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCarrierGatewayId sets the CarrierGatewayId field's value. +func (s *DeleteCarrierGatewayInput) SetCarrierGatewayId(v string) *DeleteCarrierGatewayInput { + s.CarrierGatewayId = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteCarrierGatewayInput) SetDryRun(v bool) *DeleteCarrierGatewayInput { + s.DryRun = &v + return s +} + +type DeleteCarrierGatewayOutput struct { + _ struct{} `type:"structure"` + + // Information about the carrier gateway. + CarrierGateway *CarrierGateway `locationName:"carrierGateway" type:"structure"` +} + +// String returns the string representation +func (s DeleteCarrierGatewayOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteCarrierGatewayOutput) GoString() string { + return s.String() +} + +// SetCarrierGateway sets the CarrierGateway field's value. +func (s *DeleteCarrierGatewayOutput) SetCarrierGateway(v *CarrierGateway) *DeleteCarrierGatewayOutput { + s.CarrierGateway = v + return s +} + type DeleteClientVpnEndpointInput struct { _ struct{} `type:"structure"` @@ -50308,9 +55094,10 @@ type DeleteKeyPairInput struct { DryRun *bool `locationName:"dryRun" type:"boolean"` // The name of the key pair. - // - // KeyName is a required field - KeyName *string `type:"string" required:"true"` + KeyName *string `type:"string"` + + // The ID of the key pair. + KeyPairId *string `type:"string"` } // String returns the string representation @@ -50323,19 +55110,6 @@ func (s DeleteKeyPairInput) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteKeyPairInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteKeyPairInput"} - if s.KeyName == nil { - invalidParams.Add(request.NewErrParamRequired("KeyName")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - // SetDryRun sets the DryRun field's value. func (s *DeleteKeyPairInput) SetDryRun(v bool) *DeleteKeyPairInput { s.DryRun = &v @@ -50348,6 +55122,12 @@ func (s *DeleteKeyPairInput) SetKeyName(v string) *DeleteKeyPairInput { return s } +// SetKeyPairId sets the KeyPairId field's value. +func (s *DeleteKeyPairInput) SetKeyPairId(v string) *DeleteKeyPairInput { + s.KeyPairId = &v + return s +} + type DeleteKeyPairOutput struct { _ struct{} `type:"structure"` } @@ -50802,9 +55582,88 @@ func (s *DeleteLocalGatewayRouteTableVpcAssociationOutput) SetLocalGatewayRouteT return s } +type DeleteManagedPrefixListInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the prefix list. + // + // PrefixListId is a required field + PrefixListId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteManagedPrefixListInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteManagedPrefixListInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteManagedPrefixListInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteManagedPrefixListInput"} + if s.PrefixListId == nil { + invalidParams.Add(request.NewErrParamRequired("PrefixListId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteManagedPrefixListInput) SetDryRun(v bool) *DeleteManagedPrefixListInput { + s.DryRun = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *DeleteManagedPrefixListInput) SetPrefixListId(v string) *DeleteManagedPrefixListInput { + s.PrefixListId = &v + return s +} + +type DeleteManagedPrefixListOutput struct { + _ struct{} `type:"structure"` + + // Information about the prefix list. + PrefixList *ManagedPrefixList `locationName:"prefixList" type:"structure"` +} + +// String returns the string representation +func (s DeleteManagedPrefixListOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteManagedPrefixListOutput) GoString() string { + return s.String() +} + +// SetPrefixList sets the PrefixList field's value. +func (s *DeleteManagedPrefixListOutput) SetPrefixList(v *ManagedPrefixList) *DeleteManagedPrefixListOutput { + s.PrefixList = v + return s +} + type DeleteNatGatewayInput struct { _ struct{} `type:"structure"` + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + // The ID of the NAT gateway. // // NatGatewayId is a required field @@ -50834,6 +55693,12 @@ func (s *DeleteNatGatewayInput) Validate() error { return nil } +// SetDryRun sets the DryRun field's value. +func (s *DeleteNatGatewayInput) SetDryRun(v bool) *DeleteNatGatewayInput { + s.DryRun = &v + return s +} + // SetNatGatewayId sets the NatGatewayId field's value. func (s *DeleteNatGatewayInput) SetNatGatewayId(v string) *DeleteNatGatewayInput { s.NatGatewayId = &v @@ -51363,6 +56228,9 @@ type DeleteRouteInput struct { // for the route exactly. DestinationIpv6CidrBlock *string `locationName:"destinationIpv6CidrBlock" type:"string"` + // The ID of the prefix list for the route. + DestinationPrefixListId *string `type:"string"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -51410,6 +56278,12 @@ func (s *DeleteRouteInput) SetDestinationIpv6CidrBlock(v string) *DeleteRouteInp return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *DeleteRouteInput) SetDestinationPrefixListId(v string) *DeleteRouteInput { + s.DestinationPrefixListId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *DeleteRouteInput) SetDryRun(v bool) *DeleteRouteInput { s.DryRun = &v @@ -52322,6 +57196,93 @@ func (s *DeleteTransitGatewayPeeringAttachmentOutput) SetTransitGatewayPeeringAt return s } +type DeleteTransitGatewayPrefixListReferenceInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the prefix list. + // + // PrefixListId is a required field + PrefixListId *string `type:"string" required:"true"` + + // The ID of the route table. + // + // TransitGatewayRouteTableId is a required field + TransitGatewayRouteTableId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTransitGatewayPrefixListReferenceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayPrefixListReferenceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTransitGatewayPrefixListReferenceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTransitGatewayPrefixListReferenceInput"} + if s.PrefixListId == nil { + invalidParams.Add(request.NewErrParamRequired("PrefixListId")) + } + if s.TransitGatewayRouteTableId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayRouteTableId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTransitGatewayPrefixListReferenceInput) SetDryRun(v bool) *DeleteTransitGatewayPrefixListReferenceInput { + s.DryRun = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *DeleteTransitGatewayPrefixListReferenceInput) SetPrefixListId(v string) *DeleteTransitGatewayPrefixListReferenceInput { + s.PrefixListId = &v + return s +} + +// SetTransitGatewayRouteTableId sets the TransitGatewayRouteTableId field's value. +func (s *DeleteTransitGatewayPrefixListReferenceInput) SetTransitGatewayRouteTableId(v string) *DeleteTransitGatewayPrefixListReferenceInput { + s.TransitGatewayRouteTableId = &v + return s +} + +type DeleteTransitGatewayPrefixListReferenceOutput struct { + _ struct{} `type:"structure"` + + // Information about the deleted prefix list reference. + TransitGatewayPrefixListReference *TransitGatewayPrefixListReference `locationName:"transitGatewayPrefixListReference" type:"structure"` +} + +// String returns the string representation +func (s DeleteTransitGatewayPrefixListReferenceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayPrefixListReferenceOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayPrefixListReference sets the TransitGatewayPrefixListReference field's value. +func (s *DeleteTransitGatewayPrefixListReferenceOutput) SetTransitGatewayPrefixListReference(v *TransitGatewayPrefixListReference) *DeleteTransitGatewayPrefixListReferenceOutput { + s.TransitGatewayPrefixListReference = v + return s +} + type DeleteTransitGatewayRouteInput struct { _ struct{} `type:"structure"` @@ -53177,8 +58138,8 @@ func (s DeleteVpnGatewayOutput) GoString() string { type DeprovisionByoipCidrInput struct { _ struct{} `type:"structure"` - // The public IPv4 address range, in CIDR notation. The prefix must be the same - // prefix that you specified when you provisioned the address range. + // The address range, in CIDR notation. The prefix must be the same prefix that + // you specified when you provisioned the address range. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -53313,6 +58274,101 @@ func (s DeregisterImageOutput) GoString() string { return s.String() } +type DeregisterInstanceEventNotificationAttributesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Information about the tag keys to deregister. + InstanceTagAttribute *DeregisterInstanceTagAttributeRequest `type:"structure"` +} + +// String returns the string representation +func (s DeregisterInstanceEventNotificationAttributesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterInstanceEventNotificationAttributesInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DeregisterInstanceEventNotificationAttributesInput) SetDryRun(v bool) *DeregisterInstanceEventNotificationAttributesInput { + s.DryRun = &v + return s +} + +// SetInstanceTagAttribute sets the InstanceTagAttribute field's value. +func (s *DeregisterInstanceEventNotificationAttributesInput) SetInstanceTagAttribute(v *DeregisterInstanceTagAttributeRequest) *DeregisterInstanceEventNotificationAttributesInput { + s.InstanceTagAttribute = v + return s +} + +type DeregisterInstanceEventNotificationAttributesOutput struct { + _ struct{} `type:"structure"` + + // The resulting set of tag keys. + InstanceTagAttribute *InstanceTagNotificationAttribute `locationName:"instanceTagAttribute" type:"structure"` +} + +// String returns the string representation +func (s DeregisterInstanceEventNotificationAttributesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterInstanceEventNotificationAttributesOutput) GoString() string { + return s.String() +} + +// SetInstanceTagAttribute sets the InstanceTagAttribute field's value. +func (s *DeregisterInstanceEventNotificationAttributesOutput) SetInstanceTagAttribute(v *InstanceTagNotificationAttribute) *DeregisterInstanceEventNotificationAttributesOutput { + s.InstanceTagAttribute = v + return s +} + +// Information about the tag keys to deregister for the current Region. You +// can either specify individual tag keys or deregister all tag keys in the +// current Region. You must specify either IncludeAllTagsOfInstance or InstanceTagKeys +// in the request +type DeregisterInstanceTagAttributeRequest struct { + _ struct{} `type:"structure"` + + // Indicates whether to deregister all tag keys in the current Region. Specify + // false to deregister all tag keys. + IncludeAllTagsOfInstance *bool `type:"boolean"` + + // Information about the tag keys to deregister. + InstanceTagKeys []*string `locationName:"InstanceTagKey" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DeregisterInstanceTagAttributeRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterInstanceTagAttributeRequest) GoString() string { + return s.String() +} + +// SetIncludeAllTagsOfInstance sets the IncludeAllTagsOfInstance field's value. +func (s *DeregisterInstanceTagAttributeRequest) SetIncludeAllTagsOfInstance(v bool) *DeregisterInstanceTagAttributeRequest { + s.IncludeAllTagsOfInstance = &v + return s +} + +// SetInstanceTagKeys sets the InstanceTagKeys field's value. +func (s *DeregisterInstanceTagAttributeRequest) SetInstanceTagKeys(v []*string) *DeregisterInstanceTagAttributeRequest { + s.InstanceTagKeys = v + return s +} + type DeregisterTransitGatewayMulticastGroupMembersInput struct { _ struct{} `type:"structure"` @@ -53547,7 +58603,8 @@ type DescribeAddressesInput struct { // * instance-id - The ID of the instance the address is associated with, // if any. // - // * network-border-group - The location from where the IP address is advertised. + // * network-border-group - A unique set of Availability Zones, Local Zones, + // or Wavelength Zones from where AWS advertises IP addresses. // // * network-interface-id - [EC2-VPC] The ID of the network interface that // the address is associated with, if any. @@ -53557,7 +58614,7 @@ type DescribeAddressesInput struct { // * private-ip-address - [EC2-VPC] The private IP address associated with // the Elastic IP address. // - // * public-ip - The Elastic IP address. + // * public-ip - The Elastic IP address, or the carrier IP address. // // * tag: - The key/value combination of a tag assigned to the resource. // Use the tag key in the filter name and the tag value as the filter value. @@ -53696,8 +58753,8 @@ func (s *DescribeAggregateIdFormatOutput) SetUseLongIdsAggregated(v bool) *Descr type DescribeAvailabilityZonesInput struct { _ struct{} `type:"structure"` - // Include all Availability Zones and Local Zones regardless of your opt in - // status. + // Include all Availability Zones, Local Zones, and Wavelength Zones regardless + // of your opt-in status. // // If you do not use this parameter, the results include only the zones for // the Regions where you have chosen the option to opt in. @@ -53713,29 +58770,41 @@ type DescribeAvailabilityZonesInput struct { // // * group-name - For Availability Zones, use the Region name. For Local // Zones, use the name of the group associated with the Local Zone (for example, - // us-west-2-lax-1). + // us-west-2-lax-1) For Wavelength Zones, use the name of the group associated + // with the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1). + // + // * message - The Zone message. // - // * message - The Availability Zone or Local Zone message. + // * opt-in-status - The opt-in status (opted-in, and not-opted-in | opt-in-not-required). // - // * opt-in-status - The opt in status (opted-in, and not-opted-in | opt-in-not-required). + // * parent-zoneID - The ID of the zone that handles some of the Local Zone + // and Wavelength Zone control plane operations, such as API calls. // - // * region-name - The name of the Region for the Availability Zone or Local - // Zone (for example, us-east-1). + // * parent-zoneName - The ID of the zone that handles some of the Local + // Zone and Wavelength Zone control plane operations, such as API calls. // - // * state - The state of the Availability Zone or Local Zone (available - // | information | impaired | unavailable). + // * region-name - The name of the Region for the Zone (for example, us-east-1). // - // * zone-id - The ID of the Availability Zone (for example, use1-az1) or - // the Local Zone (for example, use usw2-lax1-az1). + // * state - The state of the Availability Zone, the Local Zone, or the Wavelength + // Zone (available | information | impaired | unavailable). // - // * zone-name - The name of the Availability Zone (for example, us-east-1a) - // or the Local Zone (for example, use us-west-2-lax-1a). + // * zone-id - The ID of the Availability Zone (for example, use1-az1), the + // Local Zone (for example, usw2-lax1-az1), or the Wavelength Zone (for example, + // us-east-1-wl1-bos-wlz-1). + // + // * zone-type - The type of zone, for example, local-zone. + // + // * zone-name - The name of the Availability Zone (for example, us-east-1a), + // the Local Zone (for example, us-west-2-lax-1a), or the Wavelength Zone + // (for example, us-east-1-wl1-bos-wlz-1). + // + // * zone-type - The type of zone, for example, local-zone. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The IDs of the Availability Zones and Local Zones. + // The IDs of the Availability Zones, Local Zones, and Wavelength Zones. ZoneIds []*string `locationName:"ZoneId" locationNameList:"ZoneId" type:"list"` - // The names of the Availability Zones and Local Zones. + // The names of the Availability Zones, Local Zones, and Wavelength Zones. ZoneNames []*string `locationName:"ZoneName" locationNameList:"ZoneName" type:"list"` } @@ -53782,7 +58851,7 @@ func (s *DescribeAvailabilityZonesInput) SetZoneNames(v []*string) *DescribeAvai type DescribeAvailabilityZonesOutput struct { _ struct{} `type:"structure"` - // Information about the Availability Zones and Local Zones. + // Information about the Availability Zones, Local Zones, and Wavelength Zones. AvailabilityZones []*AvailabilityZone `locationName:"availabilityZoneInfo" locationNameList:"item" type:"list"` } @@ -54002,14 +59071,66 @@ type DescribeCapacityReservationsInput struct { DryRun *bool `type:"boolean"` // One or more filters. + // + // * instance-type - The type of instance for which the Capacity Reservation + // reserves capacity. + // + // * owner-id - The ID of the AWS account that owns the Capacity Reservation. + // + // * availability-zone-id - The Availability Zone ID of the Capacity Reservation. + // + // * instance-platform - The type of operating system for which the Capacity + // Reservation reserves capacity. + // + // * availability-zone - The Availability Zone ID of the Capacity Reservation. + // + // * tenancy - Indicates the tenancy of the Capacity Reservation. A Capacity + // Reservation can have one of the following tenancy settings: default - + // The Capacity Reservation is created on hardware that is shared with other + // AWS accounts. dedicated - The Capacity Reservation is created on single-tenant + // hardware that is dedicated to a single AWS account. + // + // * state - The current state of the Capacity Reservation. A Capacity Reservation + // can be in one of the following states: active- The Capacity Reservation + // is active and the capacity is available for your use. expired - The Capacity + // Reservation expired automatically at the date and time specified in your + // request. The reserved capacity is no longer available for your use. cancelled + // - The Capacity Reservation was manually cancelled. The reserved capacity + // is no longer available for your use. pending - The Capacity Reservation + // request was successful but the capacity provisioning is still pending. + // failed - The Capacity Reservation request has failed. A request might + // fail due to invalid request parameters, capacity constraints, or instance + // limit constraints. Failed requests are retained for 60 minutes. + // + // * end-date - The date and time at which the Capacity Reservation expires. + // When a Capacity Reservation expires, the reserved capacity is released + // and you can no longer launch instances into it. The Capacity Reservation's + // state changes to expired when it reaches its end date and time. + // + // * end-date-type - Indicates the way in which the Capacity Reservation + // ends. A Capacity Reservation can have one of the following end types: + // unlimited - The Capacity Reservation remains active until you explicitly + // cancel it. limited - The Capacity Reservation expires automatically at + // a specified date and time. + // + // * instance-match-criteria - Indicates the type of instance launches that + // the Capacity Reservation accepts. The options include: open - The Capacity + // Reservation accepts all instances that have matching attributes (instance + // type, platform, and Availability Zone). Instances that have matching attributes + // launch into the Capacity Reservation automatically without specifying + // any additional parameters. targeted - The Capacity Reservation only accepts + // instances that have matching attributes (instance type, platform, and + // Availability Zone), and explicitly target the Capacity Reservation. This + // ensures that only permitted instances can use the reserved capacity. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return for the request in a single page. // The remaining results can be seen by sending another request with the returned - // nextToken value. + // nextToken value. This value can be between 5 and 500. If maxResults is given + // a larger value than 500, you receive an error. MaxResults *int64 `min:"1" type:"integer"` - // The token to retrieve the next page of results. + // The token to use to retrieve the next page of results. NextToken *string `type:"string"` } @@ -54099,6 +59220,134 @@ func (s *DescribeCapacityReservationsOutput) SetNextToken(v string) *DescribeCap return s } +type DescribeCarrierGatewaysInput struct { + _ struct{} `type:"structure"` + + // One or more carrier gateway IDs. + CarrierGatewayIds []*string `locationName:"CarrierGatewayId" type:"list"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + // + // * carrier-gateway-id - The ID of the carrier gateway. + // + // * state - The state of the carrier gateway (pending | failed | available + // | deleting | deleted). + // + // * owner-id - The AWS account ID of the owner of the carrier gateway. + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. + // + // * vpc-id - The ID of the VPC associated with the carrier gateway. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeCarrierGatewaysInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCarrierGatewaysInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeCarrierGatewaysInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeCarrierGatewaysInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCarrierGatewayIds sets the CarrierGatewayIds field's value. +func (s *DescribeCarrierGatewaysInput) SetCarrierGatewayIds(v []*string) *DescribeCarrierGatewaysInput { + s.CarrierGatewayIds = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeCarrierGatewaysInput) SetDryRun(v bool) *DescribeCarrierGatewaysInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeCarrierGatewaysInput) SetFilters(v []*Filter) *DescribeCarrierGatewaysInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeCarrierGatewaysInput) SetMaxResults(v int64) *DescribeCarrierGatewaysInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCarrierGatewaysInput) SetNextToken(v string) *DescribeCarrierGatewaysInput { + s.NextToken = &v + return s +} + +type DescribeCarrierGatewaysOutput struct { + _ struct{} `type:"structure"` + + // Information about the carrier gateway. + CarrierGateways []*CarrierGateway `locationName:"carrierGatewaySet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeCarrierGatewaysOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCarrierGatewaysOutput) GoString() string { + return s.String() +} + +// SetCarrierGateways sets the CarrierGateways field's value. +func (s *DescribeCarrierGatewaysOutput) SetCarrierGateways(v []*CarrierGateway) *DescribeCarrierGatewaysOutput { + s.CarrierGateways = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCarrierGatewaysOutput) SetNextToken(v string) *DescribeCarrierGatewaysOutput { + s.NextToken = &v + return s +} + type DescribeClassicLinkInstancesInput struct { _ struct{} `type:"structure"` @@ -54243,6 +59492,14 @@ type DescribeClientVpnAuthorizationRulesInput struct { DryRun *bool `type:"boolean"` // One or more filters. Filter names and values are case-sensitive. + // + // * description - The description of the authorization rule. + // + // * destination-cidr - The CIDR of the network to which the authorization + // rule applies. + // + // * group-id - The ID of the Active Directory group to which the authorization + // rule grants access. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return for the request in a single page. @@ -54358,6 +59615,11 @@ type DescribeClientVpnConnectionsInput struct { DryRun *bool `type:"boolean"` // One or more filters. Filter names and values are case-sensitive. + // + // * connection-id - The ID of the connection. + // + // * username - For Active Directory client authentication, the user name + // of the client who established the client connection. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return for the request in a single page. @@ -54471,6 +59733,10 @@ type DescribeClientVpnEndpointsInput struct { DryRun *bool `type:"boolean"` // One or more filters. Filter names and values are case-sensitive. + // + // * endpoint-id - The ID of the Client VPN endpoint. + // + // * transport-protocol - The transport protocol (tcp | udp). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return for the request in a single page. @@ -54583,6 +59849,13 @@ type DescribeClientVpnRoutesInput struct { DryRun *bool `type:"boolean"` // One or more filters. Filter names and values are case-sensitive. + // + // * destination-cidr - The CIDR of the route destination. + // + // * origin - How the route was associated with the Client VPN endpoint (associate + // | add-route). + // + // * target-subnet - The ID of the subnet through which traffic is routed. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return for the request in a single page. @@ -54701,6 +59974,12 @@ type DescribeClientVpnTargetNetworksInput struct { DryRun *bool `type:"boolean"` // One or more filters. Filter names and values are case-sensitive. + // + // * association-id - The ID of the association. + // + // * target-network-id - The ID of the subnet specified as the target network. + // + // * vpc-id - The ID of the VPC in which the target network is located. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return for the request in a single page. @@ -55571,6 +60850,7 @@ type DescribeExportTasksInput struct { // The export task IDs. ExportTaskIds []*string `locationName:"exportTaskId" locationNameList:"ExportTaskId" type:"list"` + // the filters for the export tasks. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` } @@ -55641,10 +60921,11 @@ type DescribeFastSnapshotRestoreSuccessItem struct { // The time at which fast snapshot restores entered the optimizing state. OptimizingTime *time.Time `locationName:"optimizingTime" type:"timestamp"` - // The alias of the snapshot owner. + // The AWS owner alias that enabled fast snapshot restores on the snapshot. + // This is intended for future use. OwnerAlias *string `locationName:"ownerAlias" type:"string"` - // The ID of the AWS account that owns the snapshot. + // The ID of the AWS account that enabled fast snapshot restores on the snapshot. OwnerId *string `locationName:"ownerId" type:"string"` // The ID of the snapshot. @@ -55752,7 +61033,8 @@ type DescribeFastSnapshotRestoresInput struct { // // * availability-zone: The Availability Zone of the snapshot. // - // * owner-id: The ID of the AWS account that owns the snapshot. + // * owner-id: The ID of the AWS account that enabled fast snapshot restore + // on the snapshot. // // * snapshot-id: The ID of the snapshot. // @@ -56358,7 +61640,7 @@ type DescribeFlowLogsInput struct { // // * log-destination-type - The type of destination to which the flow log // publishes data. Possible destination types include cloud-watch-logs and - // S3. + // s3. // // * flow-log-id - The ID of the flow log. // @@ -56367,6 +61649,16 @@ type DescribeFlowLogsInput struct { // * resource-id - The ID of the VPC, subnet, or network interface. // // * traffic-type - The type of traffic (ACCEPT | REJECT | ALL). + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. Filter []*Filter `locationNameList:"Filter" type:"list"` // One or more flow log IDs. @@ -57041,8 +62333,7 @@ type DescribeIamInstanceProfileAssociationsInput struct { // // * instance-id - The ID of the instance. // - // * state - The state of the association (associating | associated | disassociating - // | disassociated). + // * state - The state of the association (associating | associated | disassociating). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return in a single call. To retrieve the @@ -57449,7 +62740,7 @@ type DescribeImagesInput struct { // in GiB. // // * block-device-mapping.volume-type - The volume type of the EBS volume - // (gp2 | io1 | st1 | sc1 | standard). + // (gp2 | io1 | io2 | st1 | sc1 | standard). // // * block-device-mapping.encrypted - A Boolean that indicates whether the // EBS volume is encrypted. @@ -57473,11 +62764,13 @@ type DescribeImagesInput struct { // // * name - The name of the AMI (provided during image creation). // - // * owner-alias - String value from an Amazon-maintained list (amazon | - // aws-marketplace | microsoft) of snapshot owners. Not to be confused with - // the user-configured AWS account alias, which is set from the IAM console. + // * owner-alias - The owner alias, from an Amazon-maintained list (amazon + // | aws-marketplace). This is not the user-configured AWS account alias + // set using the IAM console. We recommend that you use the related parameter + // instead of this filter. // - // * owner-id - The AWS account ID of the image owner. + // * owner-id - The AWS account ID of the owner. We recommend that you use + // the related parameter instead of this filter. // // * platform - The platform. To only list Windows-based AMIs, use windows. // @@ -57519,10 +62812,10 @@ type DescribeImagesInput struct { // Default: Describes all images available to you. ImageIds []*string `locationName:"ImageId" locationNameList:"ImageId" type:"list"` - // Filters the images by the owner. Specify an AWS account ID, self (owner is - // the sender of the request), or an AWS owner alias (valid values are amazon - // | aws-marketplace | microsoft). Omitting this option returns all images for - // which you have launch permissions, regardless of ownership. + // Scopes the results to images with the specified owners. You can specify a + // combination of AWS account IDs, self, amazon, and aws-marketplace. If you + // omit this parameter, the results include all images for which you have launch + // permissions, regardless of ownership. Owners []*string `locationName:"Owner" locationNameList:"Owner" type:"list"` } @@ -57866,6 +63159,10 @@ type DescribeInstanceAttributeOutput struct { // Indicates whether enhanced networking with ENA is enabled. EnaSupport *AttributeBooleanValue `locationName:"enaSupport" type:"structure"` + // To enable the instance for AWS Nitro Enclaves, set this parameter to true; + // otherwise, set it to false. + EnclaveOptions *EnclaveOptions `locationName:"enclaveOptions" type:"structure"` + // The security groups associated with the instance. Groups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` @@ -57938,6 +63235,12 @@ func (s *DescribeInstanceAttributeOutput) SetEnaSupport(v *AttributeBooleanValue return s } +// SetEnclaveOptions sets the EnclaveOptions field's value. +func (s *DescribeInstanceAttributeOutput) SetEnclaveOptions(v *EnclaveOptions) *DescribeInstanceAttributeOutput { + s.EnclaveOptions = v + return s +} + // SetGroups sets the Groups field's value. func (s *DescribeInstanceAttributeOutput) SetGroups(v []*GroupIdentifier) *DescribeInstanceAttributeOutput { s.Groups = v @@ -58121,6 +63424,55 @@ func (s *DescribeInstanceCreditSpecificationsOutput) SetNextToken(v string) *Des return s } +type DescribeInstanceEventNotificationAttributesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s DescribeInstanceEventNotificationAttributesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstanceEventNotificationAttributesInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeInstanceEventNotificationAttributesInput) SetDryRun(v bool) *DescribeInstanceEventNotificationAttributesInput { + s.DryRun = &v + return s +} + +type DescribeInstanceEventNotificationAttributesOutput struct { + _ struct{} `type:"structure"` + + // Information about the registered tag keys. + InstanceTagAttribute *InstanceTagNotificationAttribute `locationName:"instanceTagAttribute" type:"structure"` +} + +// String returns the string representation +func (s DescribeInstanceEventNotificationAttributesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstanceEventNotificationAttributesOutput) GoString() string { + return s.String() +} + +// SetInstanceTagAttribute sets the InstanceTagAttribute field's value. +func (s *DescribeInstanceEventNotificationAttributesOutput) SetInstanceTagAttribute(v *InstanceTagNotificationAttribute) *DescribeInstanceEventNotificationAttributesOutput { + s.InstanceTagAttribute = v + return s +} + type DescribeInstanceStatusInput struct { _ struct{} `type:"structure"` @@ -58290,7 +63642,7 @@ type DescribeInstanceTypeOfferingsInput struct { // type is region (default), the location is the Region code (for example, // us-east-2.) // - // * instance-type - The instance type. + // * instance-type - The instance type. For example, c5.2xlarge. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The location type. @@ -58402,31 +63754,52 @@ type DescribeInstanceTypesInput struct { // One or more filters. Filter names and values are case-sensitive. // - // * auto-recovery-supported - Indicates whether auto recovery is supported. - // (true | false) + // * auto-recovery-supported - Indicates whether auto recovery is supported + // (true | false). // - // * bare-metal - Indicates whether it is a bare metal instance type. (true - // | false) + // * bare-metal - Indicates whether it is a bare metal instance type (true + // | false). // // * burstable-performance-supported - Indicates whether it is a burstable - // performance instance type. (true | false) + // performance instance type (true | false). // // * current-generation - Indicates whether this instance type is the latest - // generation instance type of an instance family. (true | false) + // generation instance type of an instance family (true | false). + // + // * ebs-info.ebs-optimized-info.baseline-bandwidth-in-mbps - The baseline + // bandwidth performance for an EBS-optimized instance type, in Mbps. + // + // * ebs-info.ebs-optimized-info.baseline-iops - The baseline input/output + // storage operations per second for an EBS-optimized instance type. + // + // * ebs-info.ebs-optimized-info.baseline-throughput-in-mbps - The baseline + // throughput performance for an EBS-optimized instance type, in MB/s. + // + // * ebs-info.ebs-optimized-info.maximum-bandwidth-in-mbps - The maximum + // bandwidth performance for an EBS-optimized instance type, in Mbps. + // + // * ebs-info.ebs-optimized-info.maximum-iops - The maximum input/output + // storage operations per second for an EBS-optimized instance type. + // + // * ebs-info.ebs-optimized-info.maximum-throughput-in-mbps - The maximum + // throughput performance for an EBS-optimized instance type, in MB/s. // // * ebs-info.ebs-optimized-support - Indicates whether the instance type - // is EBS-optimized. (true | false) + // is EBS-optimized (supported | unsupported | default). // - // * ebs-info.encryption-support - Indicates whether EBS encryption is supported. - // (true | false) + // * ebs-info.encryption-support - Indicates whether EBS encryption is supported + // (supported | unsupported). + // + // * ebs-info.nvme-support - Indicates whether non-volatile memory express + // (NVMe) is supported for EBS volumes (required | supported | unsupported). // // * free-tier-eligible - Indicates whether the instance type is eligible - // to use in the free tier. (true | false) + // to use in the free tier (true | false). // - // * hibernation-supported - Indicates whether On-Demand hibernation is supported. - // (true | false) + // * hibernation-supported - Indicates whether On-Demand hibernation is supported + // (true | false). // - // * hypervisor - The hypervisor used. (nitro | xen) + // * hypervisor - The hypervisor (nitro | xen). // // * instance-storage-info.disk.count - The number of local disks. // @@ -58434,18 +63807,27 @@ type DescribeInstanceTypesInput struct { // storage disk, in GB. // // * instance-storage-info.disk.type - The storage technology for the local - // instance storage disks. (hdd | ssd) + // instance storage disks (hdd | ssd). + // + // * instance-storage-info.nvme-support - Indicates whether non-volatile + // memory express (NVMe) is supported for instance store (required | supported) + // | unsupported). // // * instance-storage-info.total-size-in-gb - The total amount of storage // available from all local instance storage, in GB. // // * instance-storage-supported - Indicates whether the instance type has - // local instance storage. (true | false) + // local instance storage (true | false). + // + // * instance-type - The instance type (for example c5.2xlarge or c5*). // // * memory-info.size-in-mib - The memory size. // + // * network-info.efa-supported - Indicates whether the instance type supports + // Elastic Fabric Adapter (EFA) (true | false). + // // * network-info.ena-support - Indicates whether Elastic Network Adapter - // (ENA) is supported or required. (required | supported | unsupported) + // (ENA) is supported or required (required | supported | unsupported). // // * network-info.ipv4-addresses-per-interface - The maximum number of private // IPv4 addresses per network interface. @@ -58454,24 +63836,40 @@ type DescribeInstanceTypesInput struct { // IPv6 addresses per network interface. // // * network-info.ipv6-supported - Indicates whether the instance type supports - // IPv6. (true | false) + // IPv6 (true | false). // // * network-info.maximum-network-interfaces - The maximum number of network // interfaces per instance. // - // * network-info.network-performance - Describes the network performance. + // * network-info.network-performance - The network performance (for example, + // "25 Gigabit"). + // + // * processor-info.supported-architecture - The CPU architecture (arm64 + // | i386 | x86_64). // // * processor-info.sustained-clock-speed-in-ghz - The CPU clock speed, in // GHz. // + // * supported-root-device-type - The root device type (ebs | instance-store). + // + // * supported-usage-class - The usage class (on-demand | spot). + // + // * supported-virtualization-type - The virtualization type (hvm | paravirtual). + // // * vcpu-info.default-cores - The default number of cores for the instance // type. // // * vcpu-info.default-threads-per-core - The default number of threads per - // cores for the instance type. + // core for the instance type. // // * vcpu-info.default-vcpus - The default number of vCPUs for the instance // type. + // + // * vcpu-info.valid-cores - The number of cores that can be configured for + // the instance type. + // + // * vcpu-info.valid-threads-per-core - The number of threads per core that + // can be configured for the instance type. For example, "1" or "1,2". Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The instance types. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) @@ -58624,7 +64022,8 @@ type DescribeInstancesInput struct { // * host-id - The ID of the Dedicated Host on which the instance is running, // if applicable. // - // * hypervisor - The hypervisor type of the instance (ovm | xen). + // * hypervisor - The hypervisor type of the instance (ovm | xen). The value + // xen is used for both Xen and Nitro hypervisors. // // * iam-instance-profile.arn - The instance profile associated with the // instance. Specified as an ARN. @@ -59049,6 +64448,125 @@ func (s *DescribeInternetGatewaysOutput) SetNextToken(v string) *DescribeInterne return s } +type DescribeIpv6PoolsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The IDs of the IPv6 address pools. + PoolIds []*string `locationName:"PoolId" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeIpv6PoolsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeIpv6PoolsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeIpv6PoolsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeIpv6PoolsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeIpv6PoolsInput) SetDryRun(v bool) *DescribeIpv6PoolsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeIpv6PoolsInput) SetFilters(v []*Filter) *DescribeIpv6PoolsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeIpv6PoolsInput) SetMaxResults(v int64) *DescribeIpv6PoolsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpv6PoolsInput) SetNextToken(v string) *DescribeIpv6PoolsInput { + s.NextToken = &v + return s +} + +// SetPoolIds sets the PoolIds field's value. +func (s *DescribeIpv6PoolsInput) SetPoolIds(v []*string) *DescribeIpv6PoolsInput { + s.PoolIds = v + return s +} + +type DescribeIpv6PoolsOutput struct { + _ struct{} `type:"structure"` + + // Information about the IPv6 address pools. + Ipv6Pools []*Ipv6Pool `locationName:"ipv6PoolSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeIpv6PoolsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeIpv6PoolsOutput) GoString() string { + return s.String() +} + +// SetIpv6Pools sets the Ipv6Pools field's value. +func (s *DescribeIpv6PoolsOutput) SetIpv6Pools(v []*Ipv6Pool) *DescribeIpv6PoolsOutput { + s.Ipv6Pools = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpv6PoolsOutput) SetNextToken(v string) *DescribeIpv6PoolsOutput { + s.NextToken = &v + return s +} + type DescribeKeyPairsInput struct { _ struct{} `type:"structure"` @@ -59060,9 +64578,21 @@ type DescribeKeyPairsInput struct { // The filters. // + // * key-pair-id - The ID of the key pair. + // // * fingerprint - The fingerprint of the key pair. // // * key-name - The name of the key pair. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The key pair names. @@ -59161,12 +64691,16 @@ type DescribeLaunchTemplateVersionsInput struct { // * ram-disk-id - The RAM disk ID. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The ID of the launch template. You must specify either the launch template - // ID or launch template name in the request. + // The ID of the launch template. To describe one or more versions of a specified + // launch template, you must specify either the launch template ID or the launch + // template name in the request. To describe all the latest or default launch + // template versions in your account, you must omit this parameter. LaunchTemplateId *string `type:"string"` - // The name of the launch template. You must specify either the launch template - // ID or launch template name in the request. + // The name of the launch template. To describe one or more versions of a specified + // launch template, you must specify either the launch template ID or the launch + // template name in the request. To describe all the latest or default launch + // template versions in your account, you must omit this parameter. LaunchTemplateName *string `min:"3" type:"string"` // The maximum number of results to return in a single call. To retrieve the @@ -59183,7 +64717,18 @@ type DescribeLaunchTemplateVersionsInput struct { // The token to request the next page of results. NextToken *string `type:"string"` - // One or more versions of the launch template. + // One or more versions of the launch template. Valid values depend on whether + // you are describing a specified launch template (by ID or name) or all launch + // templates in your account. + // + // To describe one or more versions of a specified launch template, valid values + // are $Latest, $Default, and numbers. + // + // To describe all launch templates in your account that are defined as the + // latest version, the valid value is $Latest. To describe all launch templates + // in your account that are defined as the default version, the valid value + // is $Default. You can specify $Latest and $Default in the same call. You cannot + // specify numbers. Versions []*string `locationName:"LaunchTemplateVersion" locationNameList:"item" type:"list"` } @@ -59440,6 +64985,18 @@ type DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput struct DryRun *bool `type:"boolean"` // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-route-table-id - The ID of the local gateway route table. + // + // * local-gateway-route-table-virtual-interface-group-association-id - The + // ID of the association. + // + // * local-gateway-route-table-virtual-interface-group-id - The ID of the + // virtual interface group. + // + // * state - The state of the association. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the associations. @@ -59549,6 +65106,16 @@ type DescribeLocalGatewayRouteTableVpcAssociationsInput struct { DryRun *bool `type:"boolean"` // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-route-table-id - The ID of the local gateway route table. + // + // * local-gateway-route-table-vpc-association-id - The ID of the association. + // + // * state - The state of the association. + // + // * vpc-id - The ID of the VPC. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the associations. @@ -59658,6 +65225,14 @@ type DescribeLocalGatewayRouteTablesInput struct { DryRun *bool `type:"boolean"` // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-route-table-id - The ID of a local gateway route table. + // + // * outpost-arn - The Amazon Resource Name (ARN) of the Outpost. + // + // * state - The state of the local gateway route table. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the local gateway route tables. @@ -59767,6 +65342,13 @@ type DescribeLocalGatewayVirtualInterfaceGroupsInput struct { DryRun *bool `type:"boolean"` // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-virtual-interface-id - The ID of the virtual interface. + // + // * local-gateway-virtual-interface-group-id - The ID of the virtual interface + // group. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the virtual interface groups. @@ -59987,7 +65569,21 @@ type DescribeLocalGatewaysInput struct { // One or more filters. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The IDs of the local gateways. + // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-route-table-id - The ID of the local gateway route table. + // + // * local-gateway-route-table-virtual-interface-group-association-id - The + // ID of the association. + // + // * local-gateway-route-table-virtual-interface-group-id - The ID of the + // virtual interface group. + // + // * outpost-arn - The Amazon Resource Name (ARN) of the Outpost. + // + // * state - The state of the association. LocalGatewayIds []*string `locationName:"LocalGatewayId" locationNameList:"item" type:"list"` // The maximum number of results to return with a single call. To retrieve the @@ -60084,6 +65680,121 @@ func (s *DescribeLocalGatewaysOutput) SetNextToken(v string) *DescribeLocalGatew return s } +type DescribeManagedPrefixListsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + // + // * owner-id - The ID of the prefix list owner. + // + // * prefix-list-id - The ID of the prefix list. + // + // * prefix-list-name - The name of the prefix list. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // One or more prefix list IDs. + PrefixListIds []*string `locationName:"PrefixListId" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeManagedPrefixListsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeManagedPrefixListsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeManagedPrefixListsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeManagedPrefixListsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeManagedPrefixListsInput) SetDryRun(v bool) *DescribeManagedPrefixListsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeManagedPrefixListsInput) SetFilters(v []*Filter) *DescribeManagedPrefixListsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeManagedPrefixListsInput) SetMaxResults(v int64) *DescribeManagedPrefixListsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeManagedPrefixListsInput) SetNextToken(v string) *DescribeManagedPrefixListsInput { + s.NextToken = &v + return s +} + +// SetPrefixListIds sets the PrefixListIds field's value. +func (s *DescribeManagedPrefixListsInput) SetPrefixListIds(v []*string) *DescribeManagedPrefixListsInput { + s.PrefixListIds = v + return s +} + +type DescribeManagedPrefixListsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about the prefix lists. + PrefixLists []*ManagedPrefixList `locationName:"prefixListSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeManagedPrefixListsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeManagedPrefixListsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeManagedPrefixListsOutput) SetNextToken(v string) *DescribeManagedPrefixListsOutput { + s.NextToken = &v + return s +} + +// SetPrefixLists sets the PrefixLists field's value. +func (s *DescribeManagedPrefixListsOutput) SetPrefixLists(v []*ManagedPrefixList) *DescribeManagedPrefixListsOutput { + s.PrefixLists = v + return s +} + type DescribeMovingAddressesInput struct { _ struct{} `type:"structure"` @@ -60203,6 +65914,12 @@ func (s *DescribeMovingAddressesOutput) SetNextToken(v string) *DescribeMovingAd type DescribeNatGatewaysInput struct { _ struct{} `type:"structure"` + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + // One or more filters. // // * nat-gateway-id - The ID of the NAT gateway. @@ -60259,6 +65976,12 @@ func (s *DescribeNatGatewaysInput) Validate() error { return nil } +// SetDryRun sets the DryRun field's value. +func (s *DescribeNatGatewaysInput) SetDryRun(v bool) *DescribeNatGatewaysInput { + s.DryRun = &v + return s +} + // SetFilter sets the Filter field's value. func (s *DescribeNatGatewaysInput) SetFilter(v []*Filter) *DescribeNatGatewaysInput { s.Filter = v @@ -60762,9 +66485,6 @@ type DescribeNetworkInterfacesInput struct { // * attachment.instance-owner-id - The owner ID of the instance to which // the network interface is attached. // - // * attachment.nat-gateway-id - The ID of the NAT gateway to which the network - // interface is attached. - // // * attachment.status - The status of the attachment (attaching | attached // | detaching | detached). // @@ -60942,6 +66662,16 @@ type DescribePlacementGroupsInput struct { // | deleted). // // * strategy - The strategy of the placement group (cluster | spread | partition). + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources that have a tag with a specific key, regardless + // of the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the placement groups. @@ -61219,6 +66949,19 @@ func (s *DescribePrincipalIdFormatOutput) SetPrincipals(v []*PrincipalIdFormat) type DescribePublicIpv4PoolsInput struct { _ struct{} `type:"structure"` + // One or more filters. + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + // The maximum number of results to return with a single call. To retrieve the // remaining results, make another call with the returned nextToken value. MaxResults *int64 `min:"1" type:"integer"` @@ -61253,6 +66996,12 @@ func (s *DescribePublicIpv4PoolsInput) Validate() error { return nil } +// SetFilters sets the Filters field's value. +func (s *DescribePublicIpv4PoolsInput) SetFilters(v []*Filter) *DescribePublicIpv4PoolsInput { + s.Filters = v + return s +} + // SetMaxResults sets the MaxResults field's value. func (s *DescribePublicIpv4PoolsInput) SetMaxResults(v int64) *DescribePublicIpv4PoolsInput { s.MaxResults = &v @@ -62025,8 +67774,6 @@ type DescribeRouteTablesInput struct { // to find all resources assigned a tag with a specific key, regardless of // the tag value. // - // * transit-gateway-id - The ID of a transit gateway. - // // * vpc-id - The ID of the VPC for the route table. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -62515,8 +68262,8 @@ type DescribeSecurityGroupsInput struct { // * egress.ip-permission.ipv6-cidr - An IPv6 CIDR block for an outbound // security group rule. // - // * egress.ip-permission.prefix-list-id - The ID (prefix) of the AWS service - // to which a security group rule allows outbound access. + // * egress.ip-permission.prefix-list-id - The ID of a prefix list to which + // a security group rule allows outbound access. // // * egress.ip-permission.protocol - The IP protocol for an outbound security // group rule (tcp | udp | icmp or a protocol number). @@ -62546,8 +68293,8 @@ type DescribeSecurityGroupsInput struct { // * ip-permission.ipv6-cidr - An IPv6 CIDR block for an inbound security // group rule. // - // * ip-permission.prefix-list-id - The ID (prefix) of the AWS service from - // which a security group rule allows inbound access. + // * ip-permission.prefix-list-id - The ID of a prefix list from which a + // security group rule allows inbound access. // // * ip-permission.protocol - The IP protocol for an inbound security group // rule (tcp | udp | icmp or a protocol number). @@ -62810,12 +68557,12 @@ type DescribeSnapshotsInput struct { // // * encrypted - Indicates whether the snapshot is encrypted (true | false) // - // * owner-alias - Value from an Amazon-maintained list (amazon | self | - // all | aws-marketplace | microsoft) of snapshot owners. Not to be confused - // with the user-configured AWS account alias, which is set from the IAM - // console. + // * owner-alias - The owner alias, from an Amazon-maintained list (amazon). + // This is not the user-configured AWS account alias set using the IAM console. + // We recommend that you use the related parameter instead of this filter. // - // * owner-id - The ID of the AWS account that owns the snapshot. + // * owner-id - The AWS account ID of the owner. We recommend that you use + // the related parameter instead of this filter. // // * progress - The progress of the snapshot, as a percentage (for example, // 80%). @@ -62859,7 +68606,8 @@ type DescribeSnapshotsInput struct { // to return. NextToken *string `type:"string"` - // Describes the snapshots owned by these owners. + // Scopes the results to snapshots with the specified owners. You can specify + // a combination of AWS account IDs, self, and amazon. OwnerIds []*string `locationName:"Owner" locationNameList:"Owner" type:"list"` // The IDs of the AWS accounts that can create volumes from the snapshot. @@ -63415,8 +69163,8 @@ type DescribeSpotInstanceRequestsInput struct { // in GiB. // // * launch.block-device-mapping.volume-type - The type of EBS volume: gp2 - // for General Purpose SSD, io1 for Provisioned IOPS SSD, st1 for Throughput - // Optimized HDD, sc1for Cold HDD, or standard for Magnetic. + // for General Purpose SSD, io1 or io2 for Provisioned IOPS SSD, st1 for + // Throughput Optimized HDD, sc1for Cold HDD, or standard for Magnetic. // // * launch.group-id - The ID of the security group for the instance. // @@ -63470,7 +69218,7 @@ type DescribeSpotInstanceRequestsInput struct { // * state - The state of the Spot Instance request (open | active | closed // | cancelled | failed). Spot request status information can help you track // your Amazon EC2 Spot Instance requests. For more information, see Spot - // Request Status (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html) + // request status (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html) // in the Amazon EC2 User Guide for Linux Instances. // // * status-code - The short code describing the most recent evaluation of @@ -63608,8 +69356,9 @@ type DescribeSpotPriceHistoryInput struct { // * instance-type - The type of instance (for example, m3.medium). // // * product-description - The product description for the Spot price (Linux/UNIX - // | SUSE Linux | Windows | Linux/UNIX (Amazon VPC) | SUSE Linux (Amazon - // VPC) | Windows (Amazon VPC)). + // | Red Hat Enterprise Linux | SUSE Linux | Windows | Linux/UNIX (Amazon + // VPC) | Red Hat Enterprise Linux (Amazon VPC) | SUSE Linux (Amazon VPC) + // | Windows (Amazon VPC)). // // * spot-price - The Spot price. The value must match exactly (or use wildcards; // greater than or less than comparison is not supported). @@ -64018,10 +69767,11 @@ type DescribeTagsInput struct { // * resource-id - The ID of the resource. // // * resource-type - The resource type (customer-gateway | dedicated-host - // | dhcp-options | elastic-ip | fleet | fpga-image | image | instance | - // host-reservation | internet-gateway | launch-template | natgateway | network-acl - // | network-interface | reserved-instances | route-table | security-group - // | snapshot | spot-instances-request | subnet | volume | vpc | vpc-peering-connection + // | dhcp-options | elastic-ip | fleet | fpga-image | host-reservation | + // image | instance | internet-gateway | key-pair | launch-template | natgateway + // | network-acl | network-interface | placement-group | reserved-instances + // | route-table | security-group | snapshot | spot-instances-request | subnet + // | volume | vpc | vpc-endpoint | vpc-endpoint-service | vpc-peering-connection // | vpn-connection | vpn-gateway). // // * tag: - The key/value combination of the tag. For example, specify @@ -64489,11 +70239,12 @@ type DescribeTransitGatewayAttachmentsInput struct { // // * resource-owner-id - The ID of the AWS account that owns the resource. // - // * resource-type - The resource type (vpc | vpn). + // * resource-type - The resource type. Valid values are vpc | vpn | direct-connect-gateway + // | peering. // - // * state - The state of the attachment (available | deleted | deleting - // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected - // | rejecting). + // * state - The state of the attachment. Valid values are available | deleted + // | deleting | failed | failing | initiatingRequest | modifying | pendingAcceptance + // | pending | rollingBack | rejected | rejecting. // // * transit-gateway-attachment-id - The ID of the attachment. // @@ -64726,7 +70477,30 @@ type DescribeTransitGatewayPeeringAttachmentsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // One or more filters. The possible values are: + // + // * transit-gateway-attachment-id - The ID of the transit gateway attachment. + // + // * local-owner-id - The ID of your AWS account. + // + // * remote-owner-id - The ID of the AWS account in the remote Region that + // owns the transit gateway. + // + // * state - The state of the peering attachment. Valid values are available + // | deleted | deleting | failed | failing | initiatingRequest | modifying + // | pendingAcceptance | pending | rollingBack | rejected | rejecting). + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources that have a tag with a specific key, regardless + // of the tag value. + // + // * transit-gateway-id - The ID of the transit gateway. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return with a single call. To retrieve the @@ -64843,9 +70617,8 @@ type DescribeTransitGatewayRouteTablesInput struct { // * default-propagation-route-table - Indicates whether this is the default // propagation route table for the transit gateway (true | false). // - // * state - The state of the attachment (available | deleted | deleting - // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected - // | rejecting). + // * state - The state of the route table (available | deleting | deleted + // | pending). // // * transit-gateway-id - The ID of the transit gateway. // @@ -64961,9 +70734,9 @@ type DescribeTransitGatewayVpcAttachmentsInput struct { // One or more filters. The possible values are: // - // * state - The state of the attachment (available | deleted | deleting - // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected - // | rejecting). + // * state - The state of the attachment. Valid values are available | deleted + // | deleting | failed | failing | initiatingRequest | modifying | pendingAcceptance + // | pending | rollingBack | rejected | rejecting. // // * transit-gateway-attachment-id - The ID of the attachment. // @@ -65108,9 +70881,8 @@ type DescribeTransitGatewaysInput struct { // // * owner-id - The ID of the AWS account that owns the transit gateway. // - // * state - The state of the attachment (available | deleted | deleting - // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected - // | rejecting). + // * state - The state of the transit gateway (available | deleted | deleting + // | modifying | pending). // // * transit-gateway-id - The ID of the transit gateway. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -65484,11 +71256,17 @@ type DescribeVolumesInput struct { // // * encrypted - Indicates whether the volume is encrypted (true | false) // + // * multi-attach-enabled - Indicates whether the volume is enabled for Multi-Attach + // (true | false) + // + // * fast-restored - Indicates whether the volume was created from a snapshot + // that is enabled for fast snapshot restore (true | false). + // // * size - The size of the volume, in GiB. // // * snapshot-id - The snapshot from which the volume was created. // - // * status - The status of the volume (creating | available | in-use | deleting + // * status - The state of the volume (creating | available | in-use | deleting // | deleted | error). // // * tag: - The key/value combination of a tag assigned to the resource. @@ -65504,7 +71282,7 @@ type DescribeVolumesInput struct { // * volume-id - The volume ID. // // * volume-type - The Amazon EBS volume type. This can be gp2 for General - // Purpose SSD, io1 for Provisioned IOPS SSD, st1 for Throughput Optimized + // Purpose SSD, io1 or io2 for Provisioned IOPS SSD, st1 for Throughput Optimized // HDD, sc1 for Cold HDD, or standard for Magnetic volumes. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -65578,9 +71356,34 @@ type DescribeVolumesModificationsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The filters. Supported filters: volume-id, modification-state, target-size, - // target-iops, target-volume-type, original-size, original-iops, original-volume-type, - // start-time. + // The filters. + // + // * modification-state - The current modification state (modifying | optimizing + // | completed | failed). + // + // * original-iops - The original IOPS rate of the volume. + // + // * original-size - The original size of the volume, in GiB. + // + // * original-volume-type - The original volume type of the volume (standard + // | io1 | io2 | gp2 | sc1 | st1). + // + // * originalMultiAttachEnabled - Indicates whether Multi-Attach support + // was enabled (true | false). + // + // * start-time - The modification start time. + // + // * target-iops - The target IOPS rate of the volume. + // + // * target-size - The target size of the volume, in GiB. + // + // * target-volume-type - The target volume type of the volume (standard + // | io1 | io2 | gp2 | sc1 | st1). + // + // * targetMultiAttachEnabled - Indicates whether Multi-Attach support is + // to be enabled (true | false). + // + // * volume-id - The ID of the volume. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results (up to a limit of 500) to be returned in a @@ -65590,7 +71393,7 @@ type DescribeVolumesModificationsInput struct { // The nextToken value returned by a previous paginated request. NextToken *string `type:"string"` - // The IDs of the volumes for which in-progress modifications will be described. + // The IDs of the volumes. VolumeIds []*string `locationName:"VolumeId" locationNameList:"VolumeId" type:"list"` } @@ -66844,6 +72647,9 @@ type DescribeVpcsInput struct { // * ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR block associated // with the VPC. // + // * ipv6-cidr-block-association.ipv6-pool - The ID of the IPv6 address pool + // from which the IPv6 CIDR block is allocated. + // // * ipv6-cidr-block-association.association-id - The association ID for // an IPv6 CIDR block associated with the VPC. // @@ -67452,7 +73258,8 @@ type DetachVolumeInput struct { // and repair procedures. Force *bool `type:"boolean"` - // The ID of the instance. + // The ID of the instance. If you are detaching a Multi-Attach enabled volume, + // you must specify an instance ID. InstanceId *string `type:"string"` // The ID of the volume. @@ -67897,10 +73704,11 @@ type DisableFastSnapshotRestoreSuccessItem struct { // The time at which fast snapshot restores entered the optimizing state. OptimizingTime *time.Time `locationName:"optimizingTime" type:"timestamp"` - // The alias of the snapshot owner. + // The AWS owner alias that enabled fast snapshot restores on the snapshot. + // This is intended for future use. OwnerAlias *string `locationName:"ownerAlias" type:"string"` - // The ID of the AWS account that owns the snapshot. + // The ID of the AWS account that enabled fast snapshot restores on the snapshot. OwnerId *string `locationName:"ownerId" type:"string"` // The ID of the snapshot. @@ -68184,6 +73992,12 @@ func (s *DisableTransitGatewayRouteTablePropagationOutput) SetPropagation(v *Tra type DisableVgwRoutePropagationInput struct { _ struct{} `type:"structure"` + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + // The ID of the virtual private gateway. // // GatewayId is a required field @@ -68221,6 +74035,12 @@ func (s *DisableVgwRoutePropagationInput) Validate() error { return nil } +// SetDryRun sets the DryRun field's value. +func (s *DisableVgwRoutePropagationInput) SetDryRun(v bool) *DisableVgwRoutePropagationInput { + s.DryRun = &v + return s +} + // SetGatewayId sets the GatewayId field's value. func (s *DisableVgwRoutePropagationInput) SetGatewayId(v string) *DisableVgwRoutePropagationInput { s.GatewayId = &v @@ -68520,6 +74340,89 @@ func (s *DisassociateClientVpnTargetNetworkOutput) SetStatus(v *AssociationStatu return s } +type DisassociateEnclaveCertificateIamRoleInput struct { + _ struct{} `type:"structure"` + + // The ARN of the ACM certificate from which to disassociate the IAM role. + CertificateArn *string `min:"1" type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ARN of the IAM role to disassociate. + RoleArn *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s DisassociateEnclaveCertificateIamRoleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisassociateEnclaveCertificateIamRoleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateEnclaveCertificateIamRoleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateEnclaveCertificateIamRoleInput"} + if s.CertificateArn != nil && len(*s.CertificateArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 1)) + } + if s.RoleArn != nil && len(*s.RoleArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCertificateArn sets the CertificateArn field's value. +func (s *DisassociateEnclaveCertificateIamRoleInput) SetCertificateArn(v string) *DisassociateEnclaveCertificateIamRoleInput { + s.CertificateArn = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DisassociateEnclaveCertificateIamRoleInput) SetDryRun(v bool) *DisassociateEnclaveCertificateIamRoleInput { + s.DryRun = &v + return s +} + +// SetRoleArn sets the RoleArn field's value. +func (s *DisassociateEnclaveCertificateIamRoleInput) SetRoleArn(v string) *DisassociateEnclaveCertificateIamRoleInput { + s.RoleArn = &v + return s +} + +type DisassociateEnclaveCertificateIamRoleOutput struct { + _ struct{} `type:"structure"` + + // Returns true if the request succeeds; otherwise, it returns an error. + Return *bool `locationName:"return" type:"boolean"` +} + +// String returns the string representation +func (s DisassociateEnclaveCertificateIamRoleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisassociateEnclaveCertificateIamRoleOutput) GoString() string { + return s.String() +} + +// SetReturn sets the Return field's value. +func (s *DisassociateEnclaveCertificateIamRoleOutput) SetReturn(v bool) *DisassociateEnclaveCertificateIamRoleOutput { + s.Return = &v + return s +} + type DisassociateIamInstanceProfileInput struct { _ struct{} `type:"structure"` @@ -68585,7 +74488,7 @@ type DisassociateRouteTableInput struct { _ struct{} `type:"structure"` // The association ID representing the current association between the route - // table and subnet. + // table and subnet or gateway. // // AssociationId is a required field AssociationId *string `locationName:"associationId" type:"string" required:"true"` @@ -69301,7 +75204,7 @@ type EbsBlockDevice struct { _ struct{} `type:"structure"` // Indicates whether the EBS volume is deleted on instance termination. For - // more information, see Preserving Amazon EBS Volumes on Instance Termination + // more information, see Preserving Amazon EBS volumes on instance termination // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) // in the Amazon Elastic Compute Cloud User Guide. DeleteOnTermination *bool `locationName:"deleteOnTermination" type:"boolean"` @@ -69316,25 +75219,28 @@ type EbsBlockDevice struct { // In no case can you remove encryption from an encrypted volume. // // Encrypted volumes can only be attached to instances that support Amazon EBS - // encryption. For more information, see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). + // encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). + // + // This parameter is not returned by . Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS) that the volume supports. - // For io1 volumes, this represents the number of IOPS that are provisioned + // For io1 and io2 volumes, this represents the number of IOPS that are provisioned // for the volume. For gp2 volumes, this represents the baseline performance // of the volume and the rate at which the volume accumulates I/O credits for - // bursting. For more information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // bursting. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // - // Constraints: Range is 100-16,000 IOPS for gp2 volumes and 100 to 64,000IOPS - // for io1 volumes in most Regions. Maximum io1 IOPS of 64,000 is guaranteed - // only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // Constraints: Range is 100-16,000 IOPS for gp2 volumes and 100 to 64,000 IOPS + // for io1 and io2 volumes in most Regions. Maximum io1 and io2 IOPS of 64,000 + // is guaranteed only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). // Other instance families guarantee performance up to 32,000 IOPS. For more // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // - // Condition: This parameter is required for requests to create io1 volumes; - // it is not used in requests to create gp2, st1, sc1, or standard volumes. + // Condition: This parameter is required for requests to create io1 and io2 + // volumes; it is not used in requests to create gp2, st1, sc1, or standard + // volumes. Iops *int64 `locationName:"iops" type:"integer"` // Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed @@ -69355,15 +75261,15 @@ type EbsBlockDevice struct { // a volume size, the default is the snapshot size. // // Constraints: 1-16384 for General Purpose SSD (gp2), 4-16384 for Provisioned - // IOPS SSD (io1), 500-16384 for Throughput Optimized HDD (st1), 500-16384 for - // Cold HDD (sc1), and 1-1024 for Magnetic (standard) volumes. If you specify + // IOPS SSD (io1 and io2), 500-16384 for Throughput Optimized HDD (st1), 500-16384 + // for Cold HDD (sc1), and 1-1024 for Magnetic (standard) volumes. If you specify // a snapshot, the volume size must be equal to or larger than the snapshot // size. VolumeSize *int64 `locationName:"volumeSize" type:"integer"` - // The volume type. If you set the type to io1, you must also specify the Iops - // parameter. If you set the type to gp2, st1, sc1, or standard, you must omit - // the Iops parameter. + // The volume type. If you set the type to io1 or io2, you must also specify + // the Iops parameter. If you set the type to gp2, st1, sc1, or standard, you + // must omit the Iops parameter. // // Default: gp2 VolumeType *string `locationName:"volumeType" type:"string" enum:"VolumeType"` @@ -69425,13 +75331,19 @@ func (s *EbsBlockDevice) SetVolumeType(v string) *EbsBlockDevice { type EbsInfo struct { _ struct{} `type:"structure"` - // Indicates that the instance type is Amazon EBS-optimized. For more information, + // Describes the optimized EBS performance for the instance type. + EbsOptimizedInfo *EbsOptimizedInfo `locationName:"ebsOptimizedInfo" type:"structure"` + + // Indicates whether the instance type is Amazon EBS-optimized. For more information, // see Amazon EBS-Optimized Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) // in Amazon EC2 User Guide for Linux Instances. EbsOptimizedSupport *string `locationName:"ebsOptimizedSupport" type:"string" enum:"EbsOptimizedSupport"` // Indicates whether Amazon EBS encryption is supported. EncryptionSupport *string `locationName:"encryptionSupport" type:"string" enum:"EbsEncryptionSupport"` + + // Indicates whether non-volatile memory express (NVMe) is supported. + NvmeSupport *string `locationName:"nvmeSupport" type:"string" enum:"EbsNvmeSupport"` } // String returns the string representation @@ -69444,6 +75356,12 @@ func (s EbsInfo) GoString() string { return s.String() } +// SetEbsOptimizedInfo sets the EbsOptimizedInfo field's value. +func (s *EbsInfo) SetEbsOptimizedInfo(v *EbsOptimizedInfo) *EbsInfo { + s.EbsOptimizedInfo = v + return s +} + // SetEbsOptimizedSupport sets the EbsOptimizedSupport field's value. func (s *EbsInfo) SetEbsOptimizedSupport(v string) *EbsInfo { s.EbsOptimizedSupport = &v @@ -69456,6 +75374,12 @@ func (s *EbsInfo) SetEncryptionSupport(v string) *EbsInfo { return s } +// SetNvmeSupport sets the NvmeSupport field's value. +func (s *EbsInfo) SetNvmeSupport(v string) *EbsInfo { + s.NvmeSupport = &v + return s +} + // Describes a parameter used to set up an EBS volume in a block device mapping. type EbsInstanceBlockDevice struct { _ struct{} `type:"structure"` @@ -69541,6 +75465,81 @@ func (s *EbsInstanceBlockDeviceSpecification) SetVolumeId(v string) *EbsInstance return s } +// Describes the optimized EBS performance for supported instance types. +type EbsOptimizedInfo struct { + _ struct{} `type:"structure"` + + // The baseline bandwidth performance for an EBS-optimized instance type, in + // Mbps. + BaselineBandwidthInMbps *int64 `locationName:"baselineBandwidthInMbps" type:"integer"` + + // The baseline input/output storage operations per seconds for an EBS-optimized + // instance type. + BaselineIops *int64 `locationName:"baselineIops" type:"integer"` + + // The baseline throughput performance for an EBS-optimized instance type, in + // MB/s. + BaselineThroughputInMBps *float64 `locationName:"baselineThroughputInMBps" type:"double"` + + // The maximum bandwidth performance for an EBS-optimized instance type, in + // Mbps. + MaximumBandwidthInMbps *int64 `locationName:"maximumBandwidthInMbps" type:"integer"` + + // The maximum input/output storage operations per second for an EBS-optimized + // instance type. + MaximumIops *int64 `locationName:"maximumIops" type:"integer"` + + // The maximum throughput performance for an EBS-optimized instance type, in + // MB/s. + MaximumThroughputInMBps *float64 `locationName:"maximumThroughputInMBps" type:"double"` +} + +// String returns the string representation +func (s EbsOptimizedInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EbsOptimizedInfo) GoString() string { + return s.String() +} + +// SetBaselineBandwidthInMbps sets the BaselineBandwidthInMbps field's value. +func (s *EbsOptimizedInfo) SetBaselineBandwidthInMbps(v int64) *EbsOptimizedInfo { + s.BaselineBandwidthInMbps = &v + return s +} + +// SetBaselineIops sets the BaselineIops field's value. +func (s *EbsOptimizedInfo) SetBaselineIops(v int64) *EbsOptimizedInfo { + s.BaselineIops = &v + return s +} + +// SetBaselineThroughputInMBps sets the BaselineThroughputInMBps field's value. +func (s *EbsOptimizedInfo) SetBaselineThroughputInMBps(v float64) *EbsOptimizedInfo { + s.BaselineThroughputInMBps = &v + return s +} + +// SetMaximumBandwidthInMbps sets the MaximumBandwidthInMbps field's value. +func (s *EbsOptimizedInfo) SetMaximumBandwidthInMbps(v int64) *EbsOptimizedInfo { + s.MaximumBandwidthInMbps = &v + return s +} + +// SetMaximumIops sets the MaximumIops field's value. +func (s *EbsOptimizedInfo) SetMaximumIops(v int64) *EbsOptimizedInfo { + s.MaximumIops = &v + return s +} + +// SetMaximumThroughputInMBps sets the MaximumThroughputInMBps field's value. +func (s *EbsOptimizedInfo) SetMaximumThroughputInMBps(v float64) *EbsOptimizedInfo { + s.MaximumThroughputInMBps = &v + return s +} + // Describes an egress-only internet gateway. type EgressOnlyInternetGateway struct { _ struct{} `type:"structure"` @@ -69813,7 +75812,7 @@ type ElasticInferenceAccelerator struct { Count *int64 `min:"1" type:"integer"` // The type of elastic inference accelerator. The possible values are eia1.medium, - // eia1.large, and eia1.xlarge. + // eia1.large, eia1.xlarge, eia2.medium, eia2.large, and eia2.xlarge. // // Type is a required field Type *string `type:"string" required:"true"` @@ -70081,10 +76080,11 @@ type EnableFastSnapshotRestoreSuccessItem struct { // The time at which fast snapshot restores entered the optimizing state. OptimizingTime *time.Time `locationName:"optimizingTime" type:"timestamp"` - // The alias of the snapshot owner. + // The AWS owner alias that enabled fast snapshot restores on the snapshot. + // This is intended for future use. OwnerAlias *string `locationName:"ownerAlias" type:"string"` - // The ID of the AWS account that owns the snapshot. + // The ID of the AWS account that enabled fast snapshot restores on the snapshot. OwnerId *string `locationName:"ownerId" type:"string"` // The ID of the snapshot. @@ -70369,6 +76369,12 @@ func (s *EnableTransitGatewayRouteTablePropagationOutput) SetPropagation(v *Tran type EnableVgwRoutePropagationInput struct { _ struct{} `type:"structure"` + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + // The ID of the virtual private gateway that is attached to a VPC. The virtual // private gateway must be attached to the same VPC that the routing tables // are associated with. @@ -70409,6 +76415,12 @@ func (s *EnableVgwRoutePropagationInput) Validate() error { return nil } +// SetDryRun sets the DryRun field's value. +func (s *EnableVgwRoutePropagationInput) SetDryRun(v bool) *EnableVgwRoutePropagationInput { + s.DryRun = &v + return s +} + // SetGatewayId sets the GatewayId field's value. func (s *EnableVgwRoutePropagationInput) SetGatewayId(v string) *EnableVgwRoutePropagationInput { s.GatewayId = &v @@ -70618,6 +76630,57 @@ func (s *EnableVpcClassicLinkOutput) SetReturn(v bool) *EnableVpcClassicLinkOutp return s } +// Indicates whether the instance is enabled for AWS Nitro Enclaves. +type EnclaveOptions struct { + _ struct{} `type:"structure"` + + // If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; + // otherwise, it is not enabled for AWS Nitro Enclaves. + Enabled *bool `locationName:"enabled" type:"boolean"` +} + +// String returns the string representation +func (s EnclaveOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnclaveOptions) GoString() string { + return s.String() +} + +// SetEnabled sets the Enabled field's value. +func (s *EnclaveOptions) SetEnabled(v bool) *EnclaveOptions { + s.Enabled = &v + return s +} + +// Indicates whether the instance is enabled for AWS Nitro Enclaves. For more +// information, see What is AWS Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) +// in the AWS Nitro Enclaves User Guide. +type EnclaveOptionsRequest struct { + _ struct{} `type:"structure"` + + // To enable the instance for AWS Nitro Enclaves, set this parameter to true. + Enabled *bool `type:"boolean"` +} + +// String returns the string representation +func (s EnclaveOptionsRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnclaveOptionsRequest) GoString() string { + return s.String() +} + +// SetEnabled sets the Enabled field's value. +func (s *EnclaveOptionsRequest) SetEnabled(v bool) *EnclaveOptionsRequest { + s.Enabled = &v + return s +} + // Describes an EC2 Fleet or Spot Fleet event. type EventInformation struct { _ struct{} `type:"structure"` @@ -70884,7 +76947,7 @@ type ExportImageInput struct { // Token to enable idempotency for export image requests. ClientToken *string `type:"string" idempotencyToken:"true"` - // A description of the image being exported. The maximum length is 255 bytes. + // A description of the image being exported. The maximum length is 255 characters. Description *string `type:"string"` // The disk image format. @@ -70904,15 +76967,18 @@ type ExportImageInput struct { ImageId *string `type:"string" required:"true"` // The name of the role that grants VM Import/Export permission to export images - // to your S3 bucket. If this parameter is not specified, the default role is - // named 'vmimport'. + // to your Amazon S3 bucket. If this parameter is not specified, the default + // role is named 'vmimport'. RoleName *string `type:"string"` - // Information about the destination S3 bucket. The bucket must exist and grant - // WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com. + // Information about the destination Amazon S3 bucket. The bucket must exist + // and grant WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com. // // S3ExportLocation is a required field S3ExportLocation *ExportTaskS3LocationRequest `type:"structure" required:"true"` + + // The tags to apply to the image being exported. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -70991,6 +77057,12 @@ func (s *ExportImageInput) SetS3ExportLocation(v *ExportTaskS3LocationRequest) * return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *ExportImageInput) SetTagSpecifications(v []*TagSpecification) *ExportImageInput { + s.TagSpecifications = v + return s +} + type ExportImageOutput struct { _ struct{} `type:"structure"` @@ -71010,10 +77082,10 @@ type ExportImageOutput struct { Progress *string `locationName:"progress" type:"string"` // The name of the role that grants VM Import/Export permission to export images - // to your S3 bucket. + // to your Amazon S3 bucket. RoleName *string `locationName:"roleName" type:"string"` - // Information about the destination S3 bucket. + // Information about the destination Amazon S3 bucket. S3ExportLocation *ExportTaskS3Location `locationName:"s3ExportLocation" type:"structure"` // The status of the export image task. The possible values are active, completed, @@ -71022,6 +77094,9 @@ type ExportImageOutput struct { // The status message for the export image task. StatusMessage *string `locationName:"statusMessage" type:"string"` + + // Any tags assigned to the image being exported. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -71088,6 +77163,12 @@ func (s *ExportImageOutput) SetStatusMessage(v string) *ExportImageOutput { return s } +// SetTags sets the Tags field's value. +func (s *ExportImageOutput) SetTags(v []*Tag) *ExportImageOutput { + s.Tags = v + return s +} + // Describes an export image task. type ExportImageTask struct { _ struct{} `type:"structure"` @@ -71104,7 +77185,7 @@ type ExportImageTask struct { // The percent complete of the export image task. Progress *string `locationName:"progress" type:"string"` - // Information about the destination S3 bucket. + // Information about the destination Amazon S3 bucket. S3ExportLocation *ExportTaskS3Location `locationName:"s3ExportLocation" type:"structure"` // The status of the export image task. The possible values are active, completed, @@ -71113,6 +77194,9 @@ type ExportImageTask struct { // The status message for the export image task. StatusMessage *string `locationName:"statusMessage" type:"string"` + + // Any tags assigned to the image being exported. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -71167,6 +77251,12 @@ func (s *ExportImageTask) SetStatusMessage(v string) *ExportImageTask { return s } +// SetTags sets the Tags field's value. +func (s *ExportImageTask) SetTags(v []*Tag) *ExportImageTask { + s.Tags = v + return s +} + // Describes an instance export task. type ExportTask struct { _ struct{} `type:"structure"` @@ -71189,6 +77279,7 @@ type ExportTask struct { // The status message related to the export task. StatusMessage *string `locationName:"statusMessage" type:"string"` + // The tags for the export task. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -71248,7 +77339,7 @@ func (s *ExportTask) SetTags(v []*Tag) *ExportTask { type ExportTaskS3Location struct { _ struct{} `type:"structure"` - // The destination S3 bucket. + // The destination Amazon S3 bucket. S3Bucket *string `locationName:"s3Bucket" type:"string"` // The prefix (logical hierarchy) in the bucket. @@ -71281,7 +77372,7 @@ func (s *ExportTaskS3Location) SetS3Prefix(v string) *ExportTaskS3Location { type ExportTaskS3LocationRequest struct { _ struct{} `type:"structure"` - // The destination S3 bucket. + // The destination Amazon S3 bucket. // // S3Bucket is a required field S3Bucket *string `type:"string" required:"true"` @@ -71336,8 +77427,8 @@ type ExportToS3Task struct { // The format for the exported image. DiskImageFormat *string `locationName:"diskImageFormat" type:"string" enum:"DiskImageFormat"` - // The S3 bucket for the destination image. The destination bucket must exist - // and grant WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com. + // The Amazon S3 bucket for the destination image. The destination bucket must + // exist and grant WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com. S3Bucket *string `locationName:"s3Bucket" type:"string"` // The encryption key for your S3 bucket. @@ -71389,12 +77480,12 @@ type ExportToS3TaskSpecification struct { // The format for the exported image. DiskImageFormat *string `locationName:"diskImageFormat" type:"string" enum:"DiskImageFormat"` - // The S3 bucket for the destination image. The destination bucket must exist - // and grant WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com. + // The Amazon S3 bucket for the destination image. The destination bucket must + // exist and grant WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com. S3Bucket *string `locationName:"s3Bucket" type:"string"` - // The image is written to a single object in the S3 bucket at the S3 key s3prefix - // + exportTaskId + '.' + diskImageFormat. + // The image is written to a single object in the Amazon S3 bucket at the S3 + // key s3prefix + exportTaskId + '.' + diskImageFormat. S3Prefix *string `locationName:"s3Prefix" type:"string"` } @@ -71461,13 +77552,11 @@ type ExportTransitGatewayRoutesInput struct { // routes in your route table and you specify supernet-of-match as 10.0.1.0/30, // then the result returns 10.0.1.0/29. // - // * state - The state of the attachment (available | deleted | deleting - // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected - // | rejecting). + // * state - The state of the route (active | blackhole). // // * transit-gateway-route-destination-cidr-block - The CIDR range. // - // * type - The type of route (active | blackhole). + // * type - The type of route (propagated | static). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The name of the S3 bucket. @@ -71587,6 +77676,74 @@ func (s *FailedQueuedPurchaseDeletion) SetReservedInstancesId(v string) *FailedQ return s } +// Describes the IAM SAML identity providers used for federated authentication. +type FederatedAuthentication struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the IAM SAML identity provider. + SamlProviderArn *string `locationName:"samlProviderArn" type:"string"` + + // The Amazon Resource Name (ARN) of the IAM SAML identity provider for the + // self-service portal. + SelfServiceSamlProviderArn *string `locationName:"selfServiceSamlProviderArn" type:"string"` +} + +// String returns the string representation +func (s FederatedAuthentication) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FederatedAuthentication) GoString() string { + return s.String() +} + +// SetSamlProviderArn sets the SamlProviderArn field's value. +func (s *FederatedAuthentication) SetSamlProviderArn(v string) *FederatedAuthentication { + s.SamlProviderArn = &v + return s +} + +// SetSelfServiceSamlProviderArn sets the SelfServiceSamlProviderArn field's value. +func (s *FederatedAuthentication) SetSelfServiceSamlProviderArn(v string) *FederatedAuthentication { + s.SelfServiceSamlProviderArn = &v + return s +} + +// The IAM SAML identity provider used for federated authentication. +type FederatedAuthenticationRequest struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the IAM SAML identity provider. + SAMLProviderArn *string `type:"string"` + + // The Amazon Resource Name (ARN) of the IAM SAML identity provider for the + // self-service portal. + SelfServiceSAMLProviderArn *string `type:"string"` +} + +// String returns the string representation +func (s FederatedAuthenticationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FederatedAuthenticationRequest) GoString() string { + return s.String() +} + +// SetSAMLProviderArn sets the SAMLProviderArn field's value. +func (s *FederatedAuthenticationRequest) SetSAMLProviderArn(v string) *FederatedAuthenticationRequest { + s.SAMLProviderArn = &v + return s +} + +// SetSelfServiceSAMLProviderArn sets the SelfServiceSAMLProviderArn field's value. +func (s *FederatedAuthenticationRequest) SetSelfServiceSAMLProviderArn(v string) *FederatedAuthenticationRequest { + s.SelfServiceSAMLProviderArn = &v + return s +} + // A filter name and value pair that is used to return a more specific list // of results from a describe operation. Filters can be used to match a set // of resources by specific criteria, such as tags, attributes, or IDs. The @@ -72057,7 +78214,9 @@ type FleetLaunchTemplateOverridesRequest struct { // override has the lowest priority. Priority *float64 `type:"double"` - // The ID of the subnet in which to launch the instances. + // The IDs of the subnets in which to launch the instances. Separate multiple + // subnet IDs using commas (for example, subnet-1234abcdeexample1, subnet-0987cdef6example2). + // A request of type instant can have only one subnet ID. SubnetId *string `type:"string"` // The number of units provided by the specified instance type. @@ -72116,19 +78275,30 @@ func (s *FleetLaunchTemplateOverridesRequest) SetWeightedCapacity(v float64) *Fl return s } -// Describes a launch template. +// Describes the Amazon EC2 launch template and the launch template version +// that can be used by a Spot Fleet request to configure Amazon EC2 instances. +// For information about launch templates, see Launching an instance from a +// launch template (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html) +// in the Amazon EC2 User Guide for Linux Instances. type FleetLaunchTemplateSpecification struct { _ struct{} `type:"structure"` - // The ID of the launch template. You must specify either a template ID or a - // template name. + // The ID of the launch template. If you specify the template ID, you can't + // specify the template name. LaunchTemplateId *string `locationName:"launchTemplateId" type:"string"` - // The name of the launch template. You must specify either a template name - // or a template ID. + // The name of the launch template. If you specify the template name, you can't + // specify the template ID. LaunchTemplateName *string `locationName:"launchTemplateName" min:"3" type:"string"` - // The version number of the launch template. You must specify a version number. + // The launch template version number, $Latest, or $Default. You must specify + // a value, otherwise the request fails. + // + // If the value is $Latest, Amazon EC2 uses the latest version of the launch + // template. + // + // If the value is $Default, Amazon EC2 uses the default version of the launch + // template. Version *string `locationName:"version" type:"string"` } @@ -72173,19 +78343,30 @@ func (s *FleetLaunchTemplateSpecification) SetVersion(v string) *FleetLaunchTemp return s } -// The launch template to use. You must specify either the launch template ID -// or launch template name in the request. +// Describes the Amazon EC2 launch template and the launch template version +// that can be used by an EC2 Fleet to configure Amazon EC2 instances. For information +// about launch templates, see Launching an instance from a launch template +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html) +// in the Amazon Elastic Compute Cloud User Guide. type FleetLaunchTemplateSpecificationRequest struct { _ struct{} `type:"structure"` - // The ID of the launch template. + // The ID of the launch template. If you specify the template ID, you can't + // specify the template name. LaunchTemplateId *string `type:"string"` - // The name of the launch template. + // The name of the launch template. If you specify the template name, you can't + // specify the template ID. LaunchTemplateName *string `min:"3" type:"string"` - // The version number of the launch template. Note: This is a required parameter - // and will be updated soon. + // The launch template version number, $Latest, or $Default. You must specify + // a value, otherwise the request fails. + // + // If the value is $Latest, Amazon EC2 uses the latest version of the launch + // template. + // + // If the value is $Default, Amazon EC2 uses the default version of the launch + // template. Version *string `type:"string"` } @@ -72230,6 +78411,126 @@ func (s *FleetLaunchTemplateSpecificationRequest) SetVersion(v string) *FleetLau return s } +// The strategy to use when Amazon EC2 emits a signal that your Spot Instance +// is at an elevated risk of being interrupted. +type FleetSpotCapacityRebalance struct { + _ struct{} `type:"structure"` + + // To allow EC2 Fleet to launch a replacement Spot Instance when an instance + // rebalance notification is emitted for an existing Spot Instance in the fleet, + // specify launch. Only available for fleets of type maintain. + // + // When a replacement instance is launched, the instance marked for rebalance + // is not automatically terminated. You can terminate it, or you can wait until + // Amazon EC2 interrupts it. You are charged for both instances while they are + // running. + ReplacementStrategy *string `locationName:"replacementStrategy" type:"string" enum:"FleetReplacementStrategy"` +} + +// String returns the string representation +func (s FleetSpotCapacityRebalance) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FleetSpotCapacityRebalance) GoString() string { + return s.String() +} + +// SetReplacementStrategy sets the ReplacementStrategy field's value. +func (s *FleetSpotCapacityRebalance) SetReplacementStrategy(v string) *FleetSpotCapacityRebalance { + s.ReplacementStrategy = &v + return s +} + +// The Spot Instance replacement strategy to use when Amazon EC2 emits a signal +// that your Spot Instance is at an elevated risk of being interrupted. For +// more information, see Capacity rebalancing (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-configuration-strategies.html#ec2-fleet-capacity-rebalance) +// in the Amazon Elastic Compute Cloud User Guide. +type FleetSpotCapacityRebalanceRequest struct { + _ struct{} `type:"structure"` + + // The replacement strategy to use. Only available for fleets of type maintain. + // + // To allow EC2 Fleet to launch a replacement Spot Instance when an instance + // rebalance notification is emitted for an existing Spot Instance in the fleet, + // specify launch. You must specify a value, otherwise you get an error. + // + // When a replacement instance is launched, the instance marked for rebalance + // is not automatically terminated. You can terminate it, or you can wait until + // Amazon EC2 interrupts it. You are charged for all instances while they are + // running. + ReplacementStrategy *string `type:"string" enum:"FleetReplacementStrategy"` +} + +// String returns the string representation +func (s FleetSpotCapacityRebalanceRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FleetSpotCapacityRebalanceRequest) GoString() string { + return s.String() +} + +// SetReplacementStrategy sets the ReplacementStrategy field's value. +func (s *FleetSpotCapacityRebalanceRequest) SetReplacementStrategy(v string) *FleetSpotCapacityRebalanceRequest { + s.ReplacementStrategy = &v + return s +} + +// The strategies for managing your Spot Instances that are at an elevated risk +// of being interrupted. +type FleetSpotMaintenanceStrategies struct { + _ struct{} `type:"structure"` + + // The strategy to use when Amazon EC2 emits a signal that your Spot Instance + // is at an elevated risk of being interrupted. + CapacityRebalance *FleetSpotCapacityRebalance `locationName:"capacityRebalance" type:"structure"` +} + +// String returns the string representation +func (s FleetSpotMaintenanceStrategies) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FleetSpotMaintenanceStrategies) GoString() string { + return s.String() +} + +// SetCapacityRebalance sets the CapacityRebalance field's value. +func (s *FleetSpotMaintenanceStrategies) SetCapacityRebalance(v *FleetSpotCapacityRebalance) *FleetSpotMaintenanceStrategies { + s.CapacityRebalance = v + return s +} + +// The strategies for managing your Spot Instances that are at an elevated risk +// of being interrupted. +type FleetSpotMaintenanceStrategiesRequest struct { + _ struct{} `type:"structure"` + + // The strategy to use when Amazon EC2 emits a signal that your Spot Instance + // is at an elevated risk of being interrupted. + CapacityRebalance *FleetSpotCapacityRebalanceRequest `type:"structure"` +} + +// String returns the string representation +func (s FleetSpotMaintenanceStrategiesRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FleetSpotMaintenanceStrategiesRequest) GoString() string { + return s.String() +} + +// SetCapacityRebalance sets the CapacityRebalance field's value. +func (s *FleetSpotMaintenanceStrategiesRequest) SetCapacityRebalance(v *FleetSpotCapacityRebalanceRequest) *FleetSpotMaintenanceStrategiesRequest { + s.CapacityRebalance = v + return s +} + // Describes a flow log. type FlowLog struct { _ struct{} `type:"structure"` @@ -72275,9 +78576,22 @@ type FlowLog struct { // The name of the flow log group. LogGroupName *string `locationName:"logGroupName" type:"string"` + // The maximum interval of time, in seconds, during which a flow of packets + // is captured and aggregated into a flow log record. + // + // When a network interface is attached to a Nitro-based instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances), + // the aggregation interval is always 60 seconds (1 minute) or less, regardless + // of the specified value. + // + // Valid Values: 60 | 600 + MaxAggregationInterval *int64 `locationName:"maxAggregationInterval" type:"integer"` + // The ID of the resource on which the flow log was created. ResourceId *string `locationName:"resourceId" type:"string"` + // The tags for the flow log. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + // The type of traffic captured for the flow log. TrafficType *string `locationName:"trafficType" type:"string" enum:"TrafficType"` } @@ -72352,12 +78666,24 @@ func (s *FlowLog) SetLogGroupName(v string) *FlowLog { return s } +// SetMaxAggregationInterval sets the MaxAggregationInterval field's value. +func (s *FlowLog) SetMaxAggregationInterval(v int64) *FlowLog { + s.MaxAggregationInterval = &v + return s +} + // SetResourceId sets the ResourceId field's value. func (s *FlowLog) SetResourceId(v string) *FlowLog { s.ResourceId = &v return s } +// SetTags sets the Tags field's value. +func (s *FlowLog) SetTags(v []*Tag) *FlowLog { + s.Tags = v + return s +} + // SetTrafficType sets the TrafficType field's value. func (s *FlowLog) SetTrafficType(v string) *FlowLog { s.TrafficType = &v @@ -72419,7 +78745,7 @@ func (s *FpgaDeviceInfo) SetName(v string) *FpgaDeviceInfo { type FpgaDeviceMemoryInfo struct { _ struct{} `type:"structure"` - // The size (in MiB) for the memory available to the FPGA accelerator. + // The size of the memory available to the FPGA accelerator, in MiB. SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` } @@ -72724,6 +79050,183 @@ func (s *FpgaInfo) SetTotalFpgaMemoryInMiB(v int64) *FpgaInfo { return s } +type GetAssociatedEnclaveCertificateIamRolesInput struct { + _ struct{} `type:"structure"` + + // The ARN of the ACM certificate for which to view the associated IAM roles, + // encryption keys, and Amazon S3 object information. + CertificateArn *string `min:"1" type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s GetAssociatedEnclaveCertificateIamRolesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetAssociatedEnclaveCertificateIamRolesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetAssociatedEnclaveCertificateIamRolesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetAssociatedEnclaveCertificateIamRolesInput"} + if s.CertificateArn != nil && len(*s.CertificateArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCertificateArn sets the CertificateArn field's value. +func (s *GetAssociatedEnclaveCertificateIamRolesInput) SetCertificateArn(v string) *GetAssociatedEnclaveCertificateIamRolesInput { + s.CertificateArn = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *GetAssociatedEnclaveCertificateIamRolesInput) SetDryRun(v bool) *GetAssociatedEnclaveCertificateIamRolesInput { + s.DryRun = &v + return s +} + +type GetAssociatedEnclaveCertificateIamRolesOutput struct { + _ struct{} `type:"structure"` + + // Information about the associated IAM roles. + AssociatedRoles []*AssociatedRole `locationName:"associatedRoleSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s GetAssociatedEnclaveCertificateIamRolesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetAssociatedEnclaveCertificateIamRolesOutput) GoString() string { + return s.String() +} + +// SetAssociatedRoles sets the AssociatedRoles field's value. +func (s *GetAssociatedEnclaveCertificateIamRolesOutput) SetAssociatedRoles(v []*AssociatedRole) *GetAssociatedEnclaveCertificateIamRolesOutput { + s.AssociatedRoles = v + return s +} + +type GetAssociatedIpv6PoolCidrsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the IPv6 address pool. + // + // PoolId is a required field + PoolId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s GetAssociatedIpv6PoolCidrsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetAssociatedIpv6PoolCidrsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetAssociatedIpv6PoolCidrsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetAssociatedIpv6PoolCidrsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.PoolId == nil { + invalidParams.Add(request.NewErrParamRequired("PoolId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetAssociatedIpv6PoolCidrsInput) SetDryRun(v bool) *GetAssociatedIpv6PoolCidrsInput { + s.DryRun = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetAssociatedIpv6PoolCidrsInput) SetMaxResults(v int64) *GetAssociatedIpv6PoolCidrsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetAssociatedIpv6PoolCidrsInput) SetNextToken(v string) *GetAssociatedIpv6PoolCidrsInput { + s.NextToken = &v + return s +} + +// SetPoolId sets the PoolId field's value. +func (s *GetAssociatedIpv6PoolCidrsInput) SetPoolId(v string) *GetAssociatedIpv6PoolCidrsInput { + s.PoolId = &v + return s +} + +type GetAssociatedIpv6PoolCidrsOutput struct { + _ struct{} `type:"structure"` + + // Information about the IPv6 CIDR block associations. + Ipv6CidrAssociations []*Ipv6CidrAssociation `locationName:"ipv6CidrAssociationSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s GetAssociatedIpv6PoolCidrsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetAssociatedIpv6PoolCidrsOutput) GoString() string { + return s.String() +} + +// SetIpv6CidrAssociations sets the Ipv6CidrAssociations field's value. +func (s *GetAssociatedIpv6PoolCidrsOutput) SetIpv6CidrAssociations(v []*Ipv6CidrAssociation) *GetAssociatedIpv6PoolCidrsOutput { + s.Ipv6CidrAssociations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetAssociatedIpv6PoolCidrsOutput) SetNextToken(v string) *GetAssociatedIpv6PoolCidrsOutput { + s.NextToken = &v + return s +} + type GetCapacityReservationUsageInput struct { _ struct{} `type:"structure"` @@ -72740,12 +79243,13 @@ type GetCapacityReservationUsageInput struct { // The maximum number of results to return for the request in a single page. // The remaining results can be seen by sending another request with the returned - // nextToken value. + // nextToken value. This value can be between 5 and 500. If maxResults is given + // a larger value than 500, you receive an error. // // Valid range: Minimum value of 1. Maximum value of 1000. MaxResults *int64 `min:"1" type:"integer"` - // The token to retrieve the next page of results. + // The token to use to retrieve the next page of results. NextToken *string `type:"string"` } @@ -73392,6 +79896,114 @@ func (s *GetEbsEncryptionByDefaultOutput) SetEbsEncryptionByDefault(v bool) *Get return s } +type GetGroupsForCapacityReservationInput struct { + _ struct{} `type:"structure"` + + // The ID of the Capacity Reservation. + // + // CapacityReservationId is a required field + CapacityReservationId *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum number of results to return for the request in a single page. + // The remaining results can be seen by sending another request with the returned + // nextToken value. This value can be between 5 and 500. If maxResults is given + // a larger value than 500, you receive an error. + MaxResults *int64 `min:"1" type:"integer"` + + // The token to use to retrieve the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetGroupsForCapacityReservationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetGroupsForCapacityReservationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetGroupsForCapacityReservationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetGroupsForCapacityReservationInput"} + if s.CapacityReservationId == nil { + invalidParams.Add(request.NewErrParamRequired("CapacityReservationId")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCapacityReservationId sets the CapacityReservationId field's value. +func (s *GetGroupsForCapacityReservationInput) SetCapacityReservationId(v string) *GetGroupsForCapacityReservationInput { + s.CapacityReservationId = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *GetGroupsForCapacityReservationInput) SetDryRun(v bool) *GetGroupsForCapacityReservationInput { + s.DryRun = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetGroupsForCapacityReservationInput) SetMaxResults(v int64) *GetGroupsForCapacityReservationInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetGroupsForCapacityReservationInput) SetNextToken(v string) *GetGroupsForCapacityReservationInput { + s.NextToken = &v + return s +} + +type GetGroupsForCapacityReservationOutput struct { + _ struct{} `type:"structure"` + + // Information about the resource groups to which the Capacity Reservation has + // been added. + CapacityReservationGroups []*CapacityReservationGroup `locationName:"capacityReservationGroupSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s GetGroupsForCapacityReservationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetGroupsForCapacityReservationOutput) GoString() string { + return s.String() +} + +// SetCapacityReservationGroups sets the CapacityReservationGroups field's value. +func (s *GetGroupsForCapacityReservationOutput) SetCapacityReservationGroups(v []*CapacityReservationGroup) *GetGroupsForCapacityReservationOutput { + s.CapacityReservationGroups = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetGroupsForCapacityReservationOutput) SetNextToken(v string) *GetGroupsForCapacityReservationOutput { + s.NextToken = &v + return s +} + type GetHostReservationPurchasePreviewInput struct { _ struct{} `type:"structure"` @@ -73569,6 +80181,226 @@ func (s *GetLaunchTemplateDataOutput) SetLaunchTemplateData(v *ResponseLaunchTem return s } +type GetManagedPrefixListAssociationsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the prefix list. + // + // PrefixListId is a required field + PrefixListId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s GetManagedPrefixListAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetManagedPrefixListAssociationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetManagedPrefixListAssociationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetManagedPrefixListAssociationsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + if s.PrefixListId == nil { + invalidParams.Add(request.NewErrParamRequired("PrefixListId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetManagedPrefixListAssociationsInput) SetDryRun(v bool) *GetManagedPrefixListAssociationsInput { + s.DryRun = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetManagedPrefixListAssociationsInput) SetMaxResults(v int64) *GetManagedPrefixListAssociationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetManagedPrefixListAssociationsInput) SetNextToken(v string) *GetManagedPrefixListAssociationsInput { + s.NextToken = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *GetManagedPrefixListAssociationsInput) SetPrefixListId(v string) *GetManagedPrefixListAssociationsInput { + s.PrefixListId = &v + return s +} + +type GetManagedPrefixListAssociationsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about the associations. + PrefixListAssociations []*PrefixListAssociation `locationName:"prefixListAssociationSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s GetManagedPrefixListAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetManagedPrefixListAssociationsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *GetManagedPrefixListAssociationsOutput) SetNextToken(v string) *GetManagedPrefixListAssociationsOutput { + s.NextToken = &v + return s +} + +// SetPrefixListAssociations sets the PrefixListAssociations field's value. +func (s *GetManagedPrefixListAssociationsOutput) SetPrefixListAssociations(v []*PrefixListAssociation) *GetManagedPrefixListAssociationsOutput { + s.PrefixListAssociations = v + return s +} + +type GetManagedPrefixListEntriesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the prefix list. + // + // PrefixListId is a required field + PrefixListId *string `type:"string" required:"true"` + + // The version of the prefix list for which to return the entries. The default + // is the current version. + TargetVersion *int64 `type:"long"` +} + +// String returns the string representation +func (s GetManagedPrefixListEntriesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetManagedPrefixListEntriesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetManagedPrefixListEntriesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetManagedPrefixListEntriesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.PrefixListId == nil { + invalidParams.Add(request.NewErrParamRequired("PrefixListId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetManagedPrefixListEntriesInput) SetDryRun(v bool) *GetManagedPrefixListEntriesInput { + s.DryRun = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetManagedPrefixListEntriesInput) SetMaxResults(v int64) *GetManagedPrefixListEntriesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetManagedPrefixListEntriesInput) SetNextToken(v string) *GetManagedPrefixListEntriesInput { + s.NextToken = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *GetManagedPrefixListEntriesInput) SetPrefixListId(v string) *GetManagedPrefixListEntriesInput { + s.PrefixListId = &v + return s +} + +// SetTargetVersion sets the TargetVersion field's value. +func (s *GetManagedPrefixListEntriesInput) SetTargetVersion(v int64) *GetManagedPrefixListEntriesInput { + s.TargetVersion = &v + return s +} + +type GetManagedPrefixListEntriesOutput struct { + _ struct{} `type:"structure"` + + // Information about the prefix list entries. + Entries []*PrefixListEntry `locationName:"entrySet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s GetManagedPrefixListEntriesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetManagedPrefixListEntriesOutput) GoString() string { + return s.String() +} + +// SetEntries sets the Entries field's value. +func (s *GetManagedPrefixListEntriesOutput) SetEntries(v []*PrefixListEntry) *GetManagedPrefixListEntriesOutput { + s.Entries = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetManagedPrefixListEntriesOutput) SetNextToken(v string) *GetManagedPrefixListEntriesOutput { + s.NextToken = &v + return s +} + type GetPasswordDataInput struct { _ struct{} `type:"structure"` @@ -74065,6 +80897,137 @@ func (s *GetTransitGatewayMulticastDomainAssociationsOutput) SetNextToken(v stri return s } +type GetTransitGatewayPrefixListReferencesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * attachment.resource-id - The ID of the resource for the attachment. + // + // * attachment.resource-type - The type of resource for the attachment. + // Valid values are vpc | vpn | direct-connect-gateway | peering. + // + // * attachment.transit-gateway-attachment-id - The ID of the attachment. + // + // * is-blackhole - Whether traffic matching the route is blocked (true | + // false). + // + // * prefix-list-id - The ID of the prefix list. + // + // * prefix-list-owner-id - The ID of the owner of the prefix list. + // + // * state - The state of the prefix list reference (pending | available + // | modifying | deleting). + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the transit gateway route table. + // + // TransitGatewayRouteTableId is a required field + TransitGatewayRouteTableId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s GetTransitGatewayPrefixListReferencesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetTransitGatewayPrefixListReferencesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetTransitGatewayPrefixListReferencesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetTransitGatewayPrefixListReferencesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + if s.TransitGatewayRouteTableId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayRouteTableId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetTransitGatewayPrefixListReferencesInput) SetDryRun(v bool) *GetTransitGatewayPrefixListReferencesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetTransitGatewayPrefixListReferencesInput) SetFilters(v []*Filter) *GetTransitGatewayPrefixListReferencesInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetTransitGatewayPrefixListReferencesInput) SetMaxResults(v int64) *GetTransitGatewayPrefixListReferencesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetTransitGatewayPrefixListReferencesInput) SetNextToken(v string) *GetTransitGatewayPrefixListReferencesInput { + s.NextToken = &v + return s +} + +// SetTransitGatewayRouteTableId sets the TransitGatewayRouteTableId field's value. +func (s *GetTransitGatewayPrefixListReferencesInput) SetTransitGatewayRouteTableId(v string) *GetTransitGatewayPrefixListReferencesInput { + s.TransitGatewayRouteTableId = &v + return s +} + +type GetTransitGatewayPrefixListReferencesOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about the prefix list references. + TransitGatewayPrefixListReferences []*TransitGatewayPrefixListReference `locationName:"transitGatewayPrefixListReferenceSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s GetTransitGatewayPrefixListReferencesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetTransitGatewayPrefixListReferencesOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *GetTransitGatewayPrefixListReferencesOutput) SetNextToken(v string) *GetTransitGatewayPrefixListReferencesOutput { + s.NextToken = &v + return s +} + +// SetTransitGatewayPrefixListReferences sets the TransitGatewayPrefixListReferences field's value. +func (s *GetTransitGatewayPrefixListReferencesOutput) SetTransitGatewayPrefixListReferences(v []*TransitGatewayPrefixListReference) *GetTransitGatewayPrefixListReferencesOutput { + s.TransitGatewayPrefixListReferences = v + return s +} + type GetTransitGatewayRouteTableAssociationsInput struct { _ struct{} `type:"structure"` @@ -74078,7 +81041,8 @@ type GetTransitGatewayRouteTableAssociationsInput struct { // // * resource-id - The ID of the resource. // - // * resource-type - The resource type (vpc | vpn). + // * resource-type - The resource type. Valid values are vpc | vpn | direct-connect-gateway + // | peering. // // * transit-gateway-attachment-id - The ID of the attachment. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -74198,7 +81162,8 @@ type GetTransitGatewayRouteTablePropagationsInput struct { // // * resource-id - The ID of the resource. // - // * resource-type - The resource type (vpc | vpn). + // * resource-type - The resource type. Valid values are vpc | vpn | direct-connect-gateway + // | peering. // // * transit-gateway-attachment-id - The ID of the attachment. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -74360,7 +81325,7 @@ func (s *GpuDeviceInfo) SetName(v string) *GpuDeviceInfo { type GpuDeviceMemoryInfo struct { _ struct{} `type:"structure"` - // The size (in MiB) for the memory available to the GPU accelerator. + // The size of the memory available to the GPU accelerator, in MiB. SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` } @@ -74387,7 +81352,8 @@ type GpuInfo struct { // Describes the GPU accelerators for the instance type. Gpus []*GpuDeviceInfo `locationName:"gpus" locationNameList:"item" type:"list"` - // The total size of the memory for the GPU accelerators for the instance type. + // The total size of the memory for the GPU accelerators for the instance type, + // in MiB. TotalGpuMemoryInMiB *int64 `locationName:"totalGpuMemoryInMiB" type:"integer"` } @@ -74448,7 +81414,7 @@ func (s *GroupIdentifier) SetGroupName(v string) *GroupIdentifier { // Indicates whether your instance is configured for hibernation. This parameter // is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). -// For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) +// For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. type HibernationOptions struct { _ struct{} `type:"structure"` @@ -74476,7 +81442,7 @@ func (s *HibernationOptions) SetConfigured(v bool) *HibernationOptions { // Indicates whether your instance is configured for hibernation. This parameter // is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). -// For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) +// For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. type HibernationOptionsRequest struct { _ struct{} `type:"structure"` @@ -75398,6 +82364,11 @@ type Image struct { // This value is set to windows for Windows AMIs; otherwise, it is blank. Platform *string `locationName:"platform" type:"string" enum:"PlatformValues"` + // The platform details associated with the billing code of the AMI. For more + // information, see Obtaining Billing Information (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html) + // in the Amazon Elastic Compute Cloud User Guide. + PlatformDetails *string `locationName:"platformDetails" type:"string"` + // Any product codes associated with the AMI. ProductCodes []*ProductCode `locationName:"productCodes" locationNameList:"item" type:"list"` @@ -75431,6 +82402,14 @@ type Image struct { // Any tags assigned to the image. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + // The operation of the Amazon EC2 instance and the billing code that is associated + // with the AMI. usageOperation corresponds to the lineitem/Operation (https://docs.aws.amazon.com/cur/latest/userguide/Lineitem-columns.html#Lineitem-details-O-Operation) + // column on your AWS Cost and Usage Report and in the AWS Price List API (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/price-changes.html). + // For the list of UsageOperation codes, see Platform Details and Usage Operation + // Billing Codes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html#billing-info) + // in the Amazon Elastic Compute Cloud User Guide. + UsageOperation *string `locationName:"usageOperation" type:"string"` + // The type of virtualization of the AMI. VirtualizationType *string `locationName:"virtualizationType" type:"string" enum:"VirtualizationType"` } @@ -75529,6 +82508,12 @@ func (s *Image) SetPlatform(v string) *Image { return s } +// SetPlatformDetails sets the PlatformDetails field's value. +func (s *Image) SetPlatformDetails(v string) *Image { + s.PlatformDetails = &v + return s +} + // SetProductCodes sets the ProductCodes field's value. func (s *Image) SetProductCodes(v []*ProductCode) *Image { s.ProductCodes = v @@ -75583,6 +82568,12 @@ func (s *Image) SetTags(v []*Tag) *Image { return s } +// SetUsageOperation sets the UsageOperation field's value. +func (s *Image) SetUsageOperation(v string) *Image { + s.UsageOperation = &v + return s +} + // SetVirtualizationType sets the VirtualizationType field's value. func (s *Image) SetVirtualizationType(v string) *Image { s.VirtualizationType = &v @@ -75601,7 +82592,7 @@ type ImageDiskContainer struct { // The format of the disk image being imported. // - // Valid values: VHD | VMDK | OVA + // Valid values: OVA | VHD | VHDX |VMDK Format *string `type:"string"` // The ID of the EBS snapshot to be used for importing the snapshot. @@ -75843,6 +82834,9 @@ type ImportImageInput struct { // The name of the role to use when not using the default role, 'vmimport'. RoleName *string `type:"string"` + + // The tags to apply to the image being imported. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -75933,6 +82927,12 @@ func (s *ImportImageInput) SetRoleName(v string) *ImportImageInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *ImportImageInput) SetTagSpecifications(v []*TagSpecification) *ImportImageInput { + s.TagSpecifications = v + return s +} + // The request information of license configurations. type ImportImageLicenseConfigurationRequest struct { _ struct{} `type:"structure"` @@ -75990,7 +82990,7 @@ type ImportImageOutput struct { // A description of the import task. Description *string `locationName:"description" type:"string"` - // Indicates whether the AMI is encypted. + // Indicates whether the AMI is encrypted. Encrypted *bool `locationName:"encrypted" type:"boolean"` // The target hypervisor of the import task. @@ -76026,6 +83026,9 @@ type ImportImageOutput struct { // A detailed status message of the import task. StatusMessage *string `locationName:"statusMessage" type:"string"` + + // Any tags assigned to the image being imported. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -76122,6 +83125,12 @@ func (s *ImportImageOutput) SetStatusMessage(v string) *ImportImageOutput { return s } +// SetTags sets the Tags field's value. +func (s *ImportImageOutput) SetTags(v []*Tag) *ImportImageOutput { + s.Tags = v + return s +} + // Describes an import image task. type ImportImageTask struct { _ struct{} `type:"structure"` @@ -76174,7 +83183,7 @@ type ImportImageTask struct { // A descriptive status message for the import image task. StatusMessage *string `locationName:"statusMessage" type:"string"` - // Any tags applied to the import image task. + // The tags for the import image task. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -76655,6 +83664,9 @@ type ImportKeyPairInput struct { // // PublicKeyMaterial is a required field PublicKeyMaterial []byte `locationName:"publicKeyMaterial" type:"blob" required:"true"` + + // The tags to apply to the imported key pair. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -76701,6 +83713,12 @@ func (s *ImportKeyPairInput) SetPublicKeyMaterial(v []byte) *ImportKeyPairInput return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *ImportKeyPairInput) SetTagSpecifications(v []*TagSpecification) *ImportKeyPairInput { + s.TagSpecifications = v + return s +} + type ImportKeyPairOutput struct { _ struct{} `type:"structure"` @@ -76709,6 +83727,12 @@ type ImportKeyPairOutput struct { // The key pair name you provided. KeyName *string `locationName:"keyName" type:"string"` + + // The ID of the resulting key pair. + KeyPairId *string `locationName:"keyPairId" type:"string"` + + // The tags applied to the imported key pair. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -76733,6 +83757,18 @@ func (s *ImportKeyPairOutput) SetKeyName(v string) *ImportKeyPairOutput { return s } +// SetKeyPairId sets the KeyPairId field's value. +func (s *ImportKeyPairOutput) SetKeyPairId(v string) *ImportKeyPairOutput { + s.KeyPairId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *ImportKeyPairOutput) SetTags(v []*Tag) *ImportKeyPairOutput { + s.Tags = v + return s +} + type ImportSnapshotInput struct { _ struct{} `type:"structure"` @@ -76795,6 +83831,9 @@ type ImportSnapshotInput struct { // The name of the role to use when not using the default role, 'vmimport'. RoleName *string `type:"string"` + + // The tags to apply to the snapshot being imported. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -76855,6 +83894,12 @@ func (s *ImportSnapshotInput) SetRoleName(v string) *ImportSnapshotInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *ImportSnapshotInput) SetTagSpecifications(v []*TagSpecification) *ImportSnapshotInput { + s.TagSpecifications = v + return s +} + type ImportSnapshotOutput struct { _ struct{} `type:"structure"` @@ -76866,6 +83911,9 @@ type ImportSnapshotOutput struct { // Information about the import snapshot task. SnapshotTaskDetail *SnapshotTaskDetail `locationName:"snapshotTaskDetail" type:"structure"` + + // Any tags assigned to the snapshot being imported. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -76896,6 +83944,12 @@ func (s *ImportSnapshotOutput) SetSnapshotTaskDetail(v *SnapshotTaskDetail) *Imp return s } +// SetTags sets the Tags field's value. +func (s *ImportSnapshotOutput) SetTags(v []*Tag) *ImportSnapshotOutput { + s.Tags = v + return s +} + // Describes an import snapshot task. type ImportSnapshotTask struct { _ struct{} `type:"structure"` @@ -76909,7 +83963,7 @@ type ImportSnapshotTask struct { // Describes an import snapshot task. SnapshotTaskDetail *SnapshotTaskDetail `locationName:"snapshotTaskDetail" type:"structure"` - // Any tags applied to the import snapshot task. + // The tags for the import snapshot task. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -77235,10 +84289,14 @@ type Instance struct { // Specifies whether enhanced networking with ENA is enabled. EnaSupport *bool `locationName:"enaSupport" type:"boolean"` + // Indicates whether the instance is enabled for AWS Nitro Enclaves. + EnclaveOptions *EnclaveOptions `locationName:"enclaveOptions" type:"structure"` + // Indicates whether the instance is enabled for hibernation. HibernationOptions *HibernationOptions `locationName:"hibernationOptions" type:"structure"` - // The hypervisor type of the instance. + // The hypervisor type of the instance. The value xen is used for both Xen and + // Nitro hypervisors. Hypervisor *string `locationName:"hypervisor" type:"string" enum:"HypervisorType"` // The IAM instance profile associated with the instance, if applicable. @@ -77308,7 +84366,11 @@ type Instance struct { // name is only available if you've enabled DNS hostnames for your VPC. PublicDnsName *string `locationName:"dnsName" type:"string"` - // The public IPv4 address assigned to the instance, if applicable. + // The public IPv4 address, or the Carrier IP address assigned to the instance, + // if applicable. + // + // A Carrier IP address only applies to an instance launched in a subnet associated + // with a Wavelength Zone. PublicIpAddress *string `locationName:"ipAddress" type:"string"` // The RAM disk associated with this instance, if applicable. @@ -77437,6 +84499,12 @@ func (s *Instance) SetEnaSupport(v bool) *Instance { return s } +// SetEnclaveOptions sets the EnclaveOptions field's value. +func (s *Instance) SetEnclaveOptions(v *EnclaveOptions) *Instance { + s.EnclaveOptions = v + return s +} + // SetHibernationOptions sets the HibernationOptions field's value. func (s *Instance) SetHibernationOptions(v *HibernationOptions) *Instance { s.HibernationOptions = v @@ -78373,6 +85441,9 @@ func (s *InstanceNetworkInterface) SetVpcId(v string) *InstanceNetworkInterface type InstanceNetworkInterfaceAssociation struct { _ struct{} `type:"structure"` + // The carrier IP address associated with the network interface. + CarrierIp *string `locationName:"carrierIp" type:"string"` + // The ID of the owner of the Elastic IP address. IpOwnerId *string `locationName:"ipOwnerId" type:"string"` @@ -78393,6 +85464,12 @@ func (s InstanceNetworkInterfaceAssociation) GoString() string { return s.String() } +// SetCarrierIp sets the CarrierIp field's value. +func (s *InstanceNetworkInterfaceAssociation) SetCarrierIp(v string) *InstanceNetworkInterfaceAssociation { + s.CarrierIp = &v + return s +} + // SetIpOwnerId sets the IpOwnerId field's value. func (s *InstanceNetworkInterfaceAssociation) SetIpOwnerId(v string) *InstanceNetworkInterfaceAssociation { s.IpOwnerId = &v @@ -78427,6 +85504,9 @@ type InstanceNetworkInterfaceAttachment struct { // The index of the device on the instance for the network interface attachment. DeviceIndex *int64 `locationName:"deviceIndex" type:"integer"` + // The index of the network card. + NetworkCardIndex *int64 `locationName:"networkCardIndex" type:"integer"` + // The attachment state. Status *string `locationName:"status" type:"string" enum:"AttachmentStatus"` } @@ -78465,6 +85545,12 @@ func (s *InstanceNetworkInterfaceAttachment) SetDeviceIndex(v int64) *InstanceNe return s } +// SetNetworkCardIndex sets the NetworkCardIndex field's value. +func (s *InstanceNetworkInterfaceAttachment) SetNetworkCardIndex(v int64) *InstanceNetworkInterfaceAttachment { + s.NetworkCardIndex = &v + return s +} + // SetStatus sets the Status field's value. func (s *InstanceNetworkInterfaceAttachment) SetStatus(v string) *InstanceNetworkInterfaceAttachment { s.Status = &v @@ -78475,6 +85561,13 @@ func (s *InstanceNetworkInterfaceAttachment) SetStatus(v string) *InstanceNetwor type InstanceNetworkInterfaceSpecification struct { _ struct{} `type:"structure"` + // Indicates whether to assign a carrier IP address to the network interface. + // + // You can only assign a carrier IP address to a network interface that is in + // a subnet in a Wavelength Zone. For more information about carrier IP addresses, + // see Carrier IP addresses in the AWS Wavelength Developer Guide. + AssociateCarrierIpAddress *bool `type:"boolean"` + // Indicates whether to assign a public IPv4 address to an instance you launch // in a VPC. The public IP address can only be assigned to a network interface // for eth0, and can only be assigned to a new network interface, not an existing @@ -78502,8 +85595,10 @@ type InstanceNetworkInterfaceSpecification struct { // creating a network interface when launching an instance. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` - // The type of network interface. To create an Elastic Fabric Adapter (EFA), - // specify efa. For more information, see Elastic Fabric Adapter (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) + // The type of network interface. + // + // To create an Elastic Fabric Adapter (EFA), specify efa. For more information, + // see Elastic Fabric Adapter (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) // in the Amazon Elastic Compute Cloud User Guide. // // If you are not creating an EFA, specify interface or omit this parameter. @@ -78524,7 +85619,15 @@ type InstanceNetworkInterfaceSpecification struct { // number of instances to launch. Ipv6Addresses []*InstanceIpv6Address `locationName:"ipv6AddressesSet" queryName:"Ipv6Addresses" locationNameList:"item" type:"list"` + // The index of the network card. Some instance types support multiple network + // cards. The primary network interface must be assigned to network card index + // 0. The default is network card index 0. + NetworkCardIndex *int64 `type:"integer"` + // The ID of the network interface. + // + // If you are creating a Spot Fleet, omit this parameter because you can’t + // specify a network interface ID in a launch specification. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` // The private IPv4 address of the network interface. Applies only if creating @@ -78562,6 +85665,12 @@ func (s InstanceNetworkInterfaceSpecification) GoString() string { return s.String() } +// SetAssociateCarrierIpAddress sets the AssociateCarrierIpAddress field's value. +func (s *InstanceNetworkInterfaceSpecification) SetAssociateCarrierIpAddress(v bool) *InstanceNetworkInterfaceSpecification { + s.AssociateCarrierIpAddress = &v + return s +} + // SetAssociatePublicIpAddress sets the AssociatePublicIpAddress field's value. func (s *InstanceNetworkInterfaceSpecification) SetAssociatePublicIpAddress(v bool) *InstanceNetworkInterfaceSpecification { s.AssociatePublicIpAddress = &v @@ -78610,6 +85719,12 @@ func (s *InstanceNetworkInterfaceSpecification) SetIpv6Addresses(v []*InstanceIp return s } +// SetNetworkCardIndex sets the NetworkCardIndex field's value. +func (s *InstanceNetworkInterfaceSpecification) SetNetworkCardIndex(v int64) *InstanceNetworkInterfaceSpecification { + s.NetworkCardIndex = &v + return s +} + // SetNetworkInterfaceId sets the NetworkInterfaceId field's value. func (s *InstanceNetworkInterfaceSpecification) SetNetworkInterfaceId(v string) *InstanceNetworkInterfaceSpecification { s.NetworkInterfaceId = &v @@ -79060,9 +86175,13 @@ func (s *InstanceStatusSummary) SetStatus(v string) *InstanceStatusSummary { type InstanceStorageInfo struct { _ struct{} `type:"structure"` - // Array describing the disks that are available for the instance type. + // Describes the disks that are available for the instance type. Disks []*DiskInfo `locationName:"disks" locationNameList:"item" type:"list"` + // Indicates whether non-volatile memory express (NVMe) is supported for instance + // store. + NvmeSupport *string `locationName:"nvmeSupport" type:"string" enum:"EphemeralNvmeSupport"` + // The total size of the disks, in GB. TotalSizeInGB *int64 `locationName:"totalSizeInGB" type:"long"` } @@ -79083,12 +86202,53 @@ func (s *InstanceStorageInfo) SetDisks(v []*DiskInfo) *InstanceStorageInfo { return s } +// SetNvmeSupport sets the NvmeSupport field's value. +func (s *InstanceStorageInfo) SetNvmeSupport(v string) *InstanceStorageInfo { + s.NvmeSupport = &v + return s +} + // SetTotalSizeInGB sets the TotalSizeInGB field's value. func (s *InstanceStorageInfo) SetTotalSizeInGB(v int64) *InstanceStorageInfo { s.TotalSizeInGB = &v return s } +// Describes the registered tag keys for the current Region. +type InstanceTagNotificationAttribute struct { + _ struct{} `type:"structure"` + + // Indicates wheter all tag keys in the current Region are registered to appear + // in scheduled event notifications. true indicates that all tag keys in the + // current Region are registered. + IncludeAllTagsOfInstance *bool `locationName:"includeAllTagsOfInstance" type:"boolean"` + + // The registered tag keys. + InstanceTagKeys []*string `locationName:"instanceTagKeySet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s InstanceTagNotificationAttribute) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceTagNotificationAttribute) GoString() string { + return s.String() +} + +// SetIncludeAllTagsOfInstance sets the IncludeAllTagsOfInstance field's value. +func (s *InstanceTagNotificationAttribute) SetIncludeAllTagsOfInstance(v bool) *InstanceTagNotificationAttribute { + s.IncludeAllTagsOfInstance = &v + return s +} + +// SetInstanceTagKeys sets the InstanceTagKeys field's value. +func (s *InstanceTagNotificationAttribute) SetInstanceTagKeys(v []*string) *InstanceTagNotificationAttribute { + s.InstanceTagKeys = v + return s +} + // Describes the instance type. type InstanceTypeInfo struct { _ struct{} `type:"structure"` @@ -79096,13 +86256,13 @@ type InstanceTypeInfo struct { // Indicates whether auto recovery is supported. AutoRecoverySupported *bool `locationName:"autoRecoverySupported" type:"boolean"` - // Indicates whether the instance is bare metal. + // Indicates whether the instance is a bare metal instance type. BareMetal *bool `locationName:"bareMetal" type:"boolean"` // Indicates whether the instance type is a burstable performance instance type. BurstablePerformanceSupported *bool `locationName:"burstablePerformanceSupported" type:"boolean"` - // Indicates whether the instance type is a current generation. + // Indicates whether the instance type is current generation. CurrentGeneration *bool `locationName:"currentGeneration" type:"boolean"` // Indicates whether Dedicated Hosts are supported on the instance type. @@ -79123,13 +86283,13 @@ type InstanceTypeInfo struct { // Indicates whether On-Demand hibernation is supported. HibernationSupported *bool `locationName:"hibernationSupported" type:"boolean"` - // Indicates the hypervisor used for the instance type. + // The hypervisor for the instance type. Hypervisor *string `locationName:"hypervisor" type:"string" enum:"InstanceTypeHypervisor"` // Describes the Inference accelerator settings for the instance type. InferenceAcceleratorInfo *InferenceAcceleratorInfo `locationName:"inferenceAcceleratorInfo" type:"structure"` - // Describes the disks for the instance type. + // Describes the instance storage for the instance type. InstanceStorageInfo *InstanceStorageInfo `locationName:"instanceStorageInfo" type:"structure"` // Indicates whether instance storage is supported. @@ -79151,12 +86311,15 @@ type InstanceTypeInfo struct { // Describes the processor. ProcessorInfo *ProcessorInfo `locationName:"processorInfo" type:"structure"` - // Indicates the supported root device types. + // The supported root device types. SupportedRootDeviceTypes []*string `locationName:"supportedRootDeviceTypes" locationNameList:"item" type:"list"` // Indicates whether the instance type is offered for spot or On-Demand. SupportedUsageClasses []*string `locationName:"supportedUsageClasses" locationNameList:"item" type:"list"` + // The supported virtualization types. + SupportedVirtualizationTypes []*string `locationName:"supportedVirtualizationTypes" locationNameList:"item" type:"list"` + // Describes the vCPU configurations for the instance type. VCpuInfo *VCpuInfo `locationName:"vCpuInfo" type:"structure"` } @@ -79297,6 +86460,12 @@ func (s *InstanceTypeInfo) SetSupportedUsageClasses(v []*string) *InstanceTypeIn return s } +// SetSupportedVirtualizationTypes sets the SupportedVirtualizationTypes field's value. +func (s *InstanceTypeInfo) SetSupportedVirtualizationTypes(v []*string) *InstanceTypeInfo { + s.SupportedVirtualizationTypes = v + return s +} + // SetVCpuInfo sets the VCpuInfo field's value. func (s *InstanceTypeInfo) SetVCpuInfo(v *VCpuInfo) *InstanceTypeInfo { s.VCpuInfo = v @@ -79493,9 +86662,7 @@ type IpPermission struct { // [VPC only] The IPv6 ranges. Ipv6Ranges []*Ipv6Range `locationName:"ipv6Ranges" locationNameList:"item" type:"list"` - // [VPC only] The prefix list IDs for an AWS service. With outbound rules, this - // is the AWS service to access through a VPC endpoint from instances associated - // with the security group. + // [VPC only] The prefix list IDs. PrefixListIds []*PrefixListId `locationName:"prefixListIds" locationNameList:"item" type:"list"` // The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. @@ -79597,6 +86764,39 @@ func (s *IpRange) SetDescription(v string) *IpRange { return s } +// Describes an IPv6 CIDR block association. +type Ipv6CidrAssociation struct { + _ struct{} `type:"structure"` + + // The resource that's associated with the IPv6 CIDR block. + AssociatedResource *string `locationName:"associatedResource" type:"string"` + + // The IPv6 CIDR block. + Ipv6Cidr *string `locationName:"ipv6Cidr" type:"string"` +} + +// String returns the string representation +func (s Ipv6CidrAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Ipv6CidrAssociation) GoString() string { + return s.String() +} + +// SetAssociatedResource sets the AssociatedResource field's value. +func (s *Ipv6CidrAssociation) SetAssociatedResource(v string) *Ipv6CidrAssociation { + s.AssociatedResource = &v + return s +} + +// SetIpv6Cidr sets the Ipv6Cidr field's value. +func (s *Ipv6CidrAssociation) SetIpv6Cidr(v string) *Ipv6CidrAssociation { + s.Ipv6Cidr = &v + return s +} + // Describes an IPv6 CIDR block. type Ipv6CidrBlock struct { _ struct{} `type:"structure"` @@ -79621,6 +86821,57 @@ func (s *Ipv6CidrBlock) SetIpv6CidrBlock(v string) *Ipv6CidrBlock { return s } +// Describes an IPv6 address pool. +type Ipv6Pool struct { + _ struct{} `type:"structure"` + + // The description for the address pool. + Description *string `locationName:"description" type:"string"` + + // The CIDR blocks for the address pool. + PoolCidrBlocks []*PoolCidrBlock `locationName:"poolCidrBlockSet" locationNameList:"item" type:"list"` + + // The ID of the address pool. + PoolId *string `locationName:"poolId" type:"string"` + + // Any tags for the address pool. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s Ipv6Pool) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Ipv6Pool) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *Ipv6Pool) SetDescription(v string) *Ipv6Pool { + s.Description = &v + return s +} + +// SetPoolCidrBlocks sets the PoolCidrBlocks field's value. +func (s *Ipv6Pool) SetPoolCidrBlocks(v []*PoolCidrBlock) *Ipv6Pool { + s.PoolCidrBlocks = v + return s +} + +// SetPoolId sets the PoolId field's value. +func (s *Ipv6Pool) SetPoolId(v string) *Ipv6Pool { + s.PoolId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Ipv6Pool) SetTags(v []*Tag) *Ipv6Pool { + s.Tags = v + return s +} + // [EC2-VPC only] Describes an IPv6 range. type Ipv6Range struct { _ struct{} `type:"structure"` @@ -80198,7 +87449,7 @@ func (s *LaunchTemplateBlockDeviceMappingRequest) SetVirtualName(v string) *Laun // to configure the instance to run in On-Demand capacity or to run in any open // Capacity Reservation that has matching attributes (instance type, platform, // Availability Zone). Use the CapacityReservationTarget parameter to explicitly -// target a specific Capacity Reservation. +// target a specific Capacity Reservation or a Capacity Reservation group. type LaunchTemplateCapacityReservationSpecificationRequest struct { _ struct{} `type:"structure"` @@ -80212,7 +87463,8 @@ type LaunchTemplateCapacityReservationSpecificationRequest struct { // one is available. The instance runs in On-Demand capacity. CapacityReservationPreference *string `type:"string" enum:"CapacityReservationPreference"` - // Information about the target Capacity Reservation. + // Information about the target Capacity Reservation or Capacity Reservation + // group. CapacityReservationTarget *CapacityReservationTarget `type:"structure"` } @@ -80252,7 +87504,8 @@ type LaunchTemplateCapacityReservationSpecificationResponse struct { // one is available. The instance runs in On-Demand capacity. CapacityReservationPreference *string `locationName:"capacityReservationPreference" type:"string" enum:"CapacityReservationPreference"` - // Information about the target Capacity Reservation. + // Information about the target Capacity Reservation or Capacity Reservation + // group. CapacityReservationTarget *CapacityReservationTargetResponse `locationName:"capacityReservationTarget" type:"structure"` } @@ -80485,16 +87738,15 @@ type LaunchTemplateEbsBlockDeviceRequest struct { // a volume from a snapshot, you can't specify an encryption value. Encrypted *bool `type:"boolean"` - // The number of I/O operations per second (IOPS) that the volume supports. - // For io1, this represents the number of IOPS that are provisioned for the - // volume. For gp2, this represents the baseline performance of the volume and - // the rate at which the volume accumulates I/O credits for bursting. For more - // information about General Purpose SSD baseline performance, I/O credits, - // and bursting, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // The number of I/O operations per second (IOPS) to provision for an io1 or + // io2 volume, with a maximum ratio of 50 IOPS/GiB for io1, and 500 IOPS/GiB + // for io2. Range is 100 to 64,000 IOPS for volumes in most Regions. Maximum + // IOPS of 64,000 is guaranteed only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // Other instance families guarantee performance up to 32,000 IOPS. For more + // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // - // Condition: This parameter is required for requests to create io1 volumes; - // it is not used in requests to create gp2, st1, sc1, or standard volumes. + // This parameter is valid only for Provisioned IOPS SSD (io1 and io2) volumes. Iops *int64 `type:"integer"` // The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for @@ -80656,6 +87908,57 @@ func (s *LaunchTemplateElasticInferenceAcceleratorResponse) SetType(v string) *L return s } +// Indicates whether the instance is enabled for AWS Nitro Enclaves. +type LaunchTemplateEnclaveOptions struct { + _ struct{} `type:"structure"` + + // If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; + // otherwise, it is not enabled for AWS Nitro Enclaves. + Enabled *bool `locationName:"enabled" type:"boolean"` +} + +// String returns the string representation +func (s LaunchTemplateEnclaveOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LaunchTemplateEnclaveOptions) GoString() string { + return s.String() +} + +// SetEnabled sets the Enabled field's value. +func (s *LaunchTemplateEnclaveOptions) SetEnabled(v bool) *LaunchTemplateEnclaveOptions { + s.Enabled = &v + return s +} + +// Indicates whether the instance is enabled for AWS Nitro Enclaves. For more +// information, see What is AWS Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) +// in the AWS Nitro Enclaves User Guide. +type LaunchTemplateEnclaveOptionsRequest struct { + _ struct{} `type:"structure"` + + // To enable the instance for AWS Nitro Enclaves, set this parameter to true. + Enabled *bool `type:"boolean"` +} + +// String returns the string representation +func (s LaunchTemplateEnclaveOptionsRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LaunchTemplateEnclaveOptionsRequest) GoString() string { + return s.String() +} + +// SetEnabled sets the Enabled field's value. +func (s *LaunchTemplateEnclaveOptionsRequest) SetEnabled(v bool) *LaunchTemplateEnclaveOptionsRequest { + s.Enabled = &v + return s +} + // Indicates whether an instance is configured for hibernation. type LaunchTemplateHibernationOptions struct { _ struct{} `type:"structure"` @@ -80988,6 +88291,15 @@ func (s *LaunchTemplateInstanceMetadataOptionsRequest) SetHttpTokens(v string) * type LaunchTemplateInstanceNetworkInterfaceSpecification struct { _ struct{} `type:"structure"` + // Indicates whether to associate a Carrier IP address with eth0 for a new network + // interface. + // + // Use this option when you launch an instance in a Wavelength Zone and want + // to associate a Carrier IP address with the network interface. For more information + // about Carrier IP addresses, see Carrier IP addresses (https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) + // in the AWS Wavelength Developer Guide. + AssociateCarrierIpAddress *bool `locationName:"associateCarrierIpAddress" type:"boolean"` + // Indicates whether to associate a public IPv4 address with eth0 for a new // network interface. AssociatePublicIpAddress *bool `locationName:"associatePublicIpAddress" type:"boolean"` @@ -81013,6 +88325,9 @@ type LaunchTemplateInstanceNetworkInterfaceSpecification struct { // The IPv6 addresses for the network interface. Ipv6Addresses []*InstanceIpv6Address `locationName:"ipv6AddressesSet" locationNameList:"item" type:"list"` + // The index of the network card. + NetworkCardIndex *int64 `locationName:"networkCardIndex" type:"integer"` + // The ID of the network interface. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` @@ -81039,6 +88354,12 @@ func (s LaunchTemplateInstanceNetworkInterfaceSpecification) GoString() string { return s.String() } +// SetAssociateCarrierIpAddress sets the AssociateCarrierIpAddress field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetAssociateCarrierIpAddress(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecification { + s.AssociateCarrierIpAddress = &v + return s +} + // SetAssociatePublicIpAddress sets the AssociatePublicIpAddress field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetAssociatePublicIpAddress(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecification { s.AssociatePublicIpAddress = &v @@ -81087,6 +88408,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetIpv6Addresses(v return s } +// SetNetworkCardIndex sets the NetworkCardIndex field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetNetworkCardIndex(v int64) *LaunchTemplateInstanceNetworkInterfaceSpecification { + s.NetworkCardIndex = &v + return s +} + // SetNetworkInterfaceId sets the NetworkInterfaceId field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetNetworkInterfaceId(v string) *LaunchTemplateInstanceNetworkInterfaceSpecification { s.NetworkInterfaceId = &v @@ -81121,6 +88448,14 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetSubnetId(v stri type LaunchTemplateInstanceNetworkInterfaceSpecificationRequest struct { _ struct{} `type:"structure"` + // Associates a Carrier IP address with eth0 for a new network interface. + // + // Use this option when you launch an instance in a Wavelength Zone and want + // to associate a Carrier IP address with the network interface. For more information + // about Carrier IP addresses, see Carrier IP addresses (https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) + // in the AWS Wavelength Developer Guide. + AssociateCarrierIpAddress *bool `type:"boolean"` + // Associates a public IPv4 address with eth0 for a new network interface. AssociatePublicIpAddress *bool `type:"boolean"` @@ -81154,6 +88489,11 @@ type LaunchTemplateInstanceNetworkInterfaceSpecificationRequest struct { // subnet. You can't use this option if you're specifying a number of IPv6 addresses. Ipv6Addresses []*InstanceIpv6AddressRequest `locationNameList:"InstanceIpv6Address" type:"list"` + // The index of the network card. Some instance types support multiple network + // cards. The primary network interface must be assigned to network card index + // 0. The default is network card index 0. + NetworkCardIndex *int64 `type:"integer"` + // The ID of the network interface. NetworkInterfaceId *string `type:"string"` @@ -81180,6 +88520,12 @@ func (s LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) GoString() s return s.String() } +// SetAssociateCarrierIpAddress sets the AssociateCarrierIpAddress field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetAssociateCarrierIpAddress(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { + s.AssociateCarrierIpAddress = &v + return s +} + // SetAssociatePublicIpAddress sets the AssociatePublicIpAddress field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetAssociatePublicIpAddress(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { s.AssociatePublicIpAddress = &v @@ -81228,6 +88574,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetIpv6Addr return s } +// SetNetworkCardIndex sets the NetworkCardIndex field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetNetworkCardIndex(v int64) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { + s.NetworkCardIndex = &v + return s +} + // SetNetworkInterfaceId sets the NetworkInterfaceId field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetNetworkInterfaceId(v string) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { s.NetworkInterfaceId = &v @@ -82152,7 +89504,7 @@ type LocalGateway struct { // The Amazon Resource Name (ARN) of the Outpost. OutpostArn *string `locationName:"outpostArn" type:"string"` - // The ID of the AWS account ID that owns the local gateway. + // The AWS account ID that owns the local gateway. OwnerId *string `locationName:"ownerId" type:"string"` // The state of the local gateway. @@ -82209,12 +89561,18 @@ type LocalGatewayRoute struct { // The CIDR block used for destination matches. DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` + // The Amazon Resource Name (ARN) of the local gateway route table. + LocalGatewayRouteTableArn *string `locationName:"localGatewayRouteTableArn" min:"1" type:"string"` + // The ID of the local gateway route table. LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` // The ID of the virtual interface group. LocalGatewayVirtualInterfaceGroupId *string `locationName:"localGatewayVirtualInterfaceGroupId" type:"string"` + // The AWS account ID that owns the local gateway route. + OwnerId *string `locationName:"ownerId" type:"string"` + // The state of the route. State *string `locationName:"state" type:"string" enum:"LocalGatewayRouteState"` @@ -82238,6 +89596,12 @@ func (s *LocalGatewayRoute) SetDestinationCidrBlock(v string) *LocalGatewayRoute return s } +// SetLocalGatewayRouteTableArn sets the LocalGatewayRouteTableArn field's value. +func (s *LocalGatewayRoute) SetLocalGatewayRouteTableArn(v string) *LocalGatewayRoute { + s.LocalGatewayRouteTableArn = &v + return s +} + // SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. func (s *LocalGatewayRoute) SetLocalGatewayRouteTableId(v string) *LocalGatewayRoute { s.LocalGatewayRouteTableId = &v @@ -82250,6 +89614,12 @@ func (s *LocalGatewayRoute) SetLocalGatewayVirtualInterfaceGroupId(v string) *Lo return s } +// SetOwnerId sets the OwnerId field's value. +func (s *LocalGatewayRoute) SetOwnerId(v string) *LocalGatewayRoute { + s.OwnerId = &v + return s +} + // SetState sets the State field's value. func (s *LocalGatewayRoute) SetState(v string) *LocalGatewayRoute { s.State = &v @@ -82269,12 +89639,18 @@ type LocalGatewayRouteTable struct { // The ID of the local gateway. LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + // The Amazon Resource Name (ARN) of the local gateway route table. + LocalGatewayRouteTableArn *string `locationName:"localGatewayRouteTableArn" min:"1" type:"string"` + // The ID of the local gateway route table. LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` // The Amazon Resource Name (ARN) of the Outpost. OutpostArn *string `locationName:"outpostArn" type:"string"` + // The AWS account ID that owns the local gateway route table. + OwnerId *string `locationName:"ownerId" type:"string"` + // The state of the local gateway route table. State *string `locationName:"state" type:"string"` @@ -82298,6 +89674,12 @@ func (s *LocalGatewayRouteTable) SetLocalGatewayId(v string) *LocalGatewayRouteT return s } +// SetLocalGatewayRouteTableArn sets the LocalGatewayRouteTableArn field's value. +func (s *LocalGatewayRouteTable) SetLocalGatewayRouteTableArn(v string) *LocalGatewayRouteTable { + s.LocalGatewayRouteTableArn = &v + return s +} + // SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. func (s *LocalGatewayRouteTable) SetLocalGatewayRouteTableId(v string) *LocalGatewayRouteTable { s.LocalGatewayRouteTableId = &v @@ -82310,6 +89692,12 @@ func (s *LocalGatewayRouteTable) SetOutpostArn(v string) *LocalGatewayRouteTable return s } +// SetOwnerId sets the OwnerId field's value. +func (s *LocalGatewayRouteTable) SetOwnerId(v string) *LocalGatewayRouteTable { + s.OwnerId = &v + return s +} + // SetState sets the State field's value. func (s *LocalGatewayRouteTable) SetState(v string) *LocalGatewayRouteTable { s.State = &v @@ -82330,6 +89718,10 @@ type LocalGatewayRouteTableVirtualInterfaceGroupAssociation struct { // The ID of the local gateway. LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + // The Amazon Resource Name (ARN) of the local gateway route table for the virtual + // interface group. + LocalGatewayRouteTableArn *string `locationName:"localGatewayRouteTableArn" min:"1" type:"string"` + // The ID of the local gateway route table. LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` @@ -82339,6 +89731,9 @@ type LocalGatewayRouteTableVirtualInterfaceGroupAssociation struct { // The ID of the virtual interface group. LocalGatewayVirtualInterfaceGroupId *string `locationName:"localGatewayVirtualInterfaceGroupId" type:"string"` + // The AWS account ID that owns the local gateway virtual interface group association. + OwnerId *string `locationName:"ownerId" type:"string"` + // The state of the association. State *string `locationName:"state" type:"string"` @@ -82362,6 +89757,12 @@ func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetLocalGateway return s } +// SetLocalGatewayRouteTableArn sets the LocalGatewayRouteTableArn field's value. +func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetLocalGatewayRouteTableArn(v string) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { + s.LocalGatewayRouteTableArn = &v + return s +} + // SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetLocalGatewayRouteTableId(v string) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { s.LocalGatewayRouteTableId = &v @@ -82380,6 +89781,12 @@ func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetLocalGateway return s } +// SetOwnerId sets the OwnerId field's value. +func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetOwnerId(v string) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { + s.OwnerId = &v + return s +} + // SetState sets the State field's value. func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetState(v string) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { s.State = &v @@ -82399,12 +89806,18 @@ type LocalGatewayRouteTableVpcAssociation struct { // The ID of the local gateway. LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + // The Amazon Resource Name (ARN) of the local gateway route table for the association. + LocalGatewayRouteTableArn *string `locationName:"localGatewayRouteTableArn" min:"1" type:"string"` + // The ID of the local gateway route table. LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` // The ID of the association. LocalGatewayRouteTableVpcAssociationId *string `locationName:"localGatewayRouteTableVpcAssociationId" type:"string"` + // The AWS account ID that owns the local gateway route table for the association. + OwnerId *string `locationName:"ownerId" type:"string"` + // The state of the association. State *string `locationName:"state" type:"string"` @@ -82431,6 +89844,12 @@ func (s *LocalGatewayRouteTableVpcAssociation) SetLocalGatewayId(v string) *Loca return s } +// SetLocalGatewayRouteTableArn sets the LocalGatewayRouteTableArn field's value. +func (s *LocalGatewayRouteTableVpcAssociation) SetLocalGatewayRouteTableArn(v string) *LocalGatewayRouteTableVpcAssociation { + s.LocalGatewayRouteTableArn = &v + return s +} + // SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. func (s *LocalGatewayRouteTableVpcAssociation) SetLocalGatewayRouteTableId(v string) *LocalGatewayRouteTableVpcAssociation { s.LocalGatewayRouteTableId = &v @@ -82443,6 +89862,12 @@ func (s *LocalGatewayRouteTableVpcAssociation) SetLocalGatewayRouteTableVpcAssoc return s } +// SetOwnerId sets the OwnerId field's value. +func (s *LocalGatewayRouteTableVpcAssociation) SetOwnerId(v string) *LocalGatewayRouteTableVpcAssociation { + s.OwnerId = &v + return s +} + // SetState sets the State field's value. func (s *LocalGatewayRouteTableVpcAssociation) SetState(v string) *LocalGatewayRouteTableVpcAssociation { s.State = &v @@ -82478,6 +89903,9 @@ type LocalGatewayVirtualInterface struct { // The ID of the virtual interface. LocalGatewayVirtualInterfaceId *string `locationName:"localGatewayVirtualInterfaceId" type:"string"` + // The AWS account ID that owns the local gateway virtual interface. + OwnerId *string `locationName:"ownerId" type:"string"` + // The peer address. PeerAddress *string `locationName:"peerAddress" type:"string"` @@ -82525,6 +89953,12 @@ func (s *LocalGatewayVirtualInterface) SetLocalGatewayVirtualInterfaceId(v strin return s } +// SetOwnerId sets the OwnerId field's value. +func (s *LocalGatewayVirtualInterface) SetOwnerId(v string) *LocalGatewayVirtualInterface { + s.OwnerId = &v + return s +} + // SetPeerAddress sets the PeerAddress field's value. func (s *LocalGatewayVirtualInterface) SetPeerAddress(v string) *LocalGatewayVirtualInterface { s.PeerAddress = &v @@ -82562,6 +89996,9 @@ type LocalGatewayVirtualInterfaceGroup struct { // The IDs of the virtual interfaces. LocalGatewayVirtualInterfaceIds []*string `locationName:"localGatewayVirtualInterfaceIdSet" locationNameList:"item" type:"list"` + // The AWS account ID that owns the local gateway virtual interface group. + OwnerId *string `locationName:"ownerId" type:"string"` + // The tags assigned to the virtual interface group. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -82594,17 +90031,128 @@ func (s *LocalGatewayVirtualInterfaceGroup) SetLocalGatewayVirtualInterfaceIds(v return s } +// SetOwnerId sets the OwnerId field's value. +func (s *LocalGatewayVirtualInterfaceGroup) SetOwnerId(v string) *LocalGatewayVirtualInterfaceGroup { + s.OwnerId = &v + return s +} + // SetTags sets the Tags field's value. func (s *LocalGatewayVirtualInterfaceGroup) SetTags(v []*Tag) *LocalGatewayVirtualInterfaceGroup { s.Tags = v return s } +// Describes a managed prefix list. +type ManagedPrefixList struct { + _ struct{} `type:"structure"` + + // The IP address version. + AddressFamily *string `locationName:"addressFamily" type:"string"` + + // The maximum number of entries for the prefix list. + MaxEntries *int64 `locationName:"maxEntries" type:"integer"` + + // The ID of the owner of the prefix list. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The Amazon Resource Name (ARN) for the prefix list. + PrefixListArn *string `locationName:"prefixListArn" min:"1" type:"string"` + + // The ID of the prefix list. + PrefixListId *string `locationName:"prefixListId" type:"string"` + + // The name of the prefix list. + PrefixListName *string `locationName:"prefixListName" type:"string"` + + // The state of the prefix list. + State *string `locationName:"state" type:"string" enum:"PrefixListState"` + + // The state message. + StateMessage *string `locationName:"stateMessage" type:"string"` + + // The tags for the prefix list. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The version of the prefix list. + Version *int64 `locationName:"version" type:"long"` +} + +// String returns the string representation +func (s ManagedPrefixList) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ManagedPrefixList) GoString() string { + return s.String() +} + +// SetAddressFamily sets the AddressFamily field's value. +func (s *ManagedPrefixList) SetAddressFamily(v string) *ManagedPrefixList { + s.AddressFamily = &v + return s +} + +// SetMaxEntries sets the MaxEntries field's value. +func (s *ManagedPrefixList) SetMaxEntries(v int64) *ManagedPrefixList { + s.MaxEntries = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *ManagedPrefixList) SetOwnerId(v string) *ManagedPrefixList { + s.OwnerId = &v + return s +} + +// SetPrefixListArn sets the PrefixListArn field's value. +func (s *ManagedPrefixList) SetPrefixListArn(v string) *ManagedPrefixList { + s.PrefixListArn = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *ManagedPrefixList) SetPrefixListId(v string) *ManagedPrefixList { + s.PrefixListId = &v + return s +} + +// SetPrefixListName sets the PrefixListName field's value. +func (s *ManagedPrefixList) SetPrefixListName(v string) *ManagedPrefixList { + s.PrefixListName = &v + return s +} + +// SetState sets the State field's value. +func (s *ManagedPrefixList) SetState(v string) *ManagedPrefixList { + s.State = &v + return s +} + +// SetStateMessage sets the StateMessage field's value. +func (s *ManagedPrefixList) SetStateMessage(v string) *ManagedPrefixList { + s.StateMessage = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *ManagedPrefixList) SetTags(v []*Tag) *ManagedPrefixList { + s.Tags = v + return s +} + +// SetVersion sets the Version field's value. +func (s *ManagedPrefixList) SetVersion(v int64) *ManagedPrefixList { + s.Version = &v + return s +} + // Describes the memory for the instance type. type MemoryInfo struct { _ struct{} `type:"structure"` - // Size of the memory, in MiB. + // The size of the memory, in MiB. SizeInMiB *int64 `locationName:"sizeInMiB" type:"long"` } @@ -82624,6 +90172,97 @@ func (s *MemoryInfo) SetSizeInMiB(v int64) *MemoryInfo { return s } +type ModifyAvailabilityZoneGroupInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The name of the Availability Zone group, Local Zone group, or Wavelength + // Zone group. + // + // GroupName is a required field + GroupName *string `type:"string" required:"true"` + + // Indicates whether you are opted in to the Local Zone group or Wavelength + // Zone group. The only valid value is opted-in. You must contact AWS Support + // (https://console.aws.amazon.com/support/home#/case/create%3FissueType=customer-service%26serviceCode=general-info%26getting-started%26categoryCode=using-aws%26services) + // to opt out of a Local Zone group, or Wavelength Zone group. + // + // OptInStatus is a required field + OptInStatus *string `type:"string" required:"true" enum:"ModifyAvailabilityZoneOptInStatus"` +} + +// String returns the string representation +func (s ModifyAvailabilityZoneGroupInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyAvailabilityZoneGroupInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyAvailabilityZoneGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyAvailabilityZoneGroupInput"} + if s.GroupName == nil { + invalidParams.Add(request.NewErrParamRequired("GroupName")) + } + if s.OptInStatus == nil { + invalidParams.Add(request.NewErrParamRequired("OptInStatus")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyAvailabilityZoneGroupInput) SetDryRun(v bool) *ModifyAvailabilityZoneGroupInput { + s.DryRun = &v + return s +} + +// SetGroupName sets the GroupName field's value. +func (s *ModifyAvailabilityZoneGroupInput) SetGroupName(v string) *ModifyAvailabilityZoneGroupInput { + s.GroupName = &v + return s +} + +// SetOptInStatus sets the OptInStatus field's value. +func (s *ModifyAvailabilityZoneGroupInput) SetOptInStatus(v string) *ModifyAvailabilityZoneGroupInput { + s.OptInStatus = &v + return s +} + +type ModifyAvailabilityZoneGroupOutput struct { + _ struct{} `type:"structure"` + + // Is true if the request succeeds, and an error otherwise. + Return *bool `locationName:"return" type:"boolean"` +} + +// String returns the string representation +func (s ModifyAvailabilityZoneGroupOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyAvailabilityZoneGroupOutput) GoString() string { + return s.String() +} + +// SetReturn sets the Return field's value. +func (s *ModifyAvailabilityZoneGroupOutput) SetReturn(v bool) *ModifyAvailabilityZoneGroupOutput { + s.Return = &v + return s +} + type ModifyCapacityReservationInput struct { _ struct{} `type:"structure"` @@ -82744,6 +90383,9 @@ func (s *ModifyCapacityReservationOutput) SetReturn(v bool) *ModifyCapacityReser type ModifyClientVpnEndpointInput struct { _ struct{} `type:"structure"` + // The options for managing connection authorization for new client connections. + ClientConnectOptions *ClientConnectOptions `type:"structure"` + // The ID of the Client VPN endpoint to modify. // // ClientVpnEndpointId is a required field @@ -82776,6 +90418,12 @@ type ModifyClientVpnEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + // The IDs of one or more security groups to apply to the target network. + SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"` + + // Specify whether to enable the self-service portal for the Client VPN endpoint. + SelfServicePortal *string `type:"string" enum:"SelfServicePortal"` + // The ARN of the server certificate to be used. The server certificate must // be provisioned in AWS Certificate Manager (ACM). ServerCertificateArn *string `type:"string"` @@ -82786,6 +90434,16 @@ type ModifyClientVpnEndpointInput struct { // VPN Endpoint (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) // in the AWS Client VPN Administrator Guide. SplitTunnel *bool `type:"boolean"` + + // The ID of the VPC to associate with the Client VPN endpoint. + VpcId *string `type:"string"` + + // The port number to assign to the Client VPN endpoint for TCP and UDP traffic. + // + // Valid Values: 443 | 1194 + // + // Default Value: 443 + VpnPort *int64 `type:"integer"` } // String returns the string representation @@ -82811,6 +90469,12 @@ func (s *ModifyClientVpnEndpointInput) Validate() error { return nil } +// SetClientConnectOptions sets the ClientConnectOptions field's value. +func (s *ModifyClientVpnEndpointInput) SetClientConnectOptions(v *ClientConnectOptions) *ModifyClientVpnEndpointInput { + s.ClientConnectOptions = v + return s +} + // SetClientVpnEndpointId sets the ClientVpnEndpointId field's value. func (s *ModifyClientVpnEndpointInput) SetClientVpnEndpointId(v string) *ModifyClientVpnEndpointInput { s.ClientVpnEndpointId = &v @@ -82841,6 +90505,18 @@ func (s *ModifyClientVpnEndpointInput) SetDryRun(v bool) *ModifyClientVpnEndpoin return s } +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *ModifyClientVpnEndpointInput) SetSecurityGroupIds(v []*string) *ModifyClientVpnEndpointInput { + s.SecurityGroupIds = v + return s +} + +// SetSelfServicePortal sets the SelfServicePortal field's value. +func (s *ModifyClientVpnEndpointInput) SetSelfServicePortal(v string) *ModifyClientVpnEndpointInput { + s.SelfServicePortal = &v + return s +} + // SetServerCertificateArn sets the ServerCertificateArn field's value. func (s *ModifyClientVpnEndpointInput) SetServerCertificateArn(v string) *ModifyClientVpnEndpointInput { s.ServerCertificateArn = &v @@ -82853,6 +90529,18 @@ func (s *ModifyClientVpnEndpointInput) SetSplitTunnel(v bool) *ModifyClientVpnEn return s } +// SetVpcId sets the VpcId field's value. +func (s *ModifyClientVpnEndpointInput) SetVpcId(v string) *ModifyClientVpnEndpointInput { + s.VpcId = &v + return s +} + +// SetVpnPort sets the VpnPort field's value. +func (s *ModifyClientVpnEndpointInput) SetVpnPort(v int64) *ModifyClientVpnEndpointInput { + s.VpnPort = &v + return s +} + type ModifyClientVpnEndpointOutput struct { _ struct{} `type:"structure"` @@ -82981,11 +90669,11 @@ type ModifyEbsDefaultKmsKeyIdInput struct { // // You can specify the CMK using any of the following: // - // * Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. + // * Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab. // // * Key alias. For example, alias/ExampleAlias. // - // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab. // // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // @@ -83076,10 +90764,11 @@ type ModifyFleetInput struct { // FleetId is a required field FleetId *string `type:"string" required:"true"` + // The launch template and overrides. + LaunchTemplateConfigs []*FleetLaunchTemplateConfigRequest `locationName:"LaunchTemplateConfig" locationNameList:"item" type:"list"` + // The size of the EC2 Fleet. - // - // TargetCapacitySpecification is a required field - TargetCapacitySpecification *TargetCapacitySpecificationRequest `type:"structure" required:"true"` + TargetCapacitySpecification *TargetCapacitySpecificationRequest `type:"structure"` } // String returns the string representation @@ -83098,8 +90787,15 @@ func (s *ModifyFleetInput) Validate() error { if s.FleetId == nil { invalidParams.Add(request.NewErrParamRequired("FleetId")) } - if s.TargetCapacitySpecification == nil { - invalidParams.Add(request.NewErrParamRequired("TargetCapacitySpecification")) + if s.LaunchTemplateConfigs != nil { + for i, v := range s.LaunchTemplateConfigs { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "LaunchTemplateConfigs", i), err.(request.ErrInvalidParams)) + } + } } if s.TargetCapacitySpecification != nil { if err := s.TargetCapacitySpecification.Validate(); err != nil { @@ -83131,6 +90827,12 @@ func (s *ModifyFleetInput) SetFleetId(v string) *ModifyFleetInput { return s } +// SetLaunchTemplateConfigs sets the LaunchTemplateConfigs field's value. +func (s *ModifyFleetInput) SetLaunchTemplateConfigs(v []*FleetLaunchTemplateConfigRequest) *ModifyFleetInput { + s.LaunchTemplateConfigs = v + return s +} + // SetTargetCapacitySpecification sets the TargetCapacitySpecification field's value. func (s *ModifyFleetInput) SetTargetCapacitySpecification(v *TargetCapacitySpecificationRequest) *ModifyFleetInput { s.TargetCapacitySpecification = v @@ -83751,7 +91453,7 @@ type ModifyInstanceAttributeInput struct { // // To add instance store volumes to an Amazon EBS-backed instance, you must // add them when you launch the instance. For more information, see Updating - // the Block Device Mapping when Launching an Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#Using_OverridingAMIBDM) + // the block device mapping when launching an instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#Using_OverridingAMIBDM) // in the Amazon Elastic Compute Cloud User Guide. BlockDeviceMappings []*InstanceBlockDeviceMappingSpecification `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` @@ -83794,7 +91496,7 @@ type ModifyInstanceAttributeInput struct { InstanceInitiatedShutdownBehavior *AttributeValue `locationName:"instanceInitiatedShutdownBehavior" type:"structure"` // Changes the instance type to the specified value. For more information, see - // Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). + // Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). // If the instance type is not valid, the error returned is InvalidInstanceAttributeValue. InstanceType *AttributeValue `locationName:"instanceType" type:"structure"` @@ -84602,6 +92304,135 @@ func (s *ModifyLaunchTemplateOutput) SetLaunchTemplate(v *LaunchTemplate) *Modif return s } +type ModifyManagedPrefixListInput struct { + _ struct{} `type:"structure"` + + // One or more entries to add to the prefix list. + AddEntries []*AddPrefixListEntry `locationName:"AddEntry" type:"list"` + + // The current version of the prefix list. + CurrentVersion *int64 `type:"long"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the prefix list. + // + // PrefixListId is a required field + PrefixListId *string `type:"string" required:"true"` + + // A name for the prefix list. + PrefixListName *string `type:"string"` + + // One or more entries to remove from the prefix list. + RemoveEntries []*RemovePrefixListEntry `locationName:"RemoveEntry" type:"list"` +} + +// String returns the string representation +func (s ModifyManagedPrefixListInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyManagedPrefixListInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyManagedPrefixListInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyManagedPrefixListInput"} + if s.PrefixListId == nil { + invalidParams.Add(request.NewErrParamRequired("PrefixListId")) + } + if s.AddEntries != nil { + for i, v := range s.AddEntries { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "AddEntries", i), err.(request.ErrInvalidParams)) + } + } + } + if s.RemoveEntries != nil { + for i, v := range s.RemoveEntries { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "RemoveEntries", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAddEntries sets the AddEntries field's value. +func (s *ModifyManagedPrefixListInput) SetAddEntries(v []*AddPrefixListEntry) *ModifyManagedPrefixListInput { + s.AddEntries = v + return s +} + +// SetCurrentVersion sets the CurrentVersion field's value. +func (s *ModifyManagedPrefixListInput) SetCurrentVersion(v int64) *ModifyManagedPrefixListInput { + s.CurrentVersion = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyManagedPrefixListInput) SetDryRun(v bool) *ModifyManagedPrefixListInput { + s.DryRun = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *ModifyManagedPrefixListInput) SetPrefixListId(v string) *ModifyManagedPrefixListInput { + s.PrefixListId = &v + return s +} + +// SetPrefixListName sets the PrefixListName field's value. +func (s *ModifyManagedPrefixListInput) SetPrefixListName(v string) *ModifyManagedPrefixListInput { + s.PrefixListName = &v + return s +} + +// SetRemoveEntries sets the RemoveEntries field's value. +func (s *ModifyManagedPrefixListInput) SetRemoveEntries(v []*RemovePrefixListEntry) *ModifyManagedPrefixListInput { + s.RemoveEntries = v + return s +} + +type ModifyManagedPrefixListOutput struct { + _ struct{} `type:"structure"` + + // Information about the prefix list. + PrefixList *ManagedPrefixList `locationName:"prefixList" type:"structure"` +} + +// String returns the string representation +func (s ModifyManagedPrefixListOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyManagedPrefixListOutput) GoString() string { + return s.String() +} + +// SetPrefixList sets the PrefixList field's value. +func (s *ModifyManagedPrefixListOutput) SetPrefixList(v *ManagedPrefixList) *ModifyManagedPrefixListOutput { + s.PrefixList = v + return s +} + // Contains the parameters for ModifyNetworkInterfaceAttribute. type ModifyNetworkInterfaceAttributeInput struct { _ struct{} `type:"structure"` @@ -84917,6 +92748,12 @@ type ModifySpotFleetRequestInput struct { // the Spot Fleet. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"ExcessCapacityTerminationPolicy"` + // The launch template and overrides. You can only use this parameter if you + // specified a launch template (LaunchTemplateConfigs) in your Spot Fleet request. + // If you specified LaunchSpecifications in your Spot Fleet request, then omit + // this parameter. + LaunchTemplateConfigs []*LaunchTemplateConfig `locationName:"LaunchTemplateConfig" locationNameList:"item" type:"list"` + // The number of On-Demand Instances in the fleet. OnDemandTargetCapacity *int64 `type:"integer"` @@ -84945,6 +92782,16 @@ func (s *ModifySpotFleetRequestInput) Validate() error { if s.SpotFleetRequestId == nil { invalidParams.Add(request.NewErrParamRequired("SpotFleetRequestId")) } + if s.LaunchTemplateConfigs != nil { + for i, v := range s.LaunchTemplateConfigs { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "LaunchTemplateConfigs", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -84958,6 +92805,12 @@ func (s *ModifySpotFleetRequestInput) SetExcessCapacityTerminationPolicy(v strin return s } +// SetLaunchTemplateConfigs sets the LaunchTemplateConfigs field's value. +func (s *ModifySpotFleetRequestInput) SetLaunchTemplateConfigs(v []*LaunchTemplateConfig) *ModifySpotFleetRequestInput { + s.LaunchTemplateConfigs = v + return s +} + // SetOnDemandTargetCapacity sets the OnDemandTargetCapacity field's value. func (s *ModifySpotFleetRequestInput) SetOnDemandTargetCapacity(v int64) *ModifySpotFleetRequestInput { s.OnDemandTargetCapacity = &v @@ -85013,8 +92866,20 @@ type ModifySubnetAttributeInput struct { // or later of the Amazon EC2 API. AssignIpv6AddressOnCreation *AttributeBooleanValue `type:"structure"` - // Specify true to indicate that ENIs attached to instances created in the specified - // subnet should be assigned a public IPv4 address. + // The customer-owned IPv4 address pool associated with the subnet. + // + // You must set this value when you specify true for MapCustomerOwnedIpOnLaunch. + CustomerOwnedIpv4Pool *string `type:"string"` + + // Specify true to indicate that network interfaces attached to instances created + // in the specified subnet should be assigned a customer-owned IPv4 address. + // + // When this value is true, you must specify the customer-owned IP pool using + // CustomerOwnedIpv4Pool. + MapCustomerOwnedIpOnLaunch *AttributeBooleanValue `type:"structure"` + + // Specify true to indicate that network interfaces attached to instances created + // in the specified subnet should be assigned a public IPv4 address. MapPublicIpOnLaunch *AttributeBooleanValue `type:"structure"` // The ID of the subnet. @@ -85052,6 +92917,18 @@ func (s *ModifySubnetAttributeInput) SetAssignIpv6AddressOnCreation(v *Attribute return s } +// SetCustomerOwnedIpv4Pool sets the CustomerOwnedIpv4Pool field's value. +func (s *ModifySubnetAttributeInput) SetCustomerOwnedIpv4Pool(v string) *ModifySubnetAttributeInput { + s.CustomerOwnedIpv4Pool = &v + return s +} + +// SetMapCustomerOwnedIpOnLaunch sets the MapCustomerOwnedIpOnLaunch field's value. +func (s *ModifySubnetAttributeInput) SetMapCustomerOwnedIpOnLaunch(v *AttributeBooleanValue) *ModifySubnetAttributeInput { + s.MapCustomerOwnedIpOnLaunch = v + return s +} + // SetMapPublicIpOnLaunch sets the MapPublicIpOnLaunch field's value. func (s *ModifySubnetAttributeInput) SetMapPublicIpOnLaunch(v *AttributeBooleanValue) *ModifySubnetAttributeInput { s.MapPublicIpOnLaunch = v @@ -85485,6 +93362,282 @@ func (s *ModifyTrafficMirrorSessionOutput) SetTrafficMirrorSession(v *TrafficMir return s } +type ModifyTransitGatewayInput struct { + _ struct{} `type:"structure"` + + // The description for the transit gateway. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The options to modify. + Options *ModifyTransitGatewayOptions `type:"structure"` + + // The ID of the transit gateway. + // + // TransitGatewayId is a required field + TransitGatewayId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyTransitGatewayInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTransitGatewayInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyTransitGatewayInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyTransitGatewayInput"} + if s.TransitGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *ModifyTransitGatewayInput) SetDescription(v string) *ModifyTransitGatewayInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyTransitGatewayInput) SetDryRun(v bool) *ModifyTransitGatewayInput { + s.DryRun = &v + return s +} + +// SetOptions sets the Options field's value. +func (s *ModifyTransitGatewayInput) SetOptions(v *ModifyTransitGatewayOptions) *ModifyTransitGatewayInput { + s.Options = v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *ModifyTransitGatewayInput) SetTransitGatewayId(v string) *ModifyTransitGatewayInput { + s.TransitGatewayId = &v + return s +} + +// The transit gateway options. +type ModifyTransitGatewayOptions struct { + _ struct{} `type:"structure"` + + // The ID of the default association route table. + AssociationDefaultRouteTableId *string `type:"string"` + + // Enable or disable automatic acceptance of attachment requests. + AutoAcceptSharedAttachments *string `type:"string" enum:"AutoAcceptSharedAttachmentsValue"` + + // Enable or disable automatic association with the default association route + // table. + DefaultRouteTableAssociation *string `type:"string" enum:"DefaultRouteTableAssociationValue"` + + // Enable or disable automatic propagation of routes to the default propagation + // route table. + DefaultRouteTablePropagation *string `type:"string" enum:"DefaultRouteTablePropagationValue"` + + // Enable or disable DNS support. + DnsSupport *string `type:"string" enum:"DnsSupportValue"` + + // The ID of the default propagation route table. + PropagationDefaultRouteTableId *string `type:"string"` + + // Enable or disable Equal Cost Multipath Protocol support. + VpnEcmpSupport *string `type:"string" enum:"VpnEcmpSupportValue"` +} + +// String returns the string representation +func (s ModifyTransitGatewayOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTransitGatewayOptions) GoString() string { + return s.String() +} + +// SetAssociationDefaultRouteTableId sets the AssociationDefaultRouteTableId field's value. +func (s *ModifyTransitGatewayOptions) SetAssociationDefaultRouteTableId(v string) *ModifyTransitGatewayOptions { + s.AssociationDefaultRouteTableId = &v + return s +} + +// SetAutoAcceptSharedAttachments sets the AutoAcceptSharedAttachments field's value. +func (s *ModifyTransitGatewayOptions) SetAutoAcceptSharedAttachments(v string) *ModifyTransitGatewayOptions { + s.AutoAcceptSharedAttachments = &v + return s +} + +// SetDefaultRouteTableAssociation sets the DefaultRouteTableAssociation field's value. +func (s *ModifyTransitGatewayOptions) SetDefaultRouteTableAssociation(v string) *ModifyTransitGatewayOptions { + s.DefaultRouteTableAssociation = &v + return s +} + +// SetDefaultRouteTablePropagation sets the DefaultRouteTablePropagation field's value. +func (s *ModifyTransitGatewayOptions) SetDefaultRouteTablePropagation(v string) *ModifyTransitGatewayOptions { + s.DefaultRouteTablePropagation = &v + return s +} + +// SetDnsSupport sets the DnsSupport field's value. +func (s *ModifyTransitGatewayOptions) SetDnsSupport(v string) *ModifyTransitGatewayOptions { + s.DnsSupport = &v + return s +} + +// SetPropagationDefaultRouteTableId sets the PropagationDefaultRouteTableId field's value. +func (s *ModifyTransitGatewayOptions) SetPropagationDefaultRouteTableId(v string) *ModifyTransitGatewayOptions { + s.PropagationDefaultRouteTableId = &v + return s +} + +// SetVpnEcmpSupport sets the VpnEcmpSupport field's value. +func (s *ModifyTransitGatewayOptions) SetVpnEcmpSupport(v string) *ModifyTransitGatewayOptions { + s.VpnEcmpSupport = &v + return s +} + +type ModifyTransitGatewayOutput struct { + _ struct{} `type:"structure"` + + // Describes a transit gateway. + TransitGateway *TransitGateway `locationName:"transitGateway" type:"structure"` +} + +// String returns the string representation +func (s ModifyTransitGatewayOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTransitGatewayOutput) GoString() string { + return s.String() +} + +// SetTransitGateway sets the TransitGateway field's value. +func (s *ModifyTransitGatewayOutput) SetTransitGateway(v *TransitGateway) *ModifyTransitGatewayOutput { + s.TransitGateway = v + return s +} + +type ModifyTransitGatewayPrefixListReferenceInput struct { + _ struct{} `type:"structure"` + + // Indicates whether to drop traffic that matches this route. + Blackhole *bool `type:"boolean"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the prefix list. + // + // PrefixListId is a required field + PrefixListId *string `type:"string" required:"true"` + + // The ID of the attachment to which traffic is routed. + TransitGatewayAttachmentId *string `type:"string"` + + // The ID of the transit gateway route table. + // + // TransitGatewayRouteTableId is a required field + TransitGatewayRouteTableId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyTransitGatewayPrefixListReferenceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTransitGatewayPrefixListReferenceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyTransitGatewayPrefixListReferenceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyTransitGatewayPrefixListReferenceInput"} + if s.PrefixListId == nil { + invalidParams.Add(request.NewErrParamRequired("PrefixListId")) + } + if s.TransitGatewayRouteTableId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayRouteTableId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBlackhole sets the Blackhole field's value. +func (s *ModifyTransitGatewayPrefixListReferenceInput) SetBlackhole(v bool) *ModifyTransitGatewayPrefixListReferenceInput { + s.Blackhole = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyTransitGatewayPrefixListReferenceInput) SetDryRun(v bool) *ModifyTransitGatewayPrefixListReferenceInput { + s.DryRun = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *ModifyTransitGatewayPrefixListReferenceInput) SetPrefixListId(v string) *ModifyTransitGatewayPrefixListReferenceInput { + s.PrefixListId = &v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *ModifyTransitGatewayPrefixListReferenceInput) SetTransitGatewayAttachmentId(v string) *ModifyTransitGatewayPrefixListReferenceInput { + s.TransitGatewayAttachmentId = &v + return s +} + +// SetTransitGatewayRouteTableId sets the TransitGatewayRouteTableId field's value. +func (s *ModifyTransitGatewayPrefixListReferenceInput) SetTransitGatewayRouteTableId(v string) *ModifyTransitGatewayPrefixListReferenceInput { + s.TransitGatewayRouteTableId = &v + return s +} + +type ModifyTransitGatewayPrefixListReferenceOutput struct { + _ struct{} `type:"structure"` + + // Information about the prefix list reference. + TransitGatewayPrefixListReference *TransitGatewayPrefixListReference `locationName:"transitGatewayPrefixListReference" type:"structure"` +} + +// String returns the string representation +func (s ModifyTransitGatewayPrefixListReferenceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTransitGatewayPrefixListReferenceOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayPrefixListReference sets the TransitGatewayPrefixListReference field's value. +func (s *ModifyTransitGatewayPrefixListReferenceOutput) SetTransitGatewayPrefixListReference(v *TransitGatewayPrefixListReference) *ModifyTransitGatewayPrefixListReferenceOutput { + s.TransitGatewayPrefixListReference = v + return s +} + type ModifyTransitGatewayVpcAttachmentInput struct { _ struct{} `type:"structure"` @@ -85592,6 +93745,11 @@ func (s *ModifyTransitGatewayVpcAttachmentOutput) SetTransitGatewayVpcAttachment type ModifyTransitGatewayVpcAttachmentRequestOptions struct { _ struct{} `type:"structure"` + // Enable or disable support for appliance mode. If enabled, a traffic flow + // between a source and destination uses the same Availability Zone for the + // VPC attachment for the lifetime of that flow. The default is disable. + ApplianceModeSupport *string `type:"string" enum:"ApplianceModeSupportValue"` + // Enable or disable DNS support. The default is enable. DnsSupport *string `type:"string" enum:"DnsSupportValue"` @@ -85609,6 +93767,12 @@ func (s ModifyTransitGatewayVpcAttachmentRequestOptions) GoString() string { return s.String() } +// SetApplianceModeSupport sets the ApplianceModeSupport field's value. +func (s *ModifyTransitGatewayVpcAttachmentRequestOptions) SetApplianceModeSupport(v string) *ModifyTransitGatewayVpcAttachmentRequestOptions { + s.ApplianceModeSupport = &v + return s +} + // SetDnsSupport sets the DnsSupport field's value. func (s *ModifyTransitGatewayVpcAttachmentRequestOptions) SetDnsSupport(v string) *ModifyTransitGatewayVpcAttachmentRequestOptions { s.DnsSupport = &v @@ -85705,8 +93869,8 @@ type ModifyVolumeInput struct { // The target IOPS rate of the volume. // - // This is only valid for Provisioned IOPS SSD (io1) volumes. For more information, - // see Provisioned IOPS SSD (io1) Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html#EBSVolumeTypes_piops). + // This is only valid for Provisioned IOPS SSD (io1 and io2) volumes. For moreinformation, + // see Provisioned IOPS SSD (io1 and io2) volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html#EBSVolumeTypes_piops). // // Default: If no IOPS value is specified, the existing value is retained. Iops *int64 `type:"integer"` @@ -86618,6 +94782,123 @@ func (s *ModifyVpnConnectionInput) SetVpnGatewayId(v string) *ModifyVpnConnectio return s } +type ModifyVpnConnectionOptionsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection. + // + // Default: 0.0.0.0/0 + LocalIpv4NetworkCidr *string `type:"string"` + + // The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection. + // + // Default: ::/0 + LocalIpv6NetworkCidr *string `type:"string"` + + // The IPv4 CIDR on the AWS side of the VPN connection. + // + // Default: 0.0.0.0/0 + RemoteIpv4NetworkCidr *string `type:"string"` + + // The IPv6 CIDR on the AWS side of the VPN connection. + // + // Default: ::/0 + RemoteIpv6NetworkCidr *string `type:"string"` + + // The ID of the Site-to-Site VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyVpnConnectionOptionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnConnectionOptionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyVpnConnectionOptionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyVpnConnectionOptionsInput"} + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyVpnConnectionOptionsInput) SetDryRun(v bool) *ModifyVpnConnectionOptionsInput { + s.DryRun = &v + return s +} + +// SetLocalIpv4NetworkCidr sets the LocalIpv4NetworkCidr field's value. +func (s *ModifyVpnConnectionOptionsInput) SetLocalIpv4NetworkCidr(v string) *ModifyVpnConnectionOptionsInput { + s.LocalIpv4NetworkCidr = &v + return s +} + +// SetLocalIpv6NetworkCidr sets the LocalIpv6NetworkCidr field's value. +func (s *ModifyVpnConnectionOptionsInput) SetLocalIpv6NetworkCidr(v string) *ModifyVpnConnectionOptionsInput { + s.LocalIpv6NetworkCidr = &v + return s +} + +// SetRemoteIpv4NetworkCidr sets the RemoteIpv4NetworkCidr field's value. +func (s *ModifyVpnConnectionOptionsInput) SetRemoteIpv4NetworkCidr(v string) *ModifyVpnConnectionOptionsInput { + s.RemoteIpv4NetworkCidr = &v + return s +} + +// SetRemoteIpv6NetworkCidr sets the RemoteIpv6NetworkCidr field's value. +func (s *ModifyVpnConnectionOptionsInput) SetRemoteIpv6NetworkCidr(v string) *ModifyVpnConnectionOptionsInput { + s.RemoteIpv6NetworkCidr = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *ModifyVpnConnectionOptionsInput) SetVpnConnectionId(v string) *ModifyVpnConnectionOptionsInput { + s.VpnConnectionId = &v + return s +} + +type ModifyVpnConnectionOptionsOutput struct { + _ struct{} `type:"structure"` + + // Describes a VPN connection. + VpnConnection *VpnConnection `locationName:"vpnConnection" type:"structure"` +} + +// String returns the string representation +func (s ModifyVpnConnectionOptionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnConnectionOptionsOutput) GoString() string { + return s.String() +} + +// SetVpnConnection sets the VpnConnection field's value. +func (s *ModifyVpnConnectionOptionsOutput) SetVpnConnection(v *VpnConnection) *ModifyVpnConnectionOptionsOutput { + s.VpnConnection = v + return s +} + type ModifyVpnConnectionOutput struct { _ struct{} `type:"structure"` @@ -86833,6 +95114,14 @@ func (s *ModifyVpnTunnelOptionsOutput) SetVpnConnection(v *VpnConnection) *Modif type ModifyVpnTunnelOptionsSpecification struct { _ struct{} `type:"structure"` + // The action to take after DPD timeout occurs. Specify restart to restart the + // IKE initiation. Specify clear to end the IKE session. + // + // Valid Values: clear | none | restart + // + // Default: clear + DPDTimeoutAction *string `type:"string"` + // The number of seconds after which a DPD timeout occurs. // // Constraints: A value between 0 and 30. @@ -86848,19 +95137,19 @@ type ModifyVpnTunnelOptionsSpecification struct { // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel // for phase 1 IKE negotiations. // - // Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + // Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 Phase1DHGroupNumbers []*Phase1DHGroupNumbersRequestListValue `locationName:"Phase1DHGroupNumber" locationNameList:"item" type:"list"` // One or more encryption algorithms that are permitted for the VPN tunnel for // phase 1 IKE negotiations. // - // Valid values: AES128 | AES256 + // Valid values: AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16 Phase1EncryptionAlgorithms []*Phase1EncryptionAlgorithmsRequestListValue `locationName:"Phase1EncryptionAlgorithm" locationNameList:"item" type:"list"` // One or more integrity algorithms that are permitted for the VPN tunnel for // phase 1 IKE negotiations. // - // Valid values: SHA1 | SHA2-256 + // Valid values: SHA1 | SHA2-256 | SHA2-384 | SHA2-512 Phase1IntegrityAlgorithms []*Phase1IntegrityAlgorithmsRequestListValue `locationName:"Phase1IntegrityAlgorithm" locationNameList:"item" type:"list"` // The lifetime for phase 1 of the IKE negotiation, in seconds. @@ -86873,19 +95162,19 @@ type ModifyVpnTunnelOptionsSpecification struct { // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel // for phase 2 IKE negotiations. // - // Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + // Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 Phase2DHGroupNumbers []*Phase2DHGroupNumbersRequestListValue `locationName:"Phase2DHGroupNumber" locationNameList:"item" type:"list"` // One or more encryption algorithms that are permitted for the VPN tunnel for // phase 2 IKE negotiations. // - // Valid values: AES128 | AES256 + // Valid values: AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16 Phase2EncryptionAlgorithms []*Phase2EncryptionAlgorithmsRequestListValue `locationName:"Phase2EncryptionAlgorithm" locationNameList:"item" type:"list"` // One or more integrity algorithms that are permitted for the VPN tunnel for // phase 2 IKE negotiations. // - // Valid values: SHA1 | SHA2-256 + // Valid values: SHA1 | SHA2-256 | SHA2-384 | SHA2-512 Phase2IntegrityAlgorithms []*Phase2IntegrityAlgorithmsRequestListValue `locationName:"Phase2IntegrityAlgorithm" locationNameList:"item" type:"list"` // The lifetime for phase 2 of the IKE negotiation, in seconds. @@ -86928,7 +95217,16 @@ type ModifyVpnTunnelOptionsSpecification struct { // Default: 1024 ReplayWindowSize *int64 `type:"integer"` - // The range of inside IP addresses for the tunnel. Any specified CIDR blocks + // The action to take when the establishing the tunnel for the VPN connection. + // By default, your customer gateway device must initiate the IKE negotiation + // and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. + // + // Valid Values: add | start + // + // Default: add + StartupAction *string `type:"string"` + + // The range of inside IPv4 addresses for the tunnel. Any specified CIDR blocks // must be unique across all VPN connections that use the same virtual private // gateway. // @@ -86949,6 +95247,12 @@ type ModifyVpnTunnelOptionsSpecification struct { // // * 169.254.169.252/30 TunnelInsideCidr *string `type:"string"` + + // The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks + // must be unique across all VPN connections that use the same transit gateway. + // + // Constraints: A size /126 CIDR block from the local fd00::/8 range. + TunnelInsideIpv6Cidr *string `type:"string"` } // String returns the string representation @@ -86961,6 +95265,12 @@ func (s ModifyVpnTunnelOptionsSpecification) GoString() string { return s.String() } +// SetDPDTimeoutAction sets the DPDTimeoutAction field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetDPDTimeoutAction(v string) *ModifyVpnTunnelOptionsSpecification { + s.DPDTimeoutAction = &v + return s +} + // SetDPDTimeoutSeconds sets the DPDTimeoutSeconds field's value. func (s *ModifyVpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *ModifyVpnTunnelOptionsSpecification { s.DPDTimeoutSeconds = &v @@ -87045,12 +95355,24 @@ func (s *ModifyVpnTunnelOptionsSpecification) SetReplayWindowSize(v int64) *Modi return s } +// SetStartupAction sets the StartupAction field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetStartupAction(v string) *ModifyVpnTunnelOptionsSpecification { + s.StartupAction = &v + return s +} + // SetTunnelInsideCidr sets the TunnelInsideCidr field's value. func (s *ModifyVpnTunnelOptionsSpecification) SetTunnelInsideCidr(v string) *ModifyVpnTunnelOptionsSpecification { s.TunnelInsideCidr = &v return s } +// SetTunnelInsideIpv6Cidr sets the TunnelInsideIpv6Cidr field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetTunnelInsideIpv6Cidr(v string) *ModifyVpnTunnelOptionsSpecification { + s.TunnelInsideIpv6Cidr = &v + return s +} + type MonitorInstancesInput struct { _ struct{} `type:"structure"` @@ -87680,10 +96002,58 @@ func (s *NetworkAclEntry) SetRuleNumber(v int64) *NetworkAclEntry { return s } +// Describes the network card support of the instance type. +type NetworkCardInfo struct { + _ struct{} `type:"structure"` + + // The maximum number of network interfaces for the network card. + MaximumNetworkInterfaces *int64 `locationName:"maximumNetworkInterfaces" type:"integer"` + + // The index of the network card. + NetworkCardIndex *int64 `locationName:"networkCardIndex" type:"integer"` + + // The network performance of the network card. + NetworkPerformance *string `locationName:"networkPerformance" type:"string"` +} + +// String returns the string representation +func (s NetworkCardInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s NetworkCardInfo) GoString() string { + return s.String() +} + +// SetMaximumNetworkInterfaces sets the MaximumNetworkInterfaces field's value. +func (s *NetworkCardInfo) SetMaximumNetworkInterfaces(v int64) *NetworkCardInfo { + s.MaximumNetworkInterfaces = &v + return s +} + +// SetNetworkCardIndex sets the NetworkCardIndex field's value. +func (s *NetworkCardInfo) SetNetworkCardIndex(v int64) *NetworkCardInfo { + s.NetworkCardIndex = &v + return s +} + +// SetNetworkPerformance sets the NetworkPerformance field's value. +func (s *NetworkCardInfo) SetNetworkPerformance(v string) *NetworkCardInfo { + s.NetworkPerformance = &v + return s +} + // Describes the networking features of the instance type. type NetworkInfo struct { _ struct{} `type:"structure"` + // The index of the default network card, starting at 0. + DefaultNetworkCardIndex *int64 `locationName:"defaultNetworkCardIndex" type:"integer"` + + // Indicates whether Elastic Fabric Adapter (EFA) is supported. + EfaSupported *bool `locationName:"efaSupported" type:"boolean"` + // Indicates whether Elastic Network Adapter (ENA) is supported. EnaSupport *string `locationName:"enaSupport" type:"string" enum:"EnaSupport"` @@ -87696,10 +96066,17 @@ type NetworkInfo struct { // Indicates whether IPv6 is supported. Ipv6Supported *bool `locationName:"ipv6Supported" type:"boolean"` + // The maximum number of physical network cards that can be allocated to the + // instance. + MaximumNetworkCards *int64 `locationName:"maximumNetworkCards" type:"integer"` + // The maximum number of network interfaces for the instance type. MaximumNetworkInterfaces *int64 `locationName:"maximumNetworkInterfaces" type:"integer"` - // Describes the network performance. + // Describes the network cards for the instance type. + NetworkCards []*NetworkCardInfo `locationName:"networkCards" locationNameList:"item" type:"list"` + + // The network performance. NetworkPerformance *string `locationName:"networkPerformance" type:"string"` } @@ -87713,6 +96090,18 @@ func (s NetworkInfo) GoString() string { return s.String() } +// SetDefaultNetworkCardIndex sets the DefaultNetworkCardIndex field's value. +func (s *NetworkInfo) SetDefaultNetworkCardIndex(v int64) *NetworkInfo { + s.DefaultNetworkCardIndex = &v + return s +} + +// SetEfaSupported sets the EfaSupported field's value. +func (s *NetworkInfo) SetEfaSupported(v bool) *NetworkInfo { + s.EfaSupported = &v + return s +} + // SetEnaSupport sets the EnaSupport field's value. func (s *NetworkInfo) SetEnaSupport(v string) *NetworkInfo { s.EnaSupport = &v @@ -87737,12 +96126,24 @@ func (s *NetworkInfo) SetIpv6Supported(v bool) *NetworkInfo { return s } +// SetMaximumNetworkCards sets the MaximumNetworkCards field's value. +func (s *NetworkInfo) SetMaximumNetworkCards(v int64) *NetworkInfo { + s.MaximumNetworkCards = &v + return s +} + // SetMaximumNetworkInterfaces sets the MaximumNetworkInterfaces field's value. func (s *NetworkInfo) SetMaximumNetworkInterfaces(v int64) *NetworkInfo { s.MaximumNetworkInterfaces = &v return s } +// SetNetworkCards sets the NetworkCards field's value. +func (s *NetworkInfo) SetNetworkCards(v []*NetworkCardInfo) *NetworkInfo { + s.NetworkCards = v + return s +} + // SetNetworkPerformance sets the NetworkPerformance field's value. func (s *NetworkInfo) SetNetworkPerformance(v string) *NetworkInfo { s.NetworkPerformance = &v @@ -87955,7 +96356,9 @@ func (s *NetworkInterface) SetVpcId(v string) *NetworkInterface { return s } -// Describes association information for an Elastic IP address (IPv4 only). +// Describes association information for an Elastic IP address (IPv4 only), +// or a Carrier IP address (for a network interface which resides in a subnet +// in a Wavelength Zone). type NetworkInterfaceAssociation struct { _ struct{} `type:"structure"` @@ -87965,6 +96368,15 @@ type NetworkInterfaceAssociation struct { // The association ID. AssociationId *string `locationName:"associationId" type:"string"` + // The carrier IP address associated with the network interface. + // + // This option is only available when the network interface is in a subnet which + // is associated with a Wavelength Zone. + CarrierIp *string `locationName:"carrierIp" type:"string"` + + // The customer-owned IP address associated with the network interface. + CustomerOwnedIp *string `locationName:"customerOwnedIp" type:"string"` + // The ID of the Elastic IP address owner. IpOwnerId *string `locationName:"ipOwnerId" type:"string"` @@ -87997,6 +96409,18 @@ func (s *NetworkInterfaceAssociation) SetAssociationId(v string) *NetworkInterfa return s } +// SetCarrierIp sets the CarrierIp field's value. +func (s *NetworkInterfaceAssociation) SetCarrierIp(v string) *NetworkInterfaceAssociation { + s.CarrierIp = &v + return s +} + +// SetCustomerOwnedIp sets the CustomerOwnedIp field's value. +func (s *NetworkInterfaceAssociation) SetCustomerOwnedIp(v string) *NetworkInterfaceAssociation { + s.CustomerOwnedIp = &v + return s +} + // SetIpOwnerId sets the IpOwnerId field's value. func (s *NetworkInterfaceAssociation) SetIpOwnerId(v string) *NetworkInterfaceAssociation { s.IpOwnerId = &v @@ -88037,6 +96461,9 @@ type NetworkInterfaceAttachment struct { // The AWS account ID of the owner of the instance. InstanceOwnerId *string `locationName:"instanceOwnerId" type:"string"` + // The index of the network card. + NetworkCardIndex *int64 `locationName:"networkCardIndex" type:"integer"` + // The attachment state. Status *string `locationName:"status" type:"string" enum:"AttachmentStatus"` } @@ -88087,6 +96514,12 @@ func (s *NetworkInterfaceAttachment) SetInstanceOwnerId(v string) *NetworkInterf return s } +// SetNetworkCardIndex sets the NetworkCardIndex field's value. +func (s *NetworkInterfaceAttachment) SetNetworkCardIndex(v int64) *NetworkInterfaceAttachment { + s.NetworkCardIndex = &v + return s +} + // SetStatus sets the Status field's value. func (s *NetworkInterfaceAttachment) SetStatus(v string) *NetworkInterfaceAttachment { s.Status = &v @@ -89005,37 +97438,54 @@ type Placement struct { _ struct{} `type:"structure"` // The affinity setting for the instance on the Dedicated Host. This parameter - // is not supported for the ImportInstance command. + // is not supported for the ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) + // command. + // + // This parameter is not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet). Affinity *string `locationName:"affinity" type:"string"` // The Availability Zone of the instance. // // If not specified, an Availability Zone will be automatically chosen for you // based on the load balancing criteria for the Region. + // + // This parameter is not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet). AvailabilityZone *string `locationName:"availabilityZone" type:"string"` // The name of the placement group the instance is in. GroupName *string `locationName:"groupName" type:"string"` // The ID of the Dedicated Host on which the instance resides. This parameter - // is not supported for the ImportInstance command. + // is not supported for the ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) + // command. + // + // This parameter is not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet). HostId *string `locationName:"hostId" type:"string"` // The ARN of the host resource group in which to launch the instances. If you // specify a host resource group ARN, omit the Tenancy parameter or set it to // host. + // + // This parameter is not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet). HostResourceGroupArn *string `locationName:"hostResourceGroupArn" type:"string"` // The number of the partition the instance is in. Valid only if the placement // group strategy is set to partition. + // + // This parameter is not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet). PartitionNumber *int64 `locationName:"partitionNumber" type:"integer"` // Reserved for future use. + // + // This parameter is not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet). SpreadDomain *string `locationName:"spreadDomain" type:"string"` // The tenancy of the instance (if the instance is running in a VPC). An instance // with a tenancy of dedicated runs on single-tenant hardware. The host tenancy - // is not supported for the ImportInstance command. + // is not supported for the ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) + // command. + // + // This parameter is not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet). Tenancy *string `locationName:"tenancy" type:"string" enum:"Tenancy"` } @@ -89170,7 +97620,7 @@ func (s *PlacementGroup) SetTags(v []*Tag) *PlacementGroup { type PlacementGroupInfo struct { _ struct{} `type:"structure"` - // A list of supported placement groups types. + // The supported placement group types. SupportedStrategies []*string `locationName:"supportedStrategies" locationNameList:"item" type:"list"` } @@ -89214,6 +97664,30 @@ func (s *PlacementResponse) SetGroupName(v string) *PlacementResponse { return s } +// Describes a CIDR block for an address pool. +type PoolCidrBlock struct { + _ struct{} `type:"structure"` + + // The CIDR block. + Cidr *string `locationName:"poolCidrBlock" type:"string"` +} + +// String returns the string representation +func (s PoolCidrBlock) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PoolCidrBlock) GoString() string { + return s.String() +} + +// SetCidr sets the Cidr field's value. +func (s *PoolCidrBlock) SetCidr(v string) *PoolCidrBlock { + s.Cidr = &v + return s +} + // Describes a range of ports. type PortRange struct { _ struct{} `type:"structure"` @@ -89289,6 +97763,72 @@ func (s *PrefixList) SetPrefixListName(v string) *PrefixList { return s } +// Describes the resource with which a prefix list is associated. +type PrefixListAssociation struct { + _ struct{} `type:"structure"` + + // The ID of the resource. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The owner of the resource. + ResourceOwner *string `locationName:"resourceOwner" type:"string"` +} + +// String returns the string representation +func (s PrefixListAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PrefixListAssociation) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *PrefixListAssociation) SetResourceId(v string) *PrefixListAssociation { + s.ResourceId = &v + return s +} + +// SetResourceOwner sets the ResourceOwner field's value. +func (s *PrefixListAssociation) SetResourceOwner(v string) *PrefixListAssociation { + s.ResourceOwner = &v + return s +} + +// Describes a prefix list entry. +type PrefixListEntry struct { + _ struct{} `type:"structure"` + + // The CIDR block. + Cidr *string `locationName:"cidr" type:"string"` + + // The description. + Description *string `locationName:"description" type:"string"` +} + +// String returns the string representation +func (s PrefixListEntry) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PrefixListEntry) GoString() string { + return s.String() +} + +// SetCidr sets the Cidr field's value. +func (s *PrefixListEntry) SetCidr(v string) *PrefixListEntry { + s.Cidr = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *PrefixListEntry) SetDescription(v string) *PrefixListEntry { + s.Description = &v + return s +} + // Describes a prefix list ID. type PrefixListId struct { _ struct{} `type:"structure"` @@ -89595,7 +98135,7 @@ func (s *PrivateIpAddressSpecification) SetPrivateIpAddress(v string) *PrivateIp type ProcessorInfo struct { _ struct{} `type:"structure"` - // A list of architectures supported by the instance type. + // The architectures supported by the instance type. SupportedArchitectures []*string `locationName:"supportedArchitectures" locationNameList:"item" type:"list"` // The speed of the processor, in GHz. @@ -89684,9 +98224,10 @@ func (s *PropagatingVgw) SetGatewayId(v string) *PropagatingVgw { type ProvisionByoipCidrInput struct { _ struct{} `type:"structure"` - // The public IPv4 address range, in CIDR notation. The most specific prefix - // that you can specify is /24. The address range cannot overlap with another - // address range that you've brought to this or another Region. + // The public IPv4 or IPv6 address range, in CIDR notation. The most specific + // IPv4 prefix that you can specify is /24. The most specific IPv6 prefix you + // can specify is /56. The address range cannot overlap with another address + // range that you've brought to this or another Region. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -89703,6 +98244,15 @@ type ProvisionByoipCidrInput struct { // the required permissions, the error response is DryRunOperation. Otherwise, // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + + // The tags to apply to the address pool. + PoolTagSpecifications []*TagSpecification `locationName:"PoolTagSpecification" locationNameList:"item" type:"list"` + + // (IPv6 only) Indicate whether the address range will be publicly advertised + // to the internet. + // + // Default: true + PubliclyAdvertisable *bool `type:"boolean"` } // String returns the string representation @@ -89757,10 +98307,22 @@ func (s *ProvisionByoipCidrInput) SetDryRun(v bool) *ProvisionByoipCidrInput { return s } +// SetPoolTagSpecifications sets the PoolTagSpecifications field's value. +func (s *ProvisionByoipCidrInput) SetPoolTagSpecifications(v []*TagSpecification) *ProvisionByoipCidrInput { + s.PoolTagSpecifications = v + return s +} + +// SetPubliclyAdvertisable sets the PubliclyAdvertisable field's value. +func (s *ProvisionByoipCidrInput) SetPubliclyAdvertisable(v bool) *ProvisionByoipCidrInput { + s.PubliclyAdvertisable = &v + return s +} + type ProvisionByoipCidrOutput struct { _ struct{} `type:"structure"` - // Information about the address pool. + // Information about the address range. ByoipCidr *ByoipCidr `locationName:"byoipCidr" type:"structure"` } @@ -89852,19 +98414,27 @@ func (s *ProvisionedBandwidth) SetStatus(v string) *ProvisionedBandwidth { return s } -// Describes an address pool. +// Describes an IPv4 address pool. type PublicIpv4Pool struct { _ struct{} `type:"structure"` // A description of the address pool. Description *string `locationName:"description" type:"string"` + // The name of the location from which the address pool is advertised. A network + // border group is a unique set of Availability Zones or Local Zones from where + // AWS advertises public IP addresses. + NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` + // The address ranges. PoolAddressRanges []*PublicIpv4PoolRange `locationName:"poolAddressRangeSet" locationNameList:"item" type:"list"` - // The ID of the IPv4 address pool. + // The ID of the address pool. PoolId *string `locationName:"poolId" type:"string"` + // Any tags for the address pool. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + // The total number of addresses. TotalAddressCount *int64 `locationName:"totalAddressCount" type:"integer"` @@ -89888,6 +98458,12 @@ func (s *PublicIpv4Pool) SetDescription(v string) *PublicIpv4Pool { return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *PublicIpv4Pool) SetNetworkBorderGroup(v string) *PublicIpv4Pool { + s.NetworkBorderGroup = &v + return s +} + // SetPoolAddressRanges sets the PoolAddressRanges field's value. func (s *PublicIpv4Pool) SetPoolAddressRanges(v []*PublicIpv4PoolRange) *PublicIpv4Pool { s.PoolAddressRanges = v @@ -89900,6 +98476,12 @@ func (s *PublicIpv4Pool) SetPoolId(v string) *PublicIpv4Pool { return s } +// SetTags sets the Tags field's value. +func (s *PublicIpv4Pool) SetTags(v []*Tag) *PublicIpv4Pool { + s.Tags = v + return s +} + // SetTotalAddressCount sets the TotalAddressCount field's value. func (s *PublicIpv4Pool) SetTotalAddressCount(v int64) *PublicIpv4Pool { s.TotalAddressCount = &v @@ -90080,6 +98662,9 @@ type PurchaseHostReservationInput struct { // // OfferingId is a required field OfferingId *string `type:"string" required:"true"` + + // The tags to apply to the Dedicated Host Reservation during purchase. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -90138,6 +98723,12 @@ func (s *PurchaseHostReservationInput) SetOfferingId(v string) *PurchaseHostRese return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *PurchaseHostReservationInput) SetTagSpecifications(v []*TagSpecification) *PurchaseHostReservationInput { + s.TagSpecifications = v + return s +} + type PurchaseHostReservationOutput struct { _ struct{} `type:"structure"` @@ -90799,6 +99390,101 @@ func (s *RegisterImageOutput) SetImageId(v string) *RegisterImageOutput { return s } +type RegisterInstanceEventNotificationAttributesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Information about the tag keys to register. + InstanceTagAttribute *RegisterInstanceTagAttributeRequest `type:"structure"` +} + +// String returns the string representation +func (s RegisterInstanceEventNotificationAttributesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterInstanceEventNotificationAttributesInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *RegisterInstanceEventNotificationAttributesInput) SetDryRun(v bool) *RegisterInstanceEventNotificationAttributesInput { + s.DryRun = &v + return s +} + +// SetInstanceTagAttribute sets the InstanceTagAttribute field's value. +func (s *RegisterInstanceEventNotificationAttributesInput) SetInstanceTagAttribute(v *RegisterInstanceTagAttributeRequest) *RegisterInstanceEventNotificationAttributesInput { + s.InstanceTagAttribute = v + return s +} + +type RegisterInstanceEventNotificationAttributesOutput struct { + _ struct{} `type:"structure"` + + // The resulting set of tag keys. + InstanceTagAttribute *InstanceTagNotificationAttribute `locationName:"instanceTagAttribute" type:"structure"` +} + +// String returns the string representation +func (s RegisterInstanceEventNotificationAttributesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterInstanceEventNotificationAttributesOutput) GoString() string { + return s.String() +} + +// SetInstanceTagAttribute sets the InstanceTagAttribute field's value. +func (s *RegisterInstanceEventNotificationAttributesOutput) SetInstanceTagAttribute(v *InstanceTagNotificationAttribute) *RegisterInstanceEventNotificationAttributesOutput { + s.InstanceTagAttribute = v + return s +} + +// Information about the tag keys to register for the current Region. You can +// either specify individual tag keys or register all tag keys in the current +// Region. You must specify either IncludeAllTagsOfInstance or InstanceTagKeys +// in the request +type RegisterInstanceTagAttributeRequest struct { + _ struct{} `type:"structure"` + + // Indicates whether to register all tag keys in the current Region. Specify + // true to register all tag keys. + IncludeAllTagsOfInstance *bool `type:"boolean"` + + // The tag keys to register. + InstanceTagKeys []*string `locationName:"InstanceTagKey" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s RegisterInstanceTagAttributeRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterInstanceTagAttributeRequest) GoString() string { + return s.String() +} + +// SetIncludeAllTagsOfInstance sets the IncludeAllTagsOfInstance field's value. +func (s *RegisterInstanceTagAttributeRequest) SetIncludeAllTagsOfInstance(v bool) *RegisterInstanceTagAttributeRequest { + s.IncludeAllTagsOfInstance = &v + return s +} + +// SetInstanceTagKeys sets the InstanceTagKeys field's value. +func (s *RegisterInstanceTagAttributeRequest) SetInstanceTagKeys(v []*string) *RegisterInstanceTagAttributeRequest { + s.InstanceTagKeys = v + return s +} + type RegisterTransitGatewayMulticastGroupMembersInput struct { _ struct{} `type:"structure"` @@ -91271,7 +99957,8 @@ type ReleaseAddressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The location that the IP address is released from. + // The set of Availability Zones, Local Zones, or Wavelength Zones from which + // AWS advertises IP addresses. // // If you provide an incorrect network border group, you will receive an InvalidAddress.NotFound // error. For more information, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html). @@ -91404,6 +100091,45 @@ func (s *ReleaseHostsOutput) SetUnsuccessful(v []*UnsuccessfulItem) *ReleaseHost return s } +// An entry for a prefix list. +type RemovePrefixListEntry struct { + _ struct{} `type:"structure"` + + // The CIDR block. + // + // Cidr is a required field + Cidr *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s RemovePrefixListEntry) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RemovePrefixListEntry) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RemovePrefixListEntry) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RemovePrefixListEntry"} + if s.Cidr == nil { + invalidParams.Add(request.NewErrParamRequired("Cidr")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCidr sets the Cidr field's value. +func (s *RemovePrefixListEntry) SetCidr(v string) *RemovePrefixListEntry { + s.Cidr = &v + return s +} + type ReplaceIamInstanceProfileAssociationInput struct { _ struct{} `type:"structure"` @@ -91736,6 +100462,9 @@ func (s ReplaceNetworkAclEntryOutput) GoString() string { type ReplaceRouteInput struct { _ struct{} `type:"structure"` + // [IPv4 traffic only] The ID of a carrier gateway. + CarrierGatewayId *string `type:"string"` + // The IPv4 CIDR address block used for the destination match. The value that // you provide must match the CIDR of an existing route in the table. DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` @@ -91744,6 +100473,9 @@ type ReplaceRouteInput struct { // you provide must match the CIDR of an existing route in the table. DestinationIpv6CidrBlock *string `locationName:"destinationIpv6CidrBlock" type:"string"` + // The ID of the prefix list for the route. + DestinationPrefixListId *string `type:"string"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -91806,6 +100538,12 @@ func (s *ReplaceRouteInput) Validate() error { return nil } +// SetCarrierGatewayId sets the CarrierGatewayId field's value. +func (s *ReplaceRouteInput) SetCarrierGatewayId(v string) *ReplaceRouteInput { + s.CarrierGatewayId = &v + return s +} + // SetDestinationCidrBlock sets the DestinationCidrBlock field's value. func (s *ReplaceRouteInput) SetDestinationCidrBlock(v string) *ReplaceRouteInput { s.DestinationCidrBlock = &v @@ -91818,6 +100556,12 @@ func (s *ReplaceRouteInput) SetDestinationIpv6CidrBlock(v string) *ReplaceRouteI return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *ReplaceRouteInput) SetDestinationPrefixListId(v string) *ReplaceRouteInput { + s.DestinationPrefixListId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *ReplaceRouteInput) SetDryRun(v bool) *ReplaceRouteInput { s.DryRun = &v @@ -92245,12 +100989,6 @@ type RequestLaunchTemplateData struct { _ struct{} `type:"structure"` // The block device mapping. - // - // Supplying both a snapshot ID and an encryption value as arguments for block-device - // mapping results in an error. This is because only blank volumes can be encrypted - // on start, and these are not created from a snapshot. If a snapshot is the - // basis for the volume, it contains data by definition and its encryption status - // cannot be changed using this action. BlockDeviceMappings []*LaunchTemplateBlockDeviceMappingRequest `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` // The Capacity Reservation targeting option. If you do not specify this parameter, @@ -92264,8 +101002,8 @@ type RequestLaunchTemplateData struct { // in the Amazon Elastic Compute Cloud User Guide. CpuOptions *LaunchTemplateCpuOptionsRequest `type:"structure"` - // The credit option for CPU usage of the instance. Valid for T2 or T3 instances - // only. + // The credit option for CPU usage of the instance. Valid for T2, T3, or T3a + // instances only. CreditSpecification *CreditSpecificationRequest `type:"structure"` // If you set this parameter to true, you can't terminate the instance using @@ -92288,6 +101026,13 @@ type RequestLaunchTemplateData struct { // The elastic inference accelerator for the instance. ElasticInferenceAccelerators []*LaunchTemplateElasticInferenceAccelerator `locationName:"ElasticInferenceAccelerator" locationNameList:"item" type:"list"` + // Indicates whether the instance is enabled for AWS Nitro Enclaves. For more + // information, see What is AWS Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) + // in the AWS Nitro Enclaves User Guide. + // + // You can't enable AWS Nitro Enclaves and hibernation on the same instance. + EnclaveOptions *LaunchTemplateEnclaveOptionsRequest `type:"structure"` + // Indicates whether an instance is enabled for hibernation. This parameter // is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). // For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) @@ -92469,6 +101214,12 @@ func (s *RequestLaunchTemplateData) SetElasticInferenceAccelerators(v []*LaunchT return s } +// SetEnclaveOptions sets the EnclaveOptions field's value. +func (s *RequestLaunchTemplateData) SetEnclaveOptions(v *LaunchTemplateEnclaveOptionsRequest) *RequestLaunchTemplateData { + s.EnclaveOptions = v + return s +} + // SetHibernationOptions sets the HibernationOptions field's value. func (s *RequestLaunchTemplateData) SetHibernationOptions(v *LaunchTemplateHibernationOptionsRequest) *RequestLaunchTemplateData { s.HibernationOptions = v @@ -92693,6 +101444,9 @@ type RequestSpotInstancesInput struct { // // You can't specify an Availability Zone group or a launch group if you specify // a duration. + // + // New accounts or accounts with no previous billing history with AWS are not + // eligible for Spot Instances with a defined duration (also known as Spot blocks). BlockDurationMinutes *int64 `locationName:"blockDurationMinutes" type:"integer"` // Unique, case-sensitive identifier that you provide to ensure the idempotency @@ -92727,6 +101481,12 @@ type RequestSpotInstancesInput struct { // The default is the On-Demand price. SpotPrice *string `locationName:"spotPrice" type:"string"` + // The key-value pair for tagging the Spot Instance request on creation. The + // value for ResourceType must be spot-instances-request, otherwise the Spot + // Instance request fails. To tag the Spot Instance request after it has been + // created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The Spot Instance request type. // // Default: one-time @@ -92743,11 +101503,16 @@ type RequestSpotInstancesInput struct { // date and time. ValidFrom *time.Time `locationName:"validFrom" type:"timestamp"` - // The end date of the request. If this is a one-time request, the request remains - // active until all instances launch, the request is canceled, or this date - // is reached. If the request is persistent, it remains active until it is canceled - // or this date is reached. The default end date is 7 days from the current - // date. + // The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). + // + // * For a persistent request, the request remains active until the ValidUntil + // date and time is reached. Otherwise, the request remains active until + // you cancel it. + // + // * For a one-time request, the request remains active until all instances + // launch, the request is canceled, or the ValidUntil date and time is reached. + // By default, the request is valid for 7 days from the date the request + // was created. ValidUntil *time.Time `locationName:"validUntil" type:"timestamp"` } @@ -92830,6 +101595,12 @@ func (s *RequestSpotInstancesInput) SetSpotPrice(v string) *RequestSpotInstances return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *RequestSpotInstancesInput) SetTagSpecifications(v []*TagSpecification) *RequestSpotInstancesInput { + s.TagSpecifications = v + return s +} + // SetType sets the Type field's value. func (s *RequestSpotInstancesInput) SetType(v string) *RequestSpotInstancesInput { s.Type = &v @@ -93063,7 +101834,9 @@ func (s *RequestSpotLaunchSpecification) SetUserData(v string) *RequestSpotLaunc return s } -// Describes a reservation. +// Describes a launch request for one or more instances, and includes owner, +// requester, and security group information that applies to all instances in +// the launch request. type Reservation struct { _ struct{} `type:"structure"` @@ -94409,6 +103182,9 @@ type ResponseLaunchTemplateData struct { // The elastic inference accelerator for the instance. ElasticInferenceAccelerators []*LaunchTemplateElasticInferenceAcceleratorResponse `locationName:"elasticInferenceAcceleratorSet" locationNameList:"item" type:"list"` + // Indicates whether the instance is enabled for AWS Nitro Enclaves. + EnclaveOptions *LaunchTemplateEnclaveOptions `locationName:"enclaveOptions" type:"structure"` + // Indicates whether an instance is configured for hibernation. For more information, // see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. @@ -94527,6 +103303,12 @@ func (s *ResponseLaunchTemplateData) SetElasticInferenceAccelerators(v []*Launch return s } +// SetEnclaveOptions sets the EnclaveOptions field's value. +func (s *ResponseLaunchTemplateData) SetEnclaveOptions(v *LaunchTemplateEnclaveOptions) *ResponseLaunchTemplateData { + s.EnclaveOptions = v + return s +} + // SetHibernationOptions sets the HibernationOptions field's value. func (s *ResponseLaunchTemplateData) SetHibernationOptions(v *LaunchTemplateHibernationOptions) *ResponseLaunchTemplateData { s.HibernationOptions = v @@ -94717,6 +103499,107 @@ func (s *RestoreAddressToClassicOutput) SetStatus(v string) *RestoreAddressToCla return s } +type RestoreManagedPrefixListVersionInput struct { + _ struct{} `type:"structure"` + + // The current version number for the prefix list. + // + // CurrentVersion is a required field + CurrentVersion *int64 `type:"long" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the prefix list. + // + // PrefixListId is a required field + PrefixListId *string `type:"string" required:"true"` + + // The version to restore. + // + // PreviousVersion is a required field + PreviousVersion *int64 `type:"long" required:"true"` +} + +// String returns the string representation +func (s RestoreManagedPrefixListVersionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RestoreManagedPrefixListVersionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RestoreManagedPrefixListVersionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RestoreManagedPrefixListVersionInput"} + if s.CurrentVersion == nil { + invalidParams.Add(request.NewErrParamRequired("CurrentVersion")) + } + if s.PrefixListId == nil { + invalidParams.Add(request.NewErrParamRequired("PrefixListId")) + } + if s.PreviousVersion == nil { + invalidParams.Add(request.NewErrParamRequired("PreviousVersion")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCurrentVersion sets the CurrentVersion field's value. +func (s *RestoreManagedPrefixListVersionInput) SetCurrentVersion(v int64) *RestoreManagedPrefixListVersionInput { + s.CurrentVersion = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *RestoreManagedPrefixListVersionInput) SetDryRun(v bool) *RestoreManagedPrefixListVersionInput { + s.DryRun = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *RestoreManagedPrefixListVersionInput) SetPrefixListId(v string) *RestoreManagedPrefixListVersionInput { + s.PrefixListId = &v + return s +} + +// SetPreviousVersion sets the PreviousVersion field's value. +func (s *RestoreManagedPrefixListVersionInput) SetPreviousVersion(v int64) *RestoreManagedPrefixListVersionInput { + s.PreviousVersion = &v + return s +} + +type RestoreManagedPrefixListVersionOutput struct { + _ struct{} `type:"structure"` + + // Information about the prefix list. + PrefixList *ManagedPrefixList `locationName:"prefixList" type:"structure"` +} + +// String returns the string representation +func (s RestoreManagedPrefixListVersionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RestoreManagedPrefixListVersionOutput) GoString() string { + return s.String() +} + +// SetPrefixList sets the PrefixList field's value. +func (s *RestoreManagedPrefixListVersionOutput) SetPrefixList(v *ManagedPrefixList) *RestoreManagedPrefixListVersionOutput { + s.PrefixList = v + return s +} + type RevokeClientVpnIngressInput struct { _ struct{} `type:"structure"` @@ -94942,6 +103825,13 @@ func (s *RevokeSecurityGroupEgressInput) SetToPort(v int64) *RevokeSecurityGroup type RevokeSecurityGroupEgressOutput struct { _ struct{} `type:"structure"` + + // Returns true if the request succeeds; otherwise, returns an error. + Return *bool `locationName:"return" type:"boolean"` + + // The outbound rules that were unknown to the service. In some cases, unknownIpPermissionSet + // might be in a different format from the request parameter. + UnknownIpPermissions []*IpPermission `locationName:"unknownIpPermissionSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -94954,6 +103844,18 @@ func (s RevokeSecurityGroupEgressOutput) GoString() string { return s.String() } +// SetReturn sets the Return field's value. +func (s *RevokeSecurityGroupEgressOutput) SetReturn(v bool) *RevokeSecurityGroupEgressOutput { + s.Return = &v + return s +} + +// SetUnknownIpPermissions sets the UnknownIpPermissions field's value. +func (s *RevokeSecurityGroupEgressOutput) SetUnknownIpPermissions(v []*IpPermission) *RevokeSecurityGroupEgressOutput { + s.UnknownIpPermissions = v + return s +} + type RevokeSecurityGroupIngressInput struct { _ struct{} `type:"structure"` @@ -95081,6 +103983,13 @@ func (s *RevokeSecurityGroupIngressInput) SetToPort(v int64) *RevokeSecurityGrou type RevokeSecurityGroupIngressOutput struct { _ struct{} `type:"structure"` + + // Returns true if the request succeeds; otherwise, returns an error. + Return *bool `locationName:"return" type:"boolean"` + + // The inbound rules that were unknown to the service. In some cases, unknownIpPermissionSet + // might be in a different format from the request parameter. + UnknownIpPermissions []*IpPermission `locationName:"unknownIpPermissionSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -95093,10 +104002,25 @@ func (s RevokeSecurityGroupIngressOutput) GoString() string { return s.String() } +// SetReturn sets the Return field's value. +func (s *RevokeSecurityGroupIngressOutput) SetReturn(v bool) *RevokeSecurityGroupIngressOutput { + s.Return = &v + return s +} + +// SetUnknownIpPermissions sets the UnknownIpPermissions field's value. +func (s *RevokeSecurityGroupIngressOutput) SetUnknownIpPermissions(v []*IpPermission) *RevokeSecurityGroupIngressOutput { + s.UnknownIpPermissions = v + return s +} + // Describes a route in a route table. type Route struct { _ struct{} `type:"structure"` + // The ID of the carrier gateway. + CarrierGatewayId *string `locationName:"carrierGatewayId" type:"string"` + // The IPv4 CIDR block used for the destination match. DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` @@ -95159,6 +104083,12 @@ func (s Route) GoString() string { return s.String() } +// SetCarrierGatewayId sets the CarrierGatewayId field's value. +func (s *Route) SetCarrierGatewayId(v string) *Route { + s.CarrierGatewayId = &v + return s +} + // SetDestinationCidrBlock sets the DestinationCidrBlock field's value. func (s *Route) SetDestinationCidrBlock(v string) *Route { s.DestinationCidrBlock = &v @@ -95440,20 +104370,23 @@ type RunInstancesInput struct { CapacityReservationSpecification *CapacityReservationSpecification `type:"structure"` // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // the request. If you do not specify a client token, a randomly generated token + // is used for the request to ensure idempotency. + // + // For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraints: Maximum 64 ASCII characters - ClientToken *string `locationName:"clientToken" type:"string"` + ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"` // The CPU options for the instance. For more information, see Optimizing CPU - // Options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) + // options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) // in the Amazon Elastic Compute Cloud User Guide. CpuOptions *CpuOptionsRequest `type:"structure"` // The credit option for CPU usage of the burstable performance instance. Valid // values are standard and unlimited. To change this attribute after launch, // use ModifyInstanceCreditSpecification (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html). - // For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) + // For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // // Default: standard (T2 instances) or unlimited (T3/T3a instances) @@ -95492,11 +104425,22 @@ type RunInstancesInput struct { // An elastic inference accelerator to associate with the instance. Elastic // inference accelerators are a resource you can attach to your Amazon EC2 instances // to accelerate your Deep Learning (DL) inference workloads. + // + // You cannot specify accelerators from different generations in the same request. ElasticInferenceAccelerators []*ElasticInferenceAccelerator `locationName:"ElasticInferenceAccelerator" locationNameList:"item" type:"list"` + // Indicates whether the instance is enabled for AWS Nitro Enclaves. For more + // information, see What is AWS Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) + // in the AWS Nitro Enclaves User Guide. + // + // You can't enable AWS Nitro Enclaves and hibernation on the same instance. + EnclaveOptions *EnclaveOptionsRequest `type:"structure"` + // Indicates whether an instance is enabled for hibernation. For more information, - // see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + // see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. + // + // You can't enable hibernation and AWS Nitro Enclaves on the same instance. HibernationOptions *HibernationOptionsRequest `type:"structure"` // The IAM instance profile. @@ -95518,7 +104462,7 @@ type RunInstancesInput struct { // InstanceInterruptionBehavior is set to either hibernate or stop. InstanceMarketOptions *InstanceMarketOptionsRequest `type:"structure"` - // The instance type. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) // in the Amazon Elastic Compute Cloud User Guide. // // Default: m1.small @@ -95578,7 +104522,7 @@ type RunInstancesInput struct { MaxCount *int64 `type:"integer" required:"true"` // The metadata options for the instance. For more information, see Instance - // Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). + // metadata and user data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). MetadataOptions *InstanceMetadataOptionsRequest `type:"structure"` // The minimum number of instances to launch. If you specify a minimum that @@ -95655,7 +104599,7 @@ type RunInstancesInput struct { TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The user data to make available to the instance. For more information, see - // Running Commands on Your Linux Instance at Launch (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) + // Running commands on your Linux instance at launch (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) // (Linux) and Adding User Data (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data) // (Windows). If you are using a command line tool, base64-encoding is performed // for you, and you can load the text from a file. Otherwise, you must provide @@ -95785,6 +104729,12 @@ func (s *RunInstancesInput) SetElasticInferenceAccelerators(v []*ElasticInferenc return s } +// SetEnclaveOptions sets the EnclaveOptions field's value. +func (s *RunInstancesInput) SetEnclaveOptions(v *EnclaveOptionsRequest) *RunInstancesInput { + s.EnclaveOptions = v + return s +} + // SetHibernationOptions sets the HibernationOptions field's value. func (s *RunInstancesInput) SetHibernationOptions(v *HibernationOptionsRequest) *RunInstancesInput { s.HibernationOptions = v @@ -96646,19 +105596,15 @@ type ScheduledInstancesEbs struct { // only to instances that support them. Encrypted *bool `type:"boolean"` - // The number of I/O operations per second (IOPS) that the volume supports. - // For io1 volumes, this represents the number of IOPS that are provisioned - // for the volume. For gp2 volumes, this represents the baseline performance - // of the volume and the rate at which the volume accumulates I/O credits for - // bursting. For more information about gp2 baseline performance, I/O credits, - // and bursting, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // The number of I/O operations per second (IOPS) to provision for an io1 or + // io2 volume, with a maximum ratio of 50 IOPS/GiB for io1, and 500 IOPS/GiB + // for io2. Range is 100 to 64,000 IOPS for volumes in most Regions. Maximum + // IOPS of 64,000 is guaranteed only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // Other instance families guarantee performance up to 32,000 IOPS. For more + // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // - // Constraint: Range is 100-20000 IOPS for io1 volumes and 100-10000 IOPS for - // gp2 volumes. - // - // Condition: This parameter is required for requests to create io1volumes; - // it is not used in requests to create gp2, st1, sc1, or standard volumes. + // This parameter is valid only for Provisioned IOPS SSD (io1 and io2) volumes. Iops *int64 `type:"integer"` // The ID of the snapshot. @@ -96670,8 +105616,9 @@ type ScheduledInstancesEbs struct { // a volume size, the default is the snapshot size. VolumeSize *int64 `type:"integer"` - // The volume type. gp2 for General Purpose SSD, io1 for Provisioned IOPS SSD, - // Throughput Optimized HDD for st1, Cold HDD for sc1, or standard for Magnetic. + // The volume type. gp2 for General Purpose SSD, io1 or io2 for Provisioned + // IOPS SSD, Throughput Optimized HDD for st1, Cold HDD for sc1, or standard + // for Magnetic. // // Default: gp2 VolumeType *string `type:"string"` @@ -97430,7 +106377,10 @@ type SearchTransitGatewayRoutesInput struct { // // * attachment.resource-id - The resource id of the transit gateway attachment. // - // * attachment.resource-type - The attachment resource type (vpc | vpn). + // * attachment.resource-type - The attachment resource type. Valid values + // are vpc | vpn | direct-connect-gateway | peering. + // + // * prefix-list-id - The ID of the prefix list. // // * route-search.exact-match - The exact match of the specified filter. // @@ -98161,9 +107111,8 @@ type Snapshot struct { // key for the parent volume. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` - // Value from an Amazon-maintained list (amazon | self | all | aws-marketplace - // | microsoft) of snapshot owners. Not to be confused with the user-configured - // AWS account alias, which is set from the IAM console. + // The AWS owner alias, from an Amazon-maintained list (amazon). This is not + // the user-configured AWS account alias set using the IAM console. OwnerAlias *string `locationName:"ownerAlias" type:"string"` // The AWS account ID of the EBS snapshot owner. @@ -98326,7 +107275,7 @@ type SnapshotDetail struct { // The URL used to access the disk image. Url *string `locationName:"url" type:"string"` - // The S3 bucket for the disk image. + // The Amazon S3 bucket for the disk image. UserBucket *UserBucketDetails `locationName:"userBucket" type:"structure"` } @@ -98416,7 +107365,7 @@ type SnapshotDiskContainer struct { // a https URL (https://..) or an Amazon S3 URL (s3://..). Url *string `type:"string"` - // The S3 bucket for the disk image. + // The Amazon S3 bucket for the disk image. UserBucket *UserBucket `type:"structure"` } @@ -98596,7 +107545,7 @@ type SnapshotTaskDetail struct { // The URL of the disk image from which the snapshot is created. Url *string `locationName:"url" type:"string"` - // The S3 bucket for the disk image. + // The Amazon S3 bucket for the disk image. UserBucket *UserBucketDetails `locationName:"userBucket" type:"structure"` } @@ -98676,11 +107625,48 @@ func (s *SnapshotTaskDetail) SetUserBucket(v *UserBucketDetails) *SnapshotTaskDe return s } +// The Spot Instance replacement strategy to use when Amazon EC2 emits a signal +// that your Spot Instance is at an elevated risk of being interrupted. For +// more information, see Capacity rebalancing (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-configuration-strategies.html#spot-fleet-capacity-rebalance) +// in the Amazon EC2 User Guide for Linux Instances. +type SpotCapacityRebalance struct { + _ struct{} `type:"structure"` + + // The replacement strategy to use. Only available for fleets of type maintain. + // You must specify a value, otherwise you get an error. + // + // To allow Spot Fleet to launch a replacement Spot Instance when an instance + // rebalance notification is emitted for a Spot Instance in the fleet, specify + // launch. + // + // When a replacement instance is launched, the instance marked for rebalance + // is not automatically terminated. You can terminate it, or you can wait until + // Amazon EC2 interrupts it. You are charged for all instances while they are + // running. + ReplacementStrategy *string `locationName:"replacementStrategy" type:"string" enum:"ReplacementStrategy"` +} + +// String returns the string representation +func (s SpotCapacityRebalance) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SpotCapacityRebalance) GoString() string { + return s.String() +} + +// SetReplacementStrategy sets the ReplacementStrategy field's value. +func (s *SpotCapacityRebalance) SetReplacementStrategy(v string) *SpotCapacityRebalance { + s.ReplacementStrategy = &v + return s +} + // Describes the data feed for a Spot Instance. type SpotDatafeedSubscription struct { _ struct{} `type:"structure"` - // The Amazon S3 bucket where the Spot Instance data feed is located. + // The name of the Amazon S3 bucket where the Spot Instance data feed is located. Bucket *string `locationName:"bucket" type:"string"` // The fault codes for the Spot Instance request, if any. @@ -98689,7 +107675,7 @@ type SpotDatafeedSubscription struct { // The AWS account ID of the account. OwnerId *string `locationName:"ownerId" type:"string"` - // The prefix that is prepended to data feed files. + // The prefix for the data feed files. Prefix *string `locationName:"prefix" type:"string"` // The state of the Spot Instance data feed subscription. @@ -98737,8 +107723,9 @@ func (s *SpotDatafeedSubscription) SetState(v string) *SpotDatafeedSubscription } // Describes the launch specification for one or more Spot Instances. If you -// include On-Demand capacity in your fleet request, you can't use SpotFleetLaunchSpecification; -// you must use LaunchTemplateConfig (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateConfig.html). +// include On-Demand capacity in your fleet request or want to specify an EFA +// network device, you can't use SpotFleetLaunchSpecification; you must use +// LaunchTemplateConfig (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateConfig.html). type SpotFleetLaunchSpecification struct { _ struct{} `type:"structure"` @@ -98781,6 +107768,9 @@ type SpotFleetLaunchSpecification struct { // One or more network interfaces. If you specify a network interface, you must // specify subnet IDs and security group IDs using the network interface. + // + // SpotFleetLaunchSpecification currently does not support Elastic Fabric Adapter + // (EFA). To specify an EFA, you must use LaunchTemplateConfig (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateConfig.html). NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"` // The placement information. @@ -98990,6 +107980,9 @@ type SpotFleetRequestConfig struct { // The state of the Spot Fleet request. SpotFleetRequestState *string `locationName:"spotFleetRequestState" type:"string" enum:"BatchState"` + + // The tags for a Spot Fleet resource. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -99032,6 +108025,12 @@ func (s *SpotFleetRequestConfig) SetSpotFleetRequestState(v string) *SpotFleetRe return s } +// SetTags sets the Tags field's value. +func (s *SpotFleetRequestConfig) SetTags(v []*Tag) *SpotFleetRequestConfig { + s.Tags = v + return s +} + // Describes the configuration of a Spot Fleet request. type SpotFleetRequestConfigData struct { _ struct{} `type:"structure"` @@ -99067,12 +108066,12 @@ type SpotFleetRequestConfigData struct { // The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) // role that grants the Spot Fleet the permission to request, launch, terminate, - // and tag instances on your behalf. For more information, see Spot Fleet Prerequisites + // and tag instances on your behalf. For more information, see Spot Fleet prerequisites // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) // in the Amazon EC2 User Guide for Linux Instances. Spot Fleet can terminate // Spot Instances on your behalf when you cancel its Spot Fleet request using - // CancelSpotFleetRequests or when the Spot Fleet request expires, if you set - // TerminateInstancesWithExpiration. + // CancelSpotFleetRequests (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelSpotFleetRequests) + // or when the Spot Fleet request expires, if you set TerminateInstancesWithExpiration. // // IamFleetRole is a required field IamFleetRole *string `locationName:"iamFleetRole" type:"string" required:"true"` @@ -99137,6 +108136,10 @@ type SpotFleetRequestConfigData struct { // Indicates whether Spot Fleet should replace unhealthy instances. ReplaceUnhealthyInstances *bool `locationName:"replaceUnhealthyInstances" type:"boolean"` + // The strategies for managing your Spot Instances that are at an elevated risk + // of being interrupted. + SpotMaintenanceStrategies *SpotMaintenanceStrategies `locationName:"spotMaintenanceStrategies" type:"structure"` + // The maximum amount per hour for Spot Instances that you're willing to pay. // You can use the spotdMaxTotalPrice parameter, the onDemandMaxTotalPrice parameter, // or both parameters to ensure that your fleet cost does not exceed your budget. @@ -99151,6 +108154,16 @@ type SpotFleetRequestConfigData struct { // The default is the On-Demand price. SpotPrice *string `locationName:"spotPrice" type:"string"` + // The key-value pair for tagging the Spot Fleet request on creation. The value + // for ResourceType must be spot-fleet-request, otherwise the Spot Fleet request + // fails. To tag instances at launch, specify the tags in the launch template + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) + // (valid only if you use LaunchTemplateConfigs) or in the SpotFleetTagSpecification + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html) + // (valid only if you use LaunchSpecifications). For information about tagging + // after launch, see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The number of units to request for the Spot Fleet. You can choose to set // the target capacity in terms of instances or a performance characteristic // that is important to your application workload, such as vCPUs, memory, or @@ -99316,6 +108329,12 @@ func (s *SpotFleetRequestConfigData) SetReplaceUnhealthyInstances(v bool) *SpotF return s } +// SetSpotMaintenanceStrategies sets the SpotMaintenanceStrategies field's value. +func (s *SpotFleetRequestConfigData) SetSpotMaintenanceStrategies(v *SpotMaintenanceStrategies) *SpotFleetRequestConfigData { + s.SpotMaintenanceStrategies = v + return s +} + // SetSpotMaxTotalPrice sets the SpotMaxTotalPrice field's value. func (s *SpotFleetRequestConfigData) SetSpotMaxTotalPrice(v string) *SpotFleetRequestConfigData { s.SpotMaxTotalPrice = &v @@ -99328,6 +108347,12 @@ func (s *SpotFleetRequestConfigData) SetSpotPrice(v string) *SpotFleetRequestCon return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *SpotFleetRequestConfigData) SetTagSpecifications(v []*TagSpecification) *SpotFleetRequestConfigData { + s.TagSpecifications = v + return s +} + // SetTargetCapacity sets the TargetCapacity field's value. func (s *SpotFleetRequestConfigData) SetTargetCapacity(v int64) *SpotFleetRequestConfigData { s.TargetCapacity = &v @@ -99363,7 +108388,8 @@ type SpotFleetTagSpecification struct { _ struct{} `type:"structure"` // The type of resource. Currently, the only resource type that is supported - // is instance. + // is instance. To tag the Spot Fleet request on creation, use the TagSpecifications + // parameter in SpotFleetRequestConfigData (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html). ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"` // The tags. @@ -99442,7 +108468,7 @@ type SpotInstanceRequest struct { SpotPrice *string `locationName:"spotPrice" type:"string"` // The state of the Spot Instance request. Spot status information helps track - // your Spot Instance requests. For more information, see Spot Status (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html) + // your Spot Instance requests. For more information, see Spot status (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html) // in the Amazon EC2 User Guide for Linux Instances. State *string `locationName:"state" type:"string" enum:"SpotInstanceState"` @@ -99459,11 +108485,16 @@ type SpotInstanceRequest struct { // The request becomes active at this date and time. ValidFrom *time.Time `locationName:"validFrom" type:"timestamp"` - // The end date of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). - // If this is a one-time request, it remains active until all instances launch, - // the request is canceled, or this date is reached. If the request is persistent, - // it remains active until it is canceled or this date is reached. The default - // end date is 7 days from the current date. + // The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). + // + // * For a persistent request, the request remains active until the validUntil + // date and time is reached. Otherwise, the request remains active until + // you cancel it. + // + // * For a one-time request, the request remains active until all instances + // launch, the request is canceled, or the validUntil date and time is reached. + // By default, the request is valid for 7 days from the date the request + // was created. ValidUntil *time.Time `locationName:"validUntil" type:"timestamp"` } @@ -99628,7 +108659,7 @@ func (s *SpotInstanceStateFault) SetMessage(v string) *SpotInstanceStateFault { type SpotInstanceStatus struct { _ struct{} `type:"structure"` - // The status code. For a list of status codes, see Spot Status Codes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html#spot-instance-bid-status-understand) + // The status code. For a list of status codes, see Spot status codes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html#spot-instance-bid-status-understand) // in the Amazon EC2 User Guide for Linux Instances. Code *string `locationName:"code" type:"string"` @@ -99668,6 +108699,32 @@ func (s *SpotInstanceStatus) SetUpdateTime(v time.Time) *SpotInstanceStatus { return s } +// The strategies for managing your Spot Instances that are at an elevated risk +// of being interrupted. +type SpotMaintenanceStrategies struct { + _ struct{} `type:"structure"` + + // The strategy to use when Amazon EC2 emits a signal that your Spot Instance + // is at an elevated risk of being interrupted. + CapacityRebalance *SpotCapacityRebalance `locationName:"capacityRebalance" type:"structure"` +} + +// String returns the string representation +func (s SpotMaintenanceStrategies) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SpotMaintenanceStrategies) GoString() string { + return s.String() +} + +// SetCapacityRebalance sets the CapacityRebalance field's value. +func (s *SpotMaintenanceStrategies) SetCapacityRebalance(v *SpotCapacityRebalance) *SpotMaintenanceStrategies { + s.CapacityRebalance = v + return s +} + // The options for Spot Instances. type SpotMarketOptions struct { _ struct{} `type:"structure"` @@ -99675,6 +108732,17 @@ type SpotMarketOptions struct { // The required duration for the Spot Instances (also known as Spot blocks), // in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, // or 360). + // + // The duration period starts as soon as your Spot Instance receives its instance + // ID. At the end of the duration period, Amazon EC2 marks the Spot Instance + // for termination and provides a Spot Instance termination notice, which gives + // the instance a two-minute warning before it terminates. + // + // You can't specify an Availability Zone group or a launch group if you specify + // a duration. + // + // New accounts or accounts with no previous billing history with AWS are not + // eligible for Spot Instances with a defined duration (also known as Spot blocks). BlockDurationMinutes *int64 `type:"integer"` // The behavior when a Spot Instance is interrupted. The default is terminate. @@ -99684,16 +108752,20 @@ type SpotMarketOptions struct { // default is the On-Demand price. MaxPrice *string `type:"string"` - // The Spot Instance request type. For RunInstances, persistent Spot Instance - // requests are only supported when InstanceInterruptionBehavior is set to either - // hibernate or stop. + // The Spot Instance request type. For RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances), + // persistent Spot Instance requests are only supported when InstanceInterruptionBehavior + // is set to either hibernate or stop. SpotInstanceType *string `type:"string" enum:"SpotInstanceType"` - // The end date of the request. For a one-time request, the request remains - // active until all instances launch, the request is canceled, or this date - // is reached. If the request is persistent, it remains active until it is canceled - // or this date and time is reached. The default end date is 7 days from the - // current date. + // The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported + // only for persistent requests. + // + // * For a persistent request, the request remains active until the ValidUntil + // date and time is reached. Otherwise, the request remains active until + // you cancel it. + // + // * For a one-time request, ValidUntil is not supported. The request remains + // active until all instances launch or you cancel the request. ValidUntil *time.Time `type:"timestamp"` } @@ -99765,6 +108837,10 @@ type SpotOptions struct { // the number of Spot pools that you specify. InstancePoolsToUseCount *int64 `locationName:"instancePoolsToUseCount" type:"integer"` + // The strategies for managing your workloads on your Spot Instances that will + // be interrupted. Currently only the capacity rebalance strategy is available. + MaintenanceStrategies *FleetSpotMaintenanceStrategies `locationName:"maintenanceStrategies" type:"structure"` + // The maximum amount per hour for Spot Instances that you're willing to pay. MaxTotalPrice *string `locationName:"maxTotalPrice" type:"string"` @@ -99809,6 +108885,12 @@ func (s *SpotOptions) SetInstancePoolsToUseCount(v int64) *SpotOptions { return s } +// SetMaintenanceStrategies sets the MaintenanceStrategies field's value. +func (s *SpotOptions) SetMaintenanceStrategies(v *FleetSpotMaintenanceStrategies) *SpotOptions { + s.MaintenanceStrategies = v + return s +} + // SetMaxTotalPrice sets the MaxTotalPrice field's value. func (s *SpotOptions) SetMaxTotalPrice(v string) *SpotOptions { s.MaxTotalPrice = &v @@ -99861,6 +108943,10 @@ type SpotOptionsRequest struct { // across the number of Spot pools that you specify. InstancePoolsToUseCount *int64 `type:"integer"` + // The strategies for managing your Spot Instances that are at an elevated risk + // of being interrupted. + MaintenanceStrategies *FleetSpotMaintenanceStrategiesRequest `type:"structure"` + // The maximum amount per hour for Spot Instances that you're willing to pay. MaxTotalPrice *string `type:"string"` @@ -99905,6 +108991,12 @@ func (s *SpotOptionsRequest) SetInstancePoolsToUseCount(v int64) *SpotOptionsReq return s } +// SetMaintenanceStrategies sets the MaintenanceStrategies field's value. +func (s *SpotOptionsRequest) SetMaintenanceStrategies(v *FleetSpotMaintenanceStrategiesRequest) *SpotOptionsRequest { + s.MaintenanceStrategies = v + return s +} + // SetMaxTotalPrice sets the MaxTotalPrice field's value. func (s *SpotOptionsRequest) SetMaxTotalPrice(v string) *SpotOptionsRequest { s.MaxTotalPrice = &v @@ -100052,8 +109144,7 @@ type StaleIpPermission struct { // The IP ranges. Not applicable for stale security group rules. IpRanges []*string `locationName:"ipRanges" locationNameList:"item" type:"list"` - // The prefix list IDs for an AWS service. Not applicable for stale security - // group rules. + // The prefix list IDs. Not applicable for stale security group rules. PrefixListIds []*string `locationName:"prefixListIds" locationNameList:"item" type:"list"` // The end of the port range for the TCP and UDP protocols, or an ICMP type @@ -100425,7 +109516,7 @@ type StopInstancesInput struct { // Hibernates the instance if the instance was enabled for hibernation at launch. // If the instance cannot hibernate successfully, a normal shutdown occurs. - // For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. // // Default: false @@ -100585,12 +109676,20 @@ type Subnet struct { // The IPv4 CIDR block assigned to the subnet. CidrBlock *string `locationName:"cidrBlock" type:"string"` + // The customer-owned IPv4 address pool associated with the subnet. + CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` + // Indicates whether this is the default subnet for the Availability Zone. DefaultForAz *bool `locationName:"defaultForAz" type:"boolean"` // Information about the IPv6 CIDR blocks associated with the subnet. Ipv6CidrBlockAssociationSet []*SubnetIpv6CidrBlockAssociation `locationName:"ipv6CidrBlockAssociationSet" locationNameList:"item" type:"list"` + // Indicates whether a network interface created in this subnet (including a + // network interface created by RunInstances) receives a customer-owned IPv4 + // address. + MapCustomerOwnedIpOnLaunch *bool `locationName:"mapCustomerOwnedIpOnLaunch" type:"boolean"` + // Indicates whether instances launched in this subnet receive a public IPv4 // address. MapPublicIpOnLaunch *bool `locationName:"mapPublicIpOnLaunch" type:"boolean"` @@ -100657,6 +109756,12 @@ func (s *Subnet) SetCidrBlock(v string) *Subnet { return s } +// SetCustomerOwnedIpv4Pool sets the CustomerOwnedIpv4Pool field's value. +func (s *Subnet) SetCustomerOwnedIpv4Pool(v string) *Subnet { + s.CustomerOwnedIpv4Pool = &v + return s +} + // SetDefaultForAz sets the DefaultForAz field's value. func (s *Subnet) SetDefaultForAz(v bool) *Subnet { s.DefaultForAz = &v @@ -100669,6 +109774,12 @@ func (s *Subnet) SetIpv6CidrBlockAssociationSet(v []*SubnetIpv6CidrBlockAssociat return s } +// SetMapCustomerOwnedIpOnLaunch sets the MapCustomerOwnedIpOnLaunch field's value. +func (s *Subnet) SetMapCustomerOwnedIpOnLaunch(v bool) *Subnet { + s.MapCustomerOwnedIpOnLaunch = &v + return s +} + // SetMapPublicIpOnLaunch sets the MapPublicIpOnLaunch field's value. func (s *Subnet) SetMapPublicIpOnLaunch(v bool) *Subnet { s.MapPublicIpOnLaunch = &v @@ -100969,11 +110080,17 @@ type TagSpecification struct { _ struct{} `type:"structure"` // The type of resource to tag. Currently, the resource types that support tagging - // on creation are: capacity-reservation | client-vpn-endpoint | dedicated-host - // | fleet | fpga-image | instance | key-pair | launch-template | placement-group - // | snapshot | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target + // on creation are: capacity-reservation | carrier-gateway | client-vpn-endpoint + // | customer-gateway | dedicated-host | dhcp-options | export-image-task | + // export-instance-task | fleet | fpga-image | host-reservation | import-image-task + // | import-snapshot-task | instance | internet-gateway | ipv4pool-ec2 | ipv6pool-ec2 + // | key-pair | launch-template | placement-group | prefix-list | natgateway + // | network-acl | route-table | security-group | spot-fleet-request | spot-instances-request + // | snapshot | subnet | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target // | transit-gateway | transit-gateway-attachment | transit-gateway-route-table - // | volume. + // | volume |vpc | vpc-peering-connection | vpc-endpoint (for interface and + // gateway endpoints) | vpc-endpoint-service (for AWS PrivateLink) | vpc-flow-log + // | vpn-connection | vpn-gateway. // // To tag a resource after it has been created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"` @@ -101017,7 +110134,8 @@ func (s *TagSpecification) SetTags(v []*Tag) *TagSpecification { // reaches the maximum amount that you're willing to pay. When the maximum amount // you're willing to pay is reached, the fleet stops launching instances even // if it hasn’t met the target capacity. The MaxTotalPrice parameters are -// located in and +// located in OnDemandOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_OnDemandOptions.html) +// and SpotOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotOptions) type TargetCapacitySpecification struct { _ struct{} `type:"structure"` @@ -101083,7 +110201,8 @@ func (s *TargetCapacitySpecification) SetTotalTargetCapacity(v int64) *TargetCap // instances until it reaches the maximum amount that you're willing to pay. // When the maximum amount you're willing to pay is reached, the fleet stops // launching instances even if it hasn’t met the target capacity. The MaxTotalPrice -// parameters are located in and . +// parameters are located in OnDemandOptionsRequest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_OnDemandOptionsRequest) +// and SpotOptionsRequest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotOptionsRequest). type TargetCapacitySpecificationRequest struct { _ struct{} `type:"structure"` @@ -102169,7 +111288,7 @@ type TransitGatewayAssociation struct { // The ID of the resource. ResourceId *string `locationName:"resourceId" type:"string"` - // The resource type. + // The resource type. Note that the tgw-peering resource type has been deprecated. ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` // The state of the association. @@ -102238,10 +111357,10 @@ type TransitGatewayAttachment struct { // The ID of the AWS account that owns the resource. ResourceOwnerId *string `locationName:"resourceOwnerId" type:"string"` - // The resource type. + // The resource type. Note that the tgw-peering resource type has been deprecated. ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` - // The attachment state. + // The attachment state. Note that the initiating state has been deprecated. State *string `locationName:"state" type:"string" enum:"TransitGatewayAttachmentState"` // The tags for the attachment. @@ -102951,7 +112070,8 @@ type TransitGatewayPeeringAttachment struct { // Information about the requester transit gateway. RequesterTgwInfo *PeeringTgwInfo `locationName:"requesterTgwInfo" type:"structure"` - // The state of the transit gateway peering attachment. + // The state of the transit gateway peering attachment. Note that the initiating + // state has been deprecated. State *string `locationName:"state" type:"string" enum:"TransitGatewayAttachmentState"` // The status of the transit gateway peering attachment. @@ -103016,6 +112136,117 @@ func (s *TransitGatewayPeeringAttachment) SetTransitGatewayAttachmentId(v string return s } +// Describes a transit gateway prefix list attachment. +type TransitGatewayPrefixListAttachment struct { + _ struct{} `type:"structure"` + + // The ID of the resource. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The resource type. Note that the tgw-peering resource type has been deprecated. + ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` + + // The ID of the attachment. + TransitGatewayAttachmentId *string `locationName:"transitGatewayAttachmentId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayPrefixListAttachment) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayPrefixListAttachment) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *TransitGatewayPrefixListAttachment) SetResourceId(v string) *TransitGatewayPrefixListAttachment { + s.ResourceId = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *TransitGatewayPrefixListAttachment) SetResourceType(v string) *TransitGatewayPrefixListAttachment { + s.ResourceType = &v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *TransitGatewayPrefixListAttachment) SetTransitGatewayAttachmentId(v string) *TransitGatewayPrefixListAttachment { + s.TransitGatewayAttachmentId = &v + return s +} + +// Describes a prefix list reference. +type TransitGatewayPrefixListReference struct { + _ struct{} `type:"structure"` + + // Indicates whether traffic that matches this route is dropped. + Blackhole *bool `locationName:"blackhole" type:"boolean"` + + // The ID of the prefix list. + PrefixListId *string `locationName:"prefixListId" type:"string"` + + // The ID of the prefix list owner. + PrefixListOwnerId *string `locationName:"prefixListOwnerId" type:"string"` + + // The state of the prefix list reference. + State *string `locationName:"state" type:"string" enum:"TransitGatewayPrefixListReferenceState"` + + // Information about the transit gateway attachment. + TransitGatewayAttachment *TransitGatewayPrefixListAttachment `locationName:"transitGatewayAttachment" type:"structure"` + + // The ID of the transit gateway route table. + TransitGatewayRouteTableId *string `locationName:"transitGatewayRouteTableId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayPrefixListReference) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayPrefixListReference) GoString() string { + return s.String() +} + +// SetBlackhole sets the Blackhole field's value. +func (s *TransitGatewayPrefixListReference) SetBlackhole(v bool) *TransitGatewayPrefixListReference { + s.Blackhole = &v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *TransitGatewayPrefixListReference) SetPrefixListId(v string) *TransitGatewayPrefixListReference { + s.PrefixListId = &v + return s +} + +// SetPrefixListOwnerId sets the PrefixListOwnerId field's value. +func (s *TransitGatewayPrefixListReference) SetPrefixListOwnerId(v string) *TransitGatewayPrefixListReference { + s.PrefixListOwnerId = &v + return s +} + +// SetState sets the State field's value. +func (s *TransitGatewayPrefixListReference) SetState(v string) *TransitGatewayPrefixListReference { + s.State = &v + return s +} + +// SetTransitGatewayAttachment sets the TransitGatewayAttachment field's value. +func (s *TransitGatewayPrefixListReference) SetTransitGatewayAttachment(v *TransitGatewayPrefixListAttachment) *TransitGatewayPrefixListReference { + s.TransitGatewayAttachment = v + return s +} + +// SetTransitGatewayRouteTableId sets the TransitGatewayRouteTableId field's value. +func (s *TransitGatewayPrefixListReference) SetTransitGatewayRouteTableId(v string) *TransitGatewayPrefixListReference { + s.TransitGatewayRouteTableId = &v + return s +} + // Describes route propagation. type TransitGatewayPropagation struct { _ struct{} `type:"structure"` @@ -103023,7 +112254,7 @@ type TransitGatewayPropagation struct { // The ID of the resource. ResourceId *string `locationName:"resourceId" type:"string"` - // The resource type. + // The resource type. Note that the tgw-peering resource type has been deprecated. ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` // The state. @@ -103082,28 +112313,28 @@ type TransitGatewayRequestOptions struct { // A private Autonomous System Number (ASN) for the Amazon side of a BGP session. // The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 - // for 32-bit ASNs. + // for 32-bit ASNs. The default is 64512. AmazonSideAsn *int64 `type:"long"` - // Enable or disable automatic acceptance of attachment requests. The default - // is disable. + // Enable or disable automatic acceptance of attachment requests. Disabled by + // default. AutoAcceptSharedAttachments *string `type:"string" enum:"AutoAcceptSharedAttachmentsValue"` // Enable or disable automatic association with the default association route - // table. The default is enable. + // table. Enabled by default. DefaultRouteTableAssociation *string `type:"string" enum:"DefaultRouteTableAssociationValue"` // Enable or disable automatic propagation of routes to the default propagation - // route table. The default is enable. + // route table. Enabled by default. DefaultRouteTablePropagation *string `type:"string" enum:"DefaultRouteTablePropagationValue"` - // Enable or disable DNS support. + // Enable or disable DNS support. Enabled by default. DnsSupport *string `type:"string" enum:"DnsSupportValue"` // Indicates whether multicast is enabled on the transit gateway MulticastSupport *string `type:"string" enum:"MulticastSupportValue"` - // Enable or disable Equal Cost Multipath Protocol support. + // Enable or disable Equal Cost Multipath Protocol support. Enabled by default. VpnEcmpSupport *string `type:"string" enum:"VpnEcmpSupportValue"` } @@ -103166,6 +112397,9 @@ type TransitGatewayRoute struct { // The CIDR block used for destination matches. DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` + // The ID of the prefix list used for destination matches. + PrefixListId *string `locationName:"prefixListId" type:"string"` + // The state of the route. State *string `locationName:"state" type:"string" enum:"TransitGatewayRouteState"` @@ -103192,6 +112426,12 @@ func (s *TransitGatewayRoute) SetDestinationCidrBlock(v string) *TransitGatewayR return s } +// SetPrefixListId sets the PrefixListId field's value. +func (s *TransitGatewayRoute) SetPrefixListId(v string) *TransitGatewayRoute { + s.PrefixListId = &v + return s +} + // SetState sets the State field's value. func (s *TransitGatewayRoute) SetState(v string) *TransitGatewayRoute { s.State = &v @@ -103217,7 +112457,7 @@ type TransitGatewayRouteAttachment struct { // The ID of the resource. ResourceId *string `locationName:"resourceId" type:"string"` - // The resource type. + // The resource type. Note that the tgw-peering resource type has been deprecated. ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` // The ID of the attachment. @@ -103339,7 +112579,7 @@ type TransitGatewayRouteTableAssociation struct { // The ID of the resource. ResourceId *string `locationName:"resourceId" type:"string"` - // The resource type. + // The resource type. Note that the tgw-peering resource type has been deprecated. ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` // The state of the association. @@ -103390,7 +112630,7 @@ type TransitGatewayRouteTablePropagation struct { // The ID of the resource. ResourceId *string `locationName:"resourceId" type:"string"` - // The type of resource. + // The type of resource. Note that the tgw-peering resource type has been deprecated. ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` // The state of the resource. @@ -103444,7 +112684,8 @@ type TransitGatewayVpcAttachment struct { // The VPC attachment options. Options *TransitGatewayVpcAttachmentOptions `locationName:"options" type:"structure"` - // The state of the VPC attachment. + // The state of the VPC attachment. Note that the initiating state has been + // deprecated. State *string `locationName:"state" type:"string" enum:"TransitGatewayAttachmentState"` // The IDs of the subnets. @@ -103534,10 +112775,13 @@ func (s *TransitGatewayVpcAttachment) SetVpcOwnerId(v string) *TransitGatewayVpc type TransitGatewayVpcAttachmentOptions struct { _ struct{} `type:"structure"` + // Indicates whether appliance mode support is enabled. + ApplianceModeSupport *string `locationName:"applianceModeSupport" type:"string" enum:"ApplianceModeSupportValue"` + // Indicates whether DNS support is enabled. DnsSupport *string `locationName:"dnsSupport" type:"string" enum:"DnsSupportValue"` - // Indicates whether IPv6 support is enabled. + // Indicates whether IPv6 support is disabled. Ipv6Support *string `locationName:"ipv6Support" type:"string" enum:"Ipv6SupportValue"` } @@ -103551,6 +112795,12 @@ func (s TransitGatewayVpcAttachmentOptions) GoString() string { return s.String() } +// SetApplianceModeSupport sets the ApplianceModeSupport field's value. +func (s *TransitGatewayVpcAttachmentOptions) SetApplianceModeSupport(v string) *TransitGatewayVpcAttachmentOptions { + s.ApplianceModeSupport = &v + return s +} + // SetDnsSupport sets the DnsSupport field's value. func (s *TransitGatewayVpcAttachmentOptions) SetDnsSupport(v string) *TransitGatewayVpcAttachmentOptions { s.DnsSupport = &v @@ -103567,6 +112817,9 @@ func (s *TransitGatewayVpcAttachmentOptions) SetIpv6Support(v string) *TransitGa type TunnelOption struct { _ struct{} `type:"structure"` + // The action to take after a DPD timeout occurs. + DpdTimeoutAction *string `locationName:"dpdTimeoutAction" type:"string"` + // The number of seconds after which a DPD timeout occurs. DpdTimeoutSeconds *int64 `locationName:"dpdTimeoutSeconds" type:"integer"` @@ -103617,8 +112870,14 @@ type TunnelOption struct { // The number of packets in an IKE replay window. ReplayWindowSize *int64 `locationName:"replayWindowSize" type:"integer"` - // The range of inside IP addresses for the tunnel. + // The action to take when the establishing the VPN tunnels for a VPN connection. + StartupAction *string `locationName:"startupAction" type:"string"` + + // The range of inside IPv4 addresses for the tunnel. TunnelInsideCidr *string `locationName:"tunnelInsideCidr" type:"string"` + + // The range of inside IPv6 addresses for the tunnel. + TunnelInsideIpv6Cidr *string `locationName:"tunnelInsideIpv6Cidr" type:"string"` } // String returns the string representation @@ -103631,6 +112890,12 @@ func (s TunnelOption) GoString() string { return s.String() } +// SetDpdTimeoutAction sets the DpdTimeoutAction field's value. +func (s *TunnelOption) SetDpdTimeoutAction(v string) *TunnelOption { + s.DpdTimeoutAction = &v + return s +} + // SetDpdTimeoutSeconds sets the DpdTimeoutSeconds field's value. func (s *TunnelOption) SetDpdTimeoutSeconds(v int64) *TunnelOption { s.DpdTimeoutSeconds = &v @@ -103721,12 +112986,24 @@ func (s *TunnelOption) SetReplayWindowSize(v int64) *TunnelOption { return s } +// SetStartupAction sets the StartupAction field's value. +func (s *TunnelOption) SetStartupAction(v string) *TunnelOption { + s.StartupAction = &v + return s +} + // SetTunnelInsideCidr sets the TunnelInsideCidr field's value. func (s *TunnelOption) SetTunnelInsideCidr(v string) *TunnelOption { s.TunnelInsideCidr = &v return s } +// SetTunnelInsideIpv6Cidr sets the TunnelInsideIpv6Cidr field's value. +func (s *TunnelOption) SetTunnelInsideIpv6Cidr(v string) *TunnelOption { + s.TunnelInsideIpv6Cidr = &v + return s +} + type UnassignIpv6AddressesInput struct { _ struct{} `type:"structure"` @@ -104276,11 +113553,11 @@ func (s *UpdateSecurityGroupRuleDescriptionsIngressOutput) SetReturn(v bool) *Up return s } -// Describes the S3 bucket for the disk image. +// Describes the Amazon S3 bucket for the disk image. type UserBucket struct { _ struct{} `type:"structure"` - // The name of the S3 bucket where the disk image is located. + // The name of the Amazon S3 bucket where the disk image is located. S3Bucket *string `type:"string"` // The file name of the disk image. @@ -104309,11 +113586,11 @@ func (s *UserBucket) SetS3Key(v string) *UserBucket { return s } -// Describes the S3 bucket for the disk image. +// Describes the Amazon S3 bucket for the disk image. type UserBucketDetails struct { _ struct{} `type:"structure"` - // The S3 bucket from which the disk image was created. + // The Amazon S3 bucket from which the disk image was created. S3Bucket *string `locationName:"s3Bucket" type:"string"` // The file name of the disk image. @@ -104475,12 +113752,11 @@ type VCpuInfo struct { // The default number of vCPUs for the instance type. DefaultVCpus *int64 `locationName:"defaultVCpus" type:"integer"` - // List of the valid number of cores that can be configured for the instance - // type. + // The valid number of cores that can be configured for the instance type. ValidCores []*int64 `locationName:"validCores" locationNameList:"item" type:"list"` - // List of the valid number of threads per core that can be configured for the - // instance type. + // The valid number of threads per core that can be configured for the instance + // type. ValidThreadsPerCore []*int64 `locationName:"validThreadsPerCore" locationNameList:"item" type:"list"` } @@ -104524,6 +113800,70 @@ func (s *VCpuInfo) SetValidThreadsPerCore(v []*int64) *VCpuInfo { return s } +// The error code and error message that is returned for a parameter or parameter +// combination that is not valid when a new launch template or new version of +// a launch template is created. +type ValidationError struct { + _ struct{} `type:"structure"` + + // The error code that indicates why the parameter or parameter combination + // is not valid. For more information about error codes, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). + Code *string `locationName:"code" type:"string"` + + // The error message that describes why the parameter or parameter combination + // is not valid. For more information about error messages, see Error Codes + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ValidationError) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ValidationError) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *ValidationError) SetCode(v string) *ValidationError { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *ValidationError) SetMessage(v string) *ValidationError { + s.Message = &v + return s +} + +// The error codes and error messages that are returned for the parameters or +// parameter combinations that are not valid when a new launch template or new +// version of a launch template is created. +type ValidationWarning struct { + _ struct{} `type:"structure"` + + // The error codes and error messages. + Errors []*ValidationError `locationName:"errorSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s ValidationWarning) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ValidationWarning) GoString() string { + return s.String() +} + +// SetErrors sets the Errors field's value. +func (s *ValidationWarning) SetErrors(v []*ValidationError) *ValidationWarning { + s.Errors = v + return s +} + // Describes telemetry for a VPN tunnel. type VgwTelemetry struct { _ struct{} `type:"structure"` @@ -104617,17 +113957,18 @@ type Volume struct { // For Provisioned IOPS SSD volumes, this represents the number of IOPS that // are provisioned for the volume. For General Purpose SSD volumes, this represents // the baseline performance of the volume and the rate at which the volume accumulates - // I/O credits for bursting. For more information, see Amazon EBS Volume Types + // I/O credits for bursting. For more information, see Amazon EBS volume types // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // - // Constraints: Range is 100-16,000 IOPS for gp2 volumes and 100 to 64,000IOPS - // for io1 volumes, in most Regions. The maximum IOPS for io1 of 64,000 is guaranteed - // only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // Constraints: Range is 100-16,000 IOPS for gp2 volumes and 100 to 64,000 IOPS + // for io1 and io2 volumes, in most Regions. The maximum IOPS for io1 and io2 + // of 64,000 is guaranteed only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). // Other instance families guarantee performance up to 32,000 IOPS. // - // Condition: This parameter is required for requests to create io1 volumes; - // it is not used in requests to create gp2, st1, sc1, or standard volumes. + // Condition: This parameter is required for requests to create io1 and io2 + // volumes; it is not used in requests to create gp2, st1, sc1, or standard + // volumes. Iops *int64 `locationName:"iops" type:"integer"` // The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) @@ -104635,6 +113976,9 @@ type Volume struct { // key for the volume. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + // Indicates whether Amazon EBS Multi-Attach is enabled. + MultiAttachEnabled *bool `locationName:"multiAttachEnabled" type:"boolean"` + // The Amazon Resource Name (ARN) of the Outpost. OutpostArn *string `locationName:"outpostArn" type:"string"` @@ -104653,9 +113997,9 @@ type Volume struct { // The ID of the volume. VolumeId *string `locationName:"volumeId" type:"string"` - // The volume type. This can be gp2 for General Purpose SSD, io1 for Provisioned - // IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, or standard - // for Magnetic volumes. + // The volume type. This can be gp2 for General Purpose SSD, io1 or io2 for + // Provisioned IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, + // or standard for Magnetic volumes. VolumeType *string `locationName:"volumeType" type:"string" enum:"VolumeType"` } @@ -104711,6 +114055,12 @@ func (s *Volume) SetKmsKeyId(v string) *Volume { return s } +// SetMultiAttachEnabled sets the MultiAttachEnabled field's value. +func (s *Volume) SetMultiAttachEnabled(v bool) *Volume { + s.MultiAttachEnabled = &v + return s +} + // SetOutpostArn sets the OutpostArn field's value. func (s *Volume) SetOutpostArn(v string) *Volume { s.OutpostArn = &v @@ -104877,7 +114227,7 @@ type VolumeModification struct { // The original IOPS rate of the volume. OriginalIops *int64 `locationName:"originalIops" type:"integer"` - // The original size of the volume. + // The original size of the volume, in GiB. OriginalSize *int64 `locationName:"originalSize" type:"integer"` // The original EBS volume type of the volume. @@ -105038,6 +114388,39 @@ func (s *VolumeStatusAction) SetEventType(v string) *VolumeStatusAction { return s } +// Information about the instances to which the volume is attached. +type VolumeStatusAttachmentStatus struct { + _ struct{} `type:"structure"` + + // The ID of the attached instance. + InstanceId *string `locationName:"instanceId" type:"string"` + + // The maximum IOPS supported by the attached instance. + IoPerformance *string `locationName:"ioPerformance" type:"string"` +} + +// String returns the string representation +func (s VolumeStatusAttachmentStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s VolumeStatusAttachmentStatus) GoString() string { + return s.String() +} + +// SetInstanceId sets the InstanceId field's value. +func (s *VolumeStatusAttachmentStatus) SetInstanceId(v string) *VolumeStatusAttachmentStatus { + s.InstanceId = &v + return s +} + +// SetIoPerformance sets the IoPerformance field's value. +func (s *VolumeStatusAttachmentStatus) SetIoPerformance(v string) *VolumeStatusAttachmentStatus { + s.IoPerformance = &v + return s +} + // Describes a volume status. type VolumeStatusDetails struct { _ struct{} `type:"structure"` @@ -105084,6 +114467,9 @@ type VolumeStatusEvent struct { // The type of this event. EventType *string `locationName:"eventType" type:"string"` + // The ID of the instance associated with the event. + InstanceId *string `locationName:"instanceId" type:"string"` + // The latest end time of the event. NotAfter *time.Time `locationName:"notAfter" type:"timestamp"` @@ -105119,6 +114505,12 @@ func (s *VolumeStatusEvent) SetEventType(v string) *VolumeStatusEvent { return s } +// SetInstanceId sets the InstanceId field's value. +func (s *VolumeStatusEvent) SetInstanceId(v string) *VolumeStatusEvent { + s.InstanceId = &v + return s +} + // SetNotAfter sets the NotAfter field's value. func (s *VolumeStatusEvent) SetNotAfter(v time.Time) *VolumeStatusEvent { s.NotAfter = &v @@ -105171,6 +114563,9 @@ type VolumeStatusItem struct { // The details of the operation. Actions []*VolumeStatusAction `locationName:"actionsSet" locationNameList:"item" type:"list"` + // Information about the instances to which the volume is attached. + AttachmentStatuses []*VolumeStatusAttachmentStatus `locationName:"attachmentStatuses" locationNameList:"item" type:"list"` + // The Availability Zone of the volume. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` @@ -105203,6 +114598,12 @@ func (s *VolumeStatusItem) SetActions(v []*VolumeStatusAction) *VolumeStatusItem return s } +// SetAttachmentStatuses sets the AttachmentStatuses field's value. +func (s *VolumeStatusItem) SetAttachmentStatuses(v []*VolumeStatusAttachmentStatus) *VolumeStatusItem { + s.AttachmentStatuses = v + return s +} + // SetAvailabilityZone sets the AvailabilityZone field's value. func (s *VolumeStatusItem) SetAvailabilityZone(v string) *VolumeStatusItem { s.AvailabilityZone = &v @@ -105243,8 +114644,7 @@ type Vpc struct { // Information about the IPv4 CIDR blocks associated with the VPC. CidrBlockAssociationSet []*VpcCidrBlockAssociation `locationName:"cidrBlockAssociationSet" locationNameList:"item" type:"list"` - // The ID of the set of DHCP options you've associated with the VPC (or default - // if the default options are associated with the VPC). + // The ID of the set of DHCP options you've associated with the VPC. DhcpOptionsId *string `locationName:"dhcpOptionsId" type:"string"` // The allowed tenancy of instances launched into the VPC. @@ -105750,7 +115150,11 @@ type VpcIpv6CidrBlockAssociation struct { // Information about the state of the CIDR block. Ipv6CidrBlockState *VpcCidrBlockState `locationName:"ipv6CidrBlockState" type:"structure"` - // The name of the location from which we advertise the IPV6 CIDR block. + // The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated. + Ipv6Pool *string `locationName:"ipv6Pool" type:"string"` + + // The name of the unique set of Availability Zones, Local Zones, or Wavelength + // Zones from which AWS advertises IP addresses, for example, us-east-1-wl1-bos-wlz-1. NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` } @@ -105782,6 +115186,12 @@ func (s *VpcIpv6CidrBlockAssociation) SetIpv6CidrBlockState(v *VpcCidrBlockState return s } +// SetIpv6Pool sets the Ipv6Pool field's value. +func (s *VpcIpv6CidrBlockAssociation) SetIpv6Pool(v string) *VpcIpv6CidrBlockAssociation { + s.Ipv6Pool = &v + return s +} + // SetNetworkBorderGroup sets the NetworkBorderGroup field's value. func (s *VpcIpv6CidrBlockAssociation) SetNetworkBorderGroup(v string) *VpcIpv6CidrBlockAssociation { s.NetworkBorderGroup = &v @@ -106150,10 +115560,25 @@ type VpnConnectionOptions struct { // Indicates whether acceleration is enabled for the VPN connection. EnableAcceleration *bool `locationName:"enableAcceleration" type:"boolean"` + // The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection. + LocalIpv4NetworkCidr *string `locationName:"localIpv4NetworkCidr" type:"string"` + + // The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection. + LocalIpv6NetworkCidr *string `locationName:"localIpv6NetworkCidr" type:"string"` + + // The IPv4 CIDR on the AWS side of the VPN connection. + RemoteIpv4NetworkCidr *string `locationName:"remoteIpv4NetworkCidr" type:"string"` + + // The IPv6 CIDR on the AWS side of the VPN connection. + RemoteIpv6NetworkCidr *string `locationName:"remoteIpv6NetworkCidr" type:"string"` + // Indicates whether the VPN connection uses static routes only. Static routes // must be used for devices that don't support BGP. StaticRoutesOnly *bool `locationName:"staticRoutesOnly" type:"boolean"` + // Indicates whether the VPN tunnels process IPv4 or IPv6 traffic. + TunnelInsideIpVersion *string `locationName:"tunnelInsideIpVersion" type:"string" enum:"TunnelInsideIpVersion"` + // Indicates the VPN tunnel options. TunnelOptions []*TunnelOption `locationName:"tunnelOptionSet" locationNameList:"item" type:"list"` } @@ -106174,12 +115599,42 @@ func (s *VpnConnectionOptions) SetEnableAcceleration(v bool) *VpnConnectionOptio return s } +// SetLocalIpv4NetworkCidr sets the LocalIpv4NetworkCidr field's value. +func (s *VpnConnectionOptions) SetLocalIpv4NetworkCidr(v string) *VpnConnectionOptions { + s.LocalIpv4NetworkCidr = &v + return s +} + +// SetLocalIpv6NetworkCidr sets the LocalIpv6NetworkCidr field's value. +func (s *VpnConnectionOptions) SetLocalIpv6NetworkCidr(v string) *VpnConnectionOptions { + s.LocalIpv6NetworkCidr = &v + return s +} + +// SetRemoteIpv4NetworkCidr sets the RemoteIpv4NetworkCidr field's value. +func (s *VpnConnectionOptions) SetRemoteIpv4NetworkCidr(v string) *VpnConnectionOptions { + s.RemoteIpv4NetworkCidr = &v + return s +} + +// SetRemoteIpv6NetworkCidr sets the RemoteIpv6NetworkCidr field's value. +func (s *VpnConnectionOptions) SetRemoteIpv6NetworkCidr(v string) *VpnConnectionOptions { + s.RemoteIpv6NetworkCidr = &v + return s +} + // SetStaticRoutesOnly sets the StaticRoutesOnly field's value. func (s *VpnConnectionOptions) SetStaticRoutesOnly(v bool) *VpnConnectionOptions { s.StaticRoutesOnly = &v return s } +// SetTunnelInsideIpVersion sets the TunnelInsideIpVersion field's value. +func (s *VpnConnectionOptions) SetTunnelInsideIpVersion(v string) *VpnConnectionOptions { + s.TunnelInsideIpVersion = &v + return s +} + // SetTunnelOptions sets the TunnelOptions field's value. func (s *VpnConnectionOptions) SetTunnelOptions(v []*TunnelOption) *VpnConnectionOptions { s.TunnelOptions = v @@ -106195,6 +115650,26 @@ type VpnConnectionOptionsSpecification struct { // Default: false EnableAcceleration *bool `type:"boolean"` + // The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection. + // + // Default: 0.0.0.0/0 + LocalIpv4NetworkCidr *string `type:"string"` + + // The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection. + // + // Default: ::/0 + LocalIpv6NetworkCidr *string `type:"string"` + + // The IPv4 CIDR on the AWS side of the VPN connection. + // + // Default: 0.0.0.0/0 + RemoteIpv4NetworkCidr *string `type:"string"` + + // The IPv6 CIDR on the AWS side of the VPN connection. + // + // Default: ::/0 + RemoteIpv6NetworkCidr *string `type:"string"` + // Indicate whether the VPN connection uses static routes only. If you are creating // a VPN connection for a device that does not support BGP, you must specify // true. Use CreateVpnConnectionRoute to create a static route. @@ -106202,6 +115677,11 @@ type VpnConnectionOptionsSpecification struct { // Default: false StaticRoutesOnly *bool `locationName:"staticRoutesOnly" type:"boolean"` + // Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. + // + // Default: ipv4 + TunnelInsideIpVersion *string `type:"string" enum:"TunnelInsideIpVersion"` + // The tunnel options for the VPN connection. TunnelOptions []*VpnTunnelOptionsSpecification `type:"list"` } @@ -106222,12 +115702,42 @@ func (s *VpnConnectionOptionsSpecification) SetEnableAcceleration(v bool) *VpnCo return s } +// SetLocalIpv4NetworkCidr sets the LocalIpv4NetworkCidr field's value. +func (s *VpnConnectionOptionsSpecification) SetLocalIpv4NetworkCidr(v string) *VpnConnectionOptionsSpecification { + s.LocalIpv4NetworkCidr = &v + return s +} + +// SetLocalIpv6NetworkCidr sets the LocalIpv6NetworkCidr field's value. +func (s *VpnConnectionOptionsSpecification) SetLocalIpv6NetworkCidr(v string) *VpnConnectionOptionsSpecification { + s.LocalIpv6NetworkCidr = &v + return s +} + +// SetRemoteIpv4NetworkCidr sets the RemoteIpv4NetworkCidr field's value. +func (s *VpnConnectionOptionsSpecification) SetRemoteIpv4NetworkCidr(v string) *VpnConnectionOptionsSpecification { + s.RemoteIpv4NetworkCidr = &v + return s +} + +// SetRemoteIpv6NetworkCidr sets the RemoteIpv6NetworkCidr field's value. +func (s *VpnConnectionOptionsSpecification) SetRemoteIpv6NetworkCidr(v string) *VpnConnectionOptionsSpecification { + s.RemoteIpv6NetworkCidr = &v + return s +} + // SetStaticRoutesOnly sets the StaticRoutesOnly field's value. func (s *VpnConnectionOptionsSpecification) SetStaticRoutesOnly(v bool) *VpnConnectionOptionsSpecification { s.StaticRoutesOnly = &v return s } +// SetTunnelInsideIpVersion sets the TunnelInsideIpVersion field's value. +func (s *VpnConnectionOptionsSpecification) SetTunnelInsideIpVersion(v string) *VpnConnectionOptionsSpecification { + s.TunnelInsideIpVersion = &v + return s +} + // SetTunnelOptions sets the TunnelOptions field's value. func (s *VpnConnectionOptionsSpecification) SetTunnelOptions(v []*VpnTunnelOptionsSpecification) *VpnConnectionOptionsSpecification { s.TunnelOptions = v @@ -106355,10 +115865,18 @@ func (s *VpnStaticRoute) SetState(v string) *VpnStaticRoute { return s } -// The tunnel options for a VPN connection. +// The tunnel options for a single VPN tunnel. type VpnTunnelOptionsSpecification struct { _ struct{} `type:"structure"` + // The action to take after DPD timeout occurs. Specify restart to restart the + // IKE initiation. Specify clear to end the IKE session. + // + // Valid Values: clear | none | restart + // + // Default: clear + DPDTimeoutAction *string `type:"string"` + // The number of seconds after which a DPD timeout occurs. // // Constraints: A value between 0 and 30. @@ -106374,19 +115892,19 @@ type VpnTunnelOptionsSpecification struct { // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel // for phase 1 IKE negotiations. // - // Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + // Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 Phase1DHGroupNumbers []*Phase1DHGroupNumbersRequestListValue `locationName:"Phase1DHGroupNumber" locationNameList:"item" type:"list"` // One or more encryption algorithms that are permitted for the VPN tunnel for // phase 1 IKE negotiations. // - // Valid values: AES128 | AES256 + // Valid values: AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16 Phase1EncryptionAlgorithms []*Phase1EncryptionAlgorithmsRequestListValue `locationName:"Phase1EncryptionAlgorithm" locationNameList:"item" type:"list"` // One or more integrity algorithms that are permitted for the VPN tunnel for // phase 1 IKE negotiations. // - // Valid values: SHA1 | SHA2-256 + // Valid values: SHA1 | SHA2-256 | SHA2-384 | SHA2-512 Phase1IntegrityAlgorithms []*Phase1IntegrityAlgorithmsRequestListValue `locationName:"Phase1IntegrityAlgorithm" locationNameList:"item" type:"list"` // The lifetime for phase 1 of the IKE negotiation, in seconds. @@ -106399,19 +115917,19 @@ type VpnTunnelOptionsSpecification struct { // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel // for phase 2 IKE negotiations. // - // Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + // Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 Phase2DHGroupNumbers []*Phase2DHGroupNumbersRequestListValue `locationName:"Phase2DHGroupNumber" locationNameList:"item" type:"list"` // One or more encryption algorithms that are permitted for the VPN tunnel for // phase 2 IKE negotiations. // - // Valid values: AES128 | AES256 + // Valid values: AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16 Phase2EncryptionAlgorithms []*Phase2EncryptionAlgorithmsRequestListValue `locationName:"Phase2EncryptionAlgorithm" locationNameList:"item" type:"list"` // One or more integrity algorithms that are permitted for the VPN tunnel for // phase 2 IKE negotiations. // - // Valid values: SHA1 | SHA2-256 + // Valid values: SHA1 | SHA2-256 | SHA2-384 | SHA2-512 Phase2IntegrityAlgorithms []*Phase2IntegrityAlgorithmsRequestListValue `locationName:"Phase2IntegrityAlgorithm" locationNameList:"item" type:"list"` // The lifetime for phase 2 of the IKE negotiation, in seconds. @@ -106454,7 +115972,16 @@ type VpnTunnelOptionsSpecification struct { // Default: 1024 ReplayWindowSize *int64 `type:"integer"` - // The range of inside IP addresses for the tunnel. Any specified CIDR blocks + // The action to take when the establishing the tunnel for the VPN connection. + // By default, your customer gateway device must initiate the IKE negotiation + // and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. + // + // Valid Values: add | start + // + // Default: add + StartupAction *string `type:"string"` + + // The range of inside IPv4 addresses for the tunnel. Any specified CIDR blocks // must be unique across all VPN connections that use the same virtual private // gateway. // @@ -106475,6 +116002,12 @@ type VpnTunnelOptionsSpecification struct { // // * 169.254.169.252/30 TunnelInsideCidr *string `type:"string"` + + // The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks + // must be unique across all VPN connections that use the same transit gateway. + // + // Constraints: A size /126 CIDR block from the local fd00::/8 range. + TunnelInsideIpv6Cidr *string `type:"string"` } // String returns the string representation @@ -106487,6 +116020,12 @@ func (s VpnTunnelOptionsSpecification) GoString() string { return s.String() } +// SetDPDTimeoutAction sets the DPDTimeoutAction field's value. +func (s *VpnTunnelOptionsSpecification) SetDPDTimeoutAction(v string) *VpnTunnelOptionsSpecification { + s.DPDTimeoutAction = &v + return s +} + // SetDPDTimeoutSeconds sets the DPDTimeoutSeconds field's value. func (s *VpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *VpnTunnelOptionsSpecification { s.DPDTimeoutSeconds = &v @@ -106571,16 +116110,28 @@ func (s *VpnTunnelOptionsSpecification) SetReplayWindowSize(v int64) *VpnTunnelO return s } +// SetStartupAction sets the StartupAction field's value. +func (s *VpnTunnelOptionsSpecification) SetStartupAction(v string) *VpnTunnelOptionsSpecification { + s.StartupAction = &v + return s +} + // SetTunnelInsideCidr sets the TunnelInsideCidr field's value. func (s *VpnTunnelOptionsSpecification) SetTunnelInsideCidr(v string) *VpnTunnelOptionsSpecification { s.TunnelInsideCidr = &v return s } +// SetTunnelInsideIpv6Cidr sets the TunnelInsideIpv6Cidr field's value. +func (s *VpnTunnelOptionsSpecification) SetTunnelInsideIpv6Cidr(v string) *VpnTunnelOptionsSpecification { + s.TunnelInsideIpv6Cidr = &v + return s +} + type WithdrawByoipCidrInput struct { _ struct{} `type:"structure"` - // The public IPv4 address range, in CIDR notation. + // The address range, in CIDR notation. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -106658,6 +116209,14 @@ const ( AccountAttributeNameDefaultVpc = "default-vpc" ) +// AccountAttributeName_Values returns all elements of the AccountAttributeName enum +func AccountAttributeName_Values() []string { + return []string{ + AccountAttributeNameSupportedPlatforms, + AccountAttributeNameDefaultVpc, + } +} + const ( // ActivityStatusError is a ActivityStatus enum value ActivityStatusError = "error" @@ -106672,6 +116231,16 @@ const ( ActivityStatusFulfilled = "fulfilled" ) +// ActivityStatus_Values returns all elements of the ActivityStatus enum +func ActivityStatus_Values() []string { + return []string{ + ActivityStatusError, + ActivityStatusPendingFulfillment, + ActivityStatusPendingTermination, + ActivityStatusFulfilled, + } +} + const ( // AffinityDefault is a Affinity enum value AffinityDefault = "default" @@ -106680,6 +116249,14 @@ const ( AffinityHost = "host" ) +// Affinity_Values returns all elements of the Affinity enum +func Affinity_Values() []string { + return []string{ + AffinityDefault, + AffinityHost, + } +} + const ( // AllocationStateAvailable is a AllocationState enum value AllocationStateAvailable = "available" @@ -106700,6 +116277,18 @@ const ( AllocationStatePending = "pending" ) +// AllocationState_Values returns all elements of the AllocationState enum +func AllocationState_Values() []string { + return []string{ + AllocationStateAvailable, + AllocationStateUnderAssessment, + AllocationStatePermanentFailure, + AllocationStateReleased, + AllocationStateReleasedPermanentFailure, + AllocationStatePending, + } +} + const ( // AllocationStrategyLowestPrice is a AllocationStrategy enum value AllocationStrategyLowestPrice = "lowestPrice" @@ -106711,6 +116300,15 @@ const ( AllocationStrategyCapacityOptimized = "capacityOptimized" ) +// AllocationStrategy_Values returns all elements of the AllocationStrategy enum +func AllocationStrategy_Values() []string { + return []string{ + AllocationStrategyLowestPrice, + AllocationStrategyDiversified, + AllocationStrategyCapacityOptimized, + } +} + const ( // AllowsMultipleInstanceTypesOn is a AllowsMultipleInstanceTypes enum value AllowsMultipleInstanceTypesOn = "on" @@ -106719,6 +116317,30 @@ const ( AllowsMultipleInstanceTypesOff = "off" ) +// AllowsMultipleInstanceTypes_Values returns all elements of the AllowsMultipleInstanceTypes enum +func AllowsMultipleInstanceTypes_Values() []string { + return []string{ + AllowsMultipleInstanceTypesOn, + AllowsMultipleInstanceTypesOff, + } +} + +const ( + // ApplianceModeSupportValueEnable is a ApplianceModeSupportValue enum value + ApplianceModeSupportValueEnable = "enable" + + // ApplianceModeSupportValueDisable is a ApplianceModeSupportValue enum value + ApplianceModeSupportValueDisable = "disable" +) + +// ApplianceModeSupportValue_Values returns all elements of the ApplianceModeSupportValue enum +func ApplianceModeSupportValue_Values() []string { + return []string{ + ApplianceModeSupportValueEnable, + ApplianceModeSupportValueDisable, + } +} + const ( // ArchitectureTypeI386 is a ArchitectureType enum value ArchitectureTypeI386 = "i386" @@ -106730,6 +116352,15 @@ const ( ArchitectureTypeArm64 = "arm64" ) +// ArchitectureType_Values returns all elements of the ArchitectureType enum +func ArchitectureType_Values() []string { + return []string{ + ArchitectureTypeI386, + ArchitectureTypeX8664, + ArchitectureTypeArm64, + } +} + const ( // ArchitectureValuesI386 is a ArchitectureValues enum value ArchitectureValuesI386 = "i386" @@ -106741,11 +116372,27 @@ const ( ArchitectureValuesArm64 = "arm64" ) +// ArchitectureValues_Values returns all elements of the ArchitectureValues enum +func ArchitectureValues_Values() []string { + return []string{ + ArchitectureValuesI386, + ArchitectureValuesX8664, + ArchitectureValuesArm64, + } +} + const ( // AssociatedNetworkTypeVpc is a AssociatedNetworkType enum value AssociatedNetworkTypeVpc = "vpc" ) +// AssociatedNetworkType_Values returns all elements of the AssociatedNetworkType enum +func AssociatedNetworkType_Values() []string { + return []string{ + AssociatedNetworkTypeVpc, + } +} + const ( // AssociationStatusCodeAssociating is a AssociationStatusCode enum value AssociationStatusCodeAssociating = "associating" @@ -106763,6 +116410,17 @@ const ( AssociationStatusCodeDisassociated = "disassociated" ) +// AssociationStatusCode_Values returns all elements of the AssociationStatusCode enum +func AssociationStatusCode_Values() []string { + return []string{ + AssociationStatusCodeAssociating, + AssociationStatusCodeAssociated, + AssociationStatusCodeAssociationFailed, + AssociationStatusCodeDisassociating, + AssociationStatusCodeDisassociated, + } +} + const ( // AttachmentStatusAttaching is a AttachmentStatus enum value AttachmentStatusAttaching = "attaching" @@ -106777,6 +116435,16 @@ const ( AttachmentStatusDetached = "detached" ) +// AttachmentStatus_Values returns all elements of the AttachmentStatus enum +func AttachmentStatus_Values() []string { + return []string{ + AttachmentStatusAttaching, + AttachmentStatusAttached, + AttachmentStatusDetaching, + AttachmentStatusDetached, + } +} + const ( // AutoAcceptSharedAttachmentsValueEnable is a AutoAcceptSharedAttachmentsValue enum value AutoAcceptSharedAttachmentsValueEnable = "enable" @@ -106785,6 +116453,14 @@ const ( AutoAcceptSharedAttachmentsValueDisable = "disable" ) +// AutoAcceptSharedAttachmentsValue_Values returns all elements of the AutoAcceptSharedAttachmentsValue enum +func AutoAcceptSharedAttachmentsValue_Values() []string { + return []string{ + AutoAcceptSharedAttachmentsValueEnable, + AutoAcceptSharedAttachmentsValueDisable, + } +} + const ( // AutoPlacementOn is a AutoPlacement enum value AutoPlacementOn = "on" @@ -106793,6 +116469,14 @@ const ( AutoPlacementOff = "off" ) +// AutoPlacement_Values returns all elements of the AutoPlacement enum +func AutoPlacement_Values() []string { + return []string{ + AutoPlacementOn, + AutoPlacementOff, + } +} + const ( // AvailabilityZoneOptInStatusOptInNotRequired is a AvailabilityZoneOptInStatus enum value AvailabilityZoneOptInStatusOptInNotRequired = "opt-in-not-required" @@ -106804,6 +116488,15 @@ const ( AvailabilityZoneOptInStatusNotOptedIn = "not-opted-in" ) +// AvailabilityZoneOptInStatus_Values returns all elements of the AvailabilityZoneOptInStatus enum +func AvailabilityZoneOptInStatus_Values() []string { + return []string{ + AvailabilityZoneOptInStatusOptInNotRequired, + AvailabilityZoneOptInStatusOptedIn, + AvailabilityZoneOptInStatusNotOptedIn, + } +} + const ( // AvailabilityZoneStateAvailable is a AvailabilityZoneState enum value AvailabilityZoneStateAvailable = "available" @@ -106818,6 +116511,16 @@ const ( AvailabilityZoneStateUnavailable = "unavailable" ) +// AvailabilityZoneState_Values returns all elements of the AvailabilityZoneState enum +func AvailabilityZoneState_Values() []string { + return []string{ + AvailabilityZoneStateAvailable, + AvailabilityZoneStateInformation, + AvailabilityZoneStateImpaired, + AvailabilityZoneStateUnavailable, + } +} + const ( // BatchStateSubmitted is a BatchState enum value BatchStateSubmitted = "submitted" @@ -106841,6 +116544,19 @@ const ( BatchStateModifying = "modifying" ) +// BatchState_Values returns all elements of the BatchState enum +func BatchState_Values() []string { + return []string{ + BatchStateSubmitted, + BatchStateActive, + BatchStateCancelled, + BatchStateFailed, + BatchStateCancelledRunning, + BatchStateCancelledTerminating, + BatchStateModifying, + } +} + const ( // BundleTaskStatePending is a BundleTaskState enum value BundleTaskStatePending = "pending" @@ -106864,6 +116580,19 @@ const ( BundleTaskStateFailed = "failed" ) +// BundleTaskState_Values returns all elements of the BundleTaskState enum +func BundleTaskState_Values() []string { + return []string{ + BundleTaskStatePending, + BundleTaskStateWaitingForShutdown, + BundleTaskStateBundling, + BundleTaskStateStoring, + BundleTaskStateCancelling, + BundleTaskStateComplete, + BundleTaskStateFailed, + } +} + const ( // ByoipCidrStateAdvertised is a ByoipCidrState enum value ByoipCidrStateAdvertised = "advertised" @@ -106885,8 +116614,25 @@ const ( // ByoipCidrStateProvisioned is a ByoipCidrState enum value ByoipCidrStateProvisioned = "provisioned" + + // ByoipCidrStateProvisionedNotPubliclyAdvertisable is a ByoipCidrState enum value + ByoipCidrStateProvisionedNotPubliclyAdvertisable = "provisioned-not-publicly-advertisable" ) +// ByoipCidrState_Values returns all elements of the ByoipCidrState enum +func ByoipCidrState_Values() []string { + return []string{ + ByoipCidrStateAdvertised, + ByoipCidrStateDeprovisioned, + ByoipCidrStateFailedDeprovision, + ByoipCidrStateFailedProvision, + ByoipCidrStatePendingDeprovision, + ByoipCidrStatePendingProvision, + ByoipCidrStateProvisioned, + ByoipCidrStateProvisionedNotPubliclyAdvertisable, + } +} + const ( // CancelBatchErrorCodeFleetRequestIdDoesNotExist is a CancelBatchErrorCode enum value CancelBatchErrorCodeFleetRequestIdDoesNotExist = "fleetRequestIdDoesNotExist" @@ -106901,6 +116647,16 @@ const ( CancelBatchErrorCodeUnexpectedError = "unexpectedError" ) +// CancelBatchErrorCode_Values returns all elements of the CancelBatchErrorCode enum +func CancelBatchErrorCode_Values() []string { + return []string{ + CancelBatchErrorCodeFleetRequestIdDoesNotExist, + CancelBatchErrorCodeFleetRequestIdMalformed, + CancelBatchErrorCodeFleetRequestNotInCancellableState, + CancelBatchErrorCodeUnexpectedError, + } +} + const ( // CancelSpotInstanceRequestStateActive is a CancelSpotInstanceRequestState enum value CancelSpotInstanceRequestStateActive = "active" @@ -106918,6 +116674,17 @@ const ( CancelSpotInstanceRequestStateCompleted = "completed" ) +// CancelSpotInstanceRequestState_Values returns all elements of the CancelSpotInstanceRequestState enum +func CancelSpotInstanceRequestState_Values() []string { + return []string{ + CancelSpotInstanceRequestStateActive, + CancelSpotInstanceRequestStateOpen, + CancelSpotInstanceRequestStateClosed, + CancelSpotInstanceRequestStateCancelled, + CancelSpotInstanceRequestStateCompleted, + } +} + const ( // CapacityReservationInstancePlatformLinuxUnix is a CapacityReservationInstancePlatform enum value CapacityReservationInstancePlatformLinuxUnix = "Linux/UNIX" @@ -106953,6 +116720,23 @@ const ( CapacityReservationInstancePlatformLinuxwithSqlserverEnterprise = "Linux with SQL Server Enterprise" ) +// CapacityReservationInstancePlatform_Values returns all elements of the CapacityReservationInstancePlatform enum +func CapacityReservationInstancePlatform_Values() []string { + return []string{ + CapacityReservationInstancePlatformLinuxUnix, + CapacityReservationInstancePlatformRedHatEnterpriseLinux, + CapacityReservationInstancePlatformSuselinux, + CapacityReservationInstancePlatformWindows, + CapacityReservationInstancePlatformWindowswithSqlserver, + CapacityReservationInstancePlatformWindowswithSqlserverEnterprise, + CapacityReservationInstancePlatformWindowswithSqlserverStandard, + CapacityReservationInstancePlatformWindowswithSqlserverWeb, + CapacityReservationInstancePlatformLinuxwithSqlserverStandard, + CapacityReservationInstancePlatformLinuxwithSqlserverWeb, + CapacityReservationInstancePlatformLinuxwithSqlserverEnterprise, + } +} + const ( // CapacityReservationPreferenceOpen is a CapacityReservationPreference enum value CapacityReservationPreferenceOpen = "open" @@ -106961,6 +116745,14 @@ const ( CapacityReservationPreferenceNone = "none" ) +// CapacityReservationPreference_Values returns all elements of the CapacityReservationPreference enum +func CapacityReservationPreference_Values() []string { + return []string{ + CapacityReservationPreferenceOpen, + CapacityReservationPreferenceNone, + } +} + const ( // CapacityReservationStateActive is a CapacityReservationState enum value CapacityReservationStateActive = "active" @@ -106978,6 +116770,17 @@ const ( CapacityReservationStateFailed = "failed" ) +// CapacityReservationState_Values returns all elements of the CapacityReservationState enum +func CapacityReservationState_Values() []string { + return []string{ + CapacityReservationStateActive, + CapacityReservationStateExpired, + CapacityReservationStateCancelled, + CapacityReservationStatePending, + CapacityReservationStateFailed, + } +} + const ( // CapacityReservationTenancyDefault is a CapacityReservationTenancy enum value CapacityReservationTenancyDefault = "default" @@ -106986,6 +116789,38 @@ const ( CapacityReservationTenancyDedicated = "dedicated" ) +// CapacityReservationTenancy_Values returns all elements of the CapacityReservationTenancy enum +func CapacityReservationTenancy_Values() []string { + return []string{ + CapacityReservationTenancyDefault, + CapacityReservationTenancyDedicated, + } +} + +const ( + // CarrierGatewayStatePending is a CarrierGatewayState enum value + CarrierGatewayStatePending = "pending" + + // CarrierGatewayStateAvailable is a CarrierGatewayState enum value + CarrierGatewayStateAvailable = "available" + + // CarrierGatewayStateDeleting is a CarrierGatewayState enum value + CarrierGatewayStateDeleting = "deleting" + + // CarrierGatewayStateDeleted is a CarrierGatewayState enum value + CarrierGatewayStateDeleted = "deleted" +) + +// CarrierGatewayState_Values returns all elements of the CarrierGatewayState enum +func CarrierGatewayState_Values() []string { + return []string{ + CarrierGatewayStatePending, + CarrierGatewayStateAvailable, + CarrierGatewayStateDeleting, + CarrierGatewayStateDeleted, + } +} + const ( // ClientCertificateRevocationListStatusCodePending is a ClientCertificateRevocationListStatusCode enum value ClientCertificateRevocationListStatusCodePending = "pending" @@ -106994,14 +116829,34 @@ const ( ClientCertificateRevocationListStatusCodeActive = "active" ) +// ClientCertificateRevocationListStatusCode_Values returns all elements of the ClientCertificateRevocationListStatusCode enum +func ClientCertificateRevocationListStatusCode_Values() []string { + return []string{ + ClientCertificateRevocationListStatusCodePending, + ClientCertificateRevocationListStatusCodeActive, + } +} + const ( // ClientVpnAuthenticationTypeCertificateAuthentication is a ClientVpnAuthenticationType enum value ClientVpnAuthenticationTypeCertificateAuthentication = "certificate-authentication" // ClientVpnAuthenticationTypeDirectoryServiceAuthentication is a ClientVpnAuthenticationType enum value ClientVpnAuthenticationTypeDirectoryServiceAuthentication = "directory-service-authentication" + + // ClientVpnAuthenticationTypeFederatedAuthentication is a ClientVpnAuthenticationType enum value + ClientVpnAuthenticationTypeFederatedAuthentication = "federated-authentication" ) +// ClientVpnAuthenticationType_Values returns all elements of the ClientVpnAuthenticationType enum +func ClientVpnAuthenticationType_Values() []string { + return []string{ + ClientVpnAuthenticationTypeCertificateAuthentication, + ClientVpnAuthenticationTypeDirectoryServiceAuthentication, + ClientVpnAuthenticationTypeFederatedAuthentication, + } +} + const ( // ClientVpnAuthorizationRuleStatusCodeAuthorizing is a ClientVpnAuthorizationRuleStatusCode enum value ClientVpnAuthorizationRuleStatusCodeAuthorizing = "authorizing" @@ -107016,6 +116871,16 @@ const ( ClientVpnAuthorizationRuleStatusCodeRevoking = "revoking" ) +// ClientVpnAuthorizationRuleStatusCode_Values returns all elements of the ClientVpnAuthorizationRuleStatusCode enum +func ClientVpnAuthorizationRuleStatusCode_Values() []string { + return []string{ + ClientVpnAuthorizationRuleStatusCodeAuthorizing, + ClientVpnAuthorizationRuleStatusCodeActive, + ClientVpnAuthorizationRuleStatusCodeFailed, + ClientVpnAuthorizationRuleStatusCodeRevoking, + } +} + const ( // ClientVpnConnectionStatusCodeActive is a ClientVpnConnectionStatusCode enum value ClientVpnConnectionStatusCodeActive = "active" @@ -107030,6 +116895,32 @@ const ( ClientVpnConnectionStatusCodeTerminated = "terminated" ) +// ClientVpnConnectionStatusCode_Values returns all elements of the ClientVpnConnectionStatusCode enum +func ClientVpnConnectionStatusCode_Values() []string { + return []string{ + ClientVpnConnectionStatusCodeActive, + ClientVpnConnectionStatusCodeFailedToTerminate, + ClientVpnConnectionStatusCodeTerminating, + ClientVpnConnectionStatusCodeTerminated, + } +} + +const ( + // ClientVpnEndpointAttributeStatusCodeApplying is a ClientVpnEndpointAttributeStatusCode enum value + ClientVpnEndpointAttributeStatusCodeApplying = "applying" + + // ClientVpnEndpointAttributeStatusCodeApplied is a ClientVpnEndpointAttributeStatusCode enum value + ClientVpnEndpointAttributeStatusCodeApplied = "applied" +) + +// ClientVpnEndpointAttributeStatusCode_Values returns all elements of the ClientVpnEndpointAttributeStatusCode enum +func ClientVpnEndpointAttributeStatusCode_Values() []string { + return []string{ + ClientVpnEndpointAttributeStatusCodeApplying, + ClientVpnEndpointAttributeStatusCodeApplied, + } +} + const ( // ClientVpnEndpointStatusCodePendingAssociate is a ClientVpnEndpointStatusCode enum value ClientVpnEndpointStatusCodePendingAssociate = "pending-associate" @@ -107044,6 +116935,16 @@ const ( ClientVpnEndpointStatusCodeDeleted = "deleted" ) +// ClientVpnEndpointStatusCode_Values returns all elements of the ClientVpnEndpointStatusCode enum +func ClientVpnEndpointStatusCode_Values() []string { + return []string{ + ClientVpnEndpointStatusCodePendingAssociate, + ClientVpnEndpointStatusCodeAvailable, + ClientVpnEndpointStatusCodeDeleting, + ClientVpnEndpointStatusCodeDeleted, + } +} + const ( // ClientVpnRouteStatusCodeCreating is a ClientVpnRouteStatusCode enum value ClientVpnRouteStatusCodeCreating = "creating" @@ -107058,6 +116959,16 @@ const ( ClientVpnRouteStatusCodeDeleting = "deleting" ) +// ClientVpnRouteStatusCode_Values returns all elements of the ClientVpnRouteStatusCode enum +func ClientVpnRouteStatusCode_Values() []string { + return []string{ + ClientVpnRouteStatusCodeCreating, + ClientVpnRouteStatusCodeActive, + ClientVpnRouteStatusCodeFailed, + ClientVpnRouteStatusCodeDeleting, + } +} + const ( // ConnectionNotificationStateEnabled is a ConnectionNotificationState enum value ConnectionNotificationStateEnabled = "Enabled" @@ -107066,16 +116977,38 @@ const ( ConnectionNotificationStateDisabled = "Disabled" ) +// ConnectionNotificationState_Values returns all elements of the ConnectionNotificationState enum +func ConnectionNotificationState_Values() []string { + return []string{ + ConnectionNotificationStateEnabled, + ConnectionNotificationStateDisabled, + } +} + const ( // ConnectionNotificationTypeTopic is a ConnectionNotificationType enum value ConnectionNotificationTypeTopic = "Topic" ) +// ConnectionNotificationType_Values returns all elements of the ConnectionNotificationType enum +func ConnectionNotificationType_Values() []string { + return []string{ + ConnectionNotificationTypeTopic, + } +} + const ( // ContainerFormatOva is a ContainerFormat enum value ContainerFormatOva = "ova" ) +// ContainerFormat_Values returns all elements of the ContainerFormat enum +func ContainerFormat_Values() []string { + return []string{ + ContainerFormatOva, + } +} + const ( // ConversionTaskStateActive is a ConversionTaskState enum value ConversionTaskStateActive = "active" @@ -107090,16 +117023,40 @@ const ( ConversionTaskStateCompleted = "completed" ) +// ConversionTaskState_Values returns all elements of the ConversionTaskState enum +func ConversionTaskState_Values() []string { + return []string{ + ConversionTaskStateActive, + ConversionTaskStateCancelling, + ConversionTaskStateCancelled, + ConversionTaskStateCompleted, + } +} + const ( // CopyTagsFromSourceVolume is a CopyTagsFromSource enum value CopyTagsFromSourceVolume = "volume" ) +// CopyTagsFromSource_Values returns all elements of the CopyTagsFromSource enum +func CopyTagsFromSource_Values() []string { + return []string{ + CopyTagsFromSourceVolume, + } +} + const ( // CurrencyCodeValuesUsd is a CurrencyCodeValues enum value CurrencyCodeValuesUsd = "USD" ) +// CurrencyCodeValues_Values returns all elements of the CurrencyCodeValues enum +func CurrencyCodeValues_Values() []string { + return []string{ + CurrencyCodeValuesUsd, + } +} + const ( // DatafeedSubscriptionStateActive is a DatafeedSubscriptionState enum value DatafeedSubscriptionStateActive = "Active" @@ -107108,6 +117065,14 @@ const ( DatafeedSubscriptionStateInactive = "Inactive" ) +// DatafeedSubscriptionState_Values returns all elements of the DatafeedSubscriptionState enum +func DatafeedSubscriptionState_Values() []string { + return []string{ + DatafeedSubscriptionStateActive, + DatafeedSubscriptionStateInactive, + } +} + const ( // DefaultRouteTableAssociationValueEnable is a DefaultRouteTableAssociationValue enum value DefaultRouteTableAssociationValueEnable = "enable" @@ -107116,6 +117081,14 @@ const ( DefaultRouteTableAssociationValueDisable = "disable" ) +// DefaultRouteTableAssociationValue_Values returns all elements of the DefaultRouteTableAssociationValue enum +func DefaultRouteTableAssociationValue_Values() []string { + return []string{ + DefaultRouteTableAssociationValueEnable, + DefaultRouteTableAssociationValueDisable, + } +} + const ( // DefaultRouteTablePropagationValueEnable is a DefaultRouteTablePropagationValue enum value DefaultRouteTablePropagationValueEnable = "enable" @@ -107124,6 +117097,14 @@ const ( DefaultRouteTablePropagationValueDisable = "disable" ) +// DefaultRouteTablePropagationValue_Values returns all elements of the DefaultRouteTablePropagationValue enum +func DefaultRouteTablePropagationValue_Values() []string { + return []string{ + DefaultRouteTablePropagationValueEnable, + DefaultRouteTablePropagationValueDisable, + } +} + const ( // DefaultTargetCapacityTypeSpot is a DefaultTargetCapacityType enum value DefaultTargetCapacityTypeSpot = "spot" @@ -107132,6 +117113,14 @@ const ( DefaultTargetCapacityTypeOnDemand = "on-demand" ) +// DefaultTargetCapacityType_Values returns all elements of the DefaultTargetCapacityType enum +func DefaultTargetCapacityType_Values() []string { + return []string{ + DefaultTargetCapacityTypeSpot, + DefaultTargetCapacityTypeOnDemand, + } +} + const ( // DeleteFleetErrorCodeFleetIdDoesNotExist is a DeleteFleetErrorCode enum value DeleteFleetErrorCodeFleetIdDoesNotExist = "fleetIdDoesNotExist" @@ -107146,6 +117135,16 @@ const ( DeleteFleetErrorCodeUnexpectedError = "unexpectedError" ) +// DeleteFleetErrorCode_Values returns all elements of the DeleteFleetErrorCode enum +func DeleteFleetErrorCode_Values() []string { + return []string{ + DeleteFleetErrorCodeFleetIdDoesNotExist, + DeleteFleetErrorCodeFleetIdMalformed, + DeleteFleetErrorCodeFleetNotInDeletableState, + DeleteFleetErrorCodeUnexpectedError, + } +} + const ( // DeleteQueuedReservedInstancesErrorCodeReservedInstancesIdInvalid is a DeleteQueuedReservedInstancesErrorCode enum value DeleteQueuedReservedInstancesErrorCodeReservedInstancesIdInvalid = "reserved-instances-id-invalid" @@ -107157,6 +117156,15 @@ const ( DeleteQueuedReservedInstancesErrorCodeUnexpectedError = "unexpected-error" ) +// DeleteQueuedReservedInstancesErrorCode_Values returns all elements of the DeleteQueuedReservedInstancesErrorCode enum +func DeleteQueuedReservedInstancesErrorCode_Values() []string { + return []string{ + DeleteQueuedReservedInstancesErrorCodeReservedInstancesIdInvalid, + DeleteQueuedReservedInstancesErrorCodeReservedInstancesNotInQueuedState, + DeleteQueuedReservedInstancesErrorCodeUnexpectedError, + } +} + const ( // DeviceTypeEbs is a DeviceType enum value DeviceTypeEbs = "ebs" @@ -107165,6 +117173,14 @@ const ( DeviceTypeInstanceStore = "instance-store" ) +// DeviceType_Values returns all elements of the DeviceType enum +func DeviceType_Values() []string { + return []string{ + DeviceTypeEbs, + DeviceTypeInstanceStore, + } +} + const ( // DiskImageFormatVmdk is a DiskImageFormat enum value DiskImageFormatVmdk = "VMDK" @@ -107176,6 +117192,15 @@ const ( DiskImageFormatVhd = "VHD" ) +// DiskImageFormat_Values returns all elements of the DiskImageFormat enum +func DiskImageFormat_Values() []string { + return []string{ + DiskImageFormatVmdk, + DiskImageFormatRaw, + DiskImageFormatVhd, + } +} + const ( // DiskTypeHdd is a DiskType enum value DiskTypeHdd = "hdd" @@ -107184,6 +117209,14 @@ const ( DiskTypeSsd = "ssd" ) +// DiskType_Values returns all elements of the DiskType enum +func DiskType_Values() []string { + return []string{ + DiskTypeHdd, + DiskTypeSsd, + } +} + const ( // DnsNameStatePendingVerification is a DnsNameState enum value DnsNameStatePendingVerification = "pendingVerification" @@ -107195,6 +117228,15 @@ const ( DnsNameStateFailed = "failed" ) +// DnsNameState_Values returns all elements of the DnsNameState enum +func DnsNameState_Values() []string { + return []string{ + DnsNameStatePendingVerification, + DnsNameStateVerified, + DnsNameStateFailed, + } +} + const ( // DnsSupportValueEnable is a DnsSupportValue enum value DnsSupportValueEnable = "enable" @@ -107203,6 +117245,14 @@ const ( DnsSupportValueDisable = "disable" ) +// DnsSupportValue_Values returns all elements of the DnsSupportValue enum +func DnsSupportValue_Values() []string { + return []string{ + DnsSupportValueEnable, + DnsSupportValueDisable, + } +} + const ( // DomainTypeVpc is a DomainType enum value DomainTypeVpc = "vpc" @@ -107211,6 +117261,14 @@ const ( DomainTypeStandard = "standard" ) +// DomainType_Values returns all elements of the DomainType enum +func DomainType_Values() []string { + return []string{ + DomainTypeVpc, + DomainTypeStandard, + } +} + const ( // EbsEncryptionSupportUnsupported is a EbsEncryptionSupport enum value EbsEncryptionSupportUnsupported = "unsupported" @@ -107219,6 +117277,34 @@ const ( EbsEncryptionSupportSupported = "supported" ) +// EbsEncryptionSupport_Values returns all elements of the EbsEncryptionSupport enum +func EbsEncryptionSupport_Values() []string { + return []string{ + EbsEncryptionSupportUnsupported, + EbsEncryptionSupportSupported, + } +} + +const ( + // EbsNvmeSupportUnsupported is a EbsNvmeSupport enum value + EbsNvmeSupportUnsupported = "unsupported" + + // EbsNvmeSupportSupported is a EbsNvmeSupport enum value + EbsNvmeSupportSupported = "supported" + + // EbsNvmeSupportRequired is a EbsNvmeSupport enum value + EbsNvmeSupportRequired = "required" +) + +// EbsNvmeSupport_Values returns all elements of the EbsNvmeSupport enum +func EbsNvmeSupport_Values() []string { + return []string{ + EbsNvmeSupportUnsupported, + EbsNvmeSupportSupported, + EbsNvmeSupportRequired, + } +} + const ( // EbsOptimizedSupportUnsupported is a EbsOptimizedSupport enum value EbsOptimizedSupportUnsupported = "unsupported" @@ -107230,11 +117316,27 @@ const ( EbsOptimizedSupportDefault = "default" ) +// EbsOptimizedSupport_Values returns all elements of the EbsOptimizedSupport enum +func EbsOptimizedSupport_Values() []string { + return []string{ + EbsOptimizedSupportUnsupported, + EbsOptimizedSupportSupported, + EbsOptimizedSupportDefault, + } +} + const ( // ElasticGpuStateAttached is a ElasticGpuState enum value ElasticGpuStateAttached = "ATTACHED" ) +// ElasticGpuState_Values returns all elements of the ElasticGpuState enum +func ElasticGpuState_Values() []string { + return []string{ + ElasticGpuStateAttached, + } +} + const ( // ElasticGpuStatusOk is a ElasticGpuStatus enum value ElasticGpuStatusOk = "OK" @@ -107243,6 +117345,14 @@ const ( ElasticGpuStatusImpaired = "IMPAIRED" ) +// ElasticGpuStatus_Values returns all elements of the ElasticGpuStatus enum +func ElasticGpuStatus_Values() []string { + return []string{ + ElasticGpuStatusOk, + ElasticGpuStatusImpaired, + } +} + const ( // EnaSupportUnsupported is a EnaSupport enum value EnaSupportUnsupported = "unsupported" @@ -107254,6 +117364,15 @@ const ( EnaSupportRequired = "required" ) +// EnaSupport_Values returns all elements of the EnaSupport enum +func EnaSupport_Values() []string { + return []string{ + EnaSupportUnsupported, + EnaSupportSupported, + EnaSupportRequired, + } +} + const ( // EndDateTypeUnlimited is a EndDateType enum value EndDateTypeUnlimited = "unlimited" @@ -107262,6 +117381,34 @@ const ( EndDateTypeLimited = "limited" ) +// EndDateType_Values returns all elements of the EndDateType enum +func EndDateType_Values() []string { + return []string{ + EndDateTypeUnlimited, + EndDateTypeLimited, + } +} + +const ( + // EphemeralNvmeSupportUnsupported is a EphemeralNvmeSupport enum value + EphemeralNvmeSupportUnsupported = "unsupported" + + // EphemeralNvmeSupportSupported is a EphemeralNvmeSupport enum value + EphemeralNvmeSupportSupported = "supported" + + // EphemeralNvmeSupportRequired is a EphemeralNvmeSupport enum value + EphemeralNvmeSupportRequired = "required" +) + +// EphemeralNvmeSupport_Values returns all elements of the EphemeralNvmeSupport enum +func EphemeralNvmeSupport_Values() []string { + return []string{ + EphemeralNvmeSupportUnsupported, + EphemeralNvmeSupportSupported, + EphemeralNvmeSupportRequired, + } +} + const ( // EventCodeInstanceReboot is a EventCode enum value EventCodeInstanceReboot = "instance-reboot" @@ -107279,6 +117426,17 @@ const ( EventCodeInstanceStop = "instance-stop" ) +// EventCode_Values returns all elements of the EventCode enum +func EventCode_Values() []string { + return []string{ + EventCodeInstanceReboot, + EventCodeSystemReboot, + EventCodeSystemMaintenance, + EventCodeInstanceRetirement, + EventCodeInstanceStop, + } +} + const ( // EventTypeInstanceChange is a EventType enum value EventTypeInstanceChange = "instanceChange" @@ -107293,6 +117451,16 @@ const ( EventTypeInformation = "information" ) +// EventType_Values returns all elements of the EventType enum +func EventType_Values() []string { + return []string{ + EventTypeInstanceChange, + EventTypeFleetRequestChange, + EventTypeError, + EventTypeInformation, + } +} + const ( // ExcessCapacityTerminationPolicyNoTermination is a ExcessCapacityTerminationPolicy enum value ExcessCapacityTerminationPolicyNoTermination = "noTermination" @@ -107301,6 +117469,14 @@ const ( ExcessCapacityTerminationPolicyDefault = "default" ) +// ExcessCapacityTerminationPolicy_Values returns all elements of the ExcessCapacityTerminationPolicy enum +func ExcessCapacityTerminationPolicy_Values() []string { + return []string{ + ExcessCapacityTerminationPolicyNoTermination, + ExcessCapacityTerminationPolicyDefault, + } +} + const ( // ExportEnvironmentCitrix is a ExportEnvironment enum value ExportEnvironmentCitrix = "citrix" @@ -107312,6 +117488,15 @@ const ( ExportEnvironmentMicrosoft = "microsoft" ) +// ExportEnvironment_Values returns all elements of the ExportEnvironment enum +func ExportEnvironment_Values() []string { + return []string{ + ExportEnvironmentCitrix, + ExportEnvironmentVmware, + ExportEnvironmentMicrosoft, + } +} + const ( // ExportTaskStateActive is a ExportTaskState enum value ExportTaskStateActive = "active" @@ -107326,6 +117511,16 @@ const ( ExportTaskStateCompleted = "completed" ) +// ExportTaskState_Values returns all elements of the ExportTaskState enum +func ExportTaskState_Values() []string { + return []string{ + ExportTaskStateActive, + ExportTaskStateCancelling, + ExportTaskStateCancelled, + ExportTaskStateCompleted, + } +} + const ( // FastSnapshotRestoreStateCodeEnabling is a FastSnapshotRestoreStateCode enum value FastSnapshotRestoreStateCodeEnabling = "enabling" @@ -107343,6 +117538,17 @@ const ( FastSnapshotRestoreStateCodeDisabled = "disabled" ) +// FastSnapshotRestoreStateCode_Values returns all elements of the FastSnapshotRestoreStateCode enum +func FastSnapshotRestoreStateCode_Values() []string { + return []string{ + FastSnapshotRestoreStateCodeEnabling, + FastSnapshotRestoreStateCodeOptimizing, + FastSnapshotRestoreStateCodeEnabled, + FastSnapshotRestoreStateCodeDisabling, + FastSnapshotRestoreStateCodeDisabled, + } +} + const ( // FleetActivityStatusError is a FleetActivityStatus enum value FleetActivityStatusError = "error" @@ -107357,11 +117563,28 @@ const ( FleetActivityStatusFulfilled = "fulfilled" ) +// FleetActivityStatus_Values returns all elements of the FleetActivityStatus enum +func FleetActivityStatus_Values() []string { + return []string{ + FleetActivityStatusError, + FleetActivityStatusPendingFulfillment, + FleetActivityStatusPendingTermination, + FleetActivityStatusFulfilled, + } +} + const ( // FleetCapacityReservationUsageStrategyUseCapacityReservationsFirst is a FleetCapacityReservationUsageStrategy enum value FleetCapacityReservationUsageStrategyUseCapacityReservationsFirst = "use-capacity-reservations-first" ) +// FleetCapacityReservationUsageStrategy_Values returns all elements of the FleetCapacityReservationUsageStrategy enum +func FleetCapacityReservationUsageStrategy_Values() []string { + return []string{ + FleetCapacityReservationUsageStrategyUseCapacityReservationsFirst, + } +} + const ( // FleetEventTypeInstanceChange is a FleetEventType enum value FleetEventTypeInstanceChange = "instance-change" @@ -107373,6 +117596,15 @@ const ( FleetEventTypeServiceError = "service-error" ) +// FleetEventType_Values returns all elements of the FleetEventType enum +func FleetEventType_Values() []string { + return []string{ + FleetEventTypeInstanceChange, + FleetEventTypeFleetChange, + FleetEventTypeServiceError, + } +} + const ( // FleetExcessCapacityTerminationPolicyNoTermination is a FleetExcessCapacityTerminationPolicy enum value FleetExcessCapacityTerminationPolicyNoTermination = "no-termination" @@ -107381,6 +117613,14 @@ const ( FleetExcessCapacityTerminationPolicyTermination = "termination" ) +// FleetExcessCapacityTerminationPolicy_Values returns all elements of the FleetExcessCapacityTerminationPolicy enum +func FleetExcessCapacityTerminationPolicy_Values() []string { + return []string{ + FleetExcessCapacityTerminationPolicyNoTermination, + FleetExcessCapacityTerminationPolicyTermination, + } +} + const ( // FleetOnDemandAllocationStrategyLowestPrice is a FleetOnDemandAllocationStrategy enum value FleetOnDemandAllocationStrategyLowestPrice = "lowest-price" @@ -107389,6 +117629,26 @@ const ( FleetOnDemandAllocationStrategyPrioritized = "prioritized" ) +// FleetOnDemandAllocationStrategy_Values returns all elements of the FleetOnDemandAllocationStrategy enum +func FleetOnDemandAllocationStrategy_Values() []string { + return []string{ + FleetOnDemandAllocationStrategyLowestPrice, + FleetOnDemandAllocationStrategyPrioritized, + } +} + +const ( + // FleetReplacementStrategyLaunch is a FleetReplacementStrategy enum value + FleetReplacementStrategyLaunch = "launch" +) + +// FleetReplacementStrategy_Values returns all elements of the FleetReplacementStrategy enum +func FleetReplacementStrategy_Values() []string { + return []string{ + FleetReplacementStrategyLaunch, + } +} + const ( // FleetStateCodeSubmitted is a FleetStateCode enum value FleetStateCodeSubmitted = "submitted" @@ -107412,6 +117672,19 @@ const ( FleetStateCodeModifying = "modifying" ) +// FleetStateCode_Values returns all elements of the FleetStateCode enum +func FleetStateCode_Values() []string { + return []string{ + FleetStateCodeSubmitted, + FleetStateCodeActive, + FleetStateCodeDeleted, + FleetStateCodeFailed, + FleetStateCodeDeletedRunning, + FleetStateCodeDeletedTerminating, + FleetStateCodeModifying, + } +} + const ( // FleetTypeRequest is a FleetType enum value FleetTypeRequest = "request" @@ -107423,6 +117696,15 @@ const ( FleetTypeInstant = "instant" ) +// FleetType_Values returns all elements of the FleetType enum +func FleetType_Values() []string { + return []string{ + FleetTypeRequest, + FleetTypeMaintain, + FleetTypeInstant, + } +} + const ( // FlowLogsResourceTypeVpc is a FlowLogsResourceType enum value FlowLogsResourceTypeVpc = "VPC" @@ -107434,6 +117716,15 @@ const ( FlowLogsResourceTypeNetworkInterface = "NetworkInterface" ) +// FlowLogsResourceType_Values returns all elements of the FlowLogsResourceType enum +func FlowLogsResourceType_Values() []string { + return []string{ + FlowLogsResourceTypeVpc, + FlowLogsResourceTypeSubnet, + FlowLogsResourceTypeNetworkInterface, + } +} + const ( // FpgaImageAttributeNameDescription is a FpgaImageAttributeName enum value FpgaImageAttributeNameDescription = "description" @@ -107448,6 +117739,16 @@ const ( FpgaImageAttributeNameProductCodes = "productCodes" ) +// FpgaImageAttributeName_Values returns all elements of the FpgaImageAttributeName enum +func FpgaImageAttributeName_Values() []string { + return []string{ + FpgaImageAttributeNameDescription, + FpgaImageAttributeNameName, + FpgaImageAttributeNameLoadPermission, + FpgaImageAttributeNameProductCodes, + } +} + const ( // FpgaImageStateCodePending is a FpgaImageStateCode enum value FpgaImageStateCodePending = "pending" @@ -107462,11 +117763,28 @@ const ( FpgaImageStateCodeUnavailable = "unavailable" ) +// FpgaImageStateCode_Values returns all elements of the FpgaImageStateCode enum +func FpgaImageStateCode_Values() []string { + return []string{ + FpgaImageStateCodePending, + FpgaImageStateCodeFailed, + FpgaImageStateCodeAvailable, + FpgaImageStateCodeUnavailable, + } +} + const ( // GatewayTypeIpsec1 is a GatewayType enum value GatewayTypeIpsec1 = "ipsec.1" ) +// GatewayType_Values returns all elements of the GatewayType enum +func GatewayType_Values() []string { + return []string{ + GatewayTypeIpsec1, + } +} + const ( // HostRecoveryOn is a HostRecovery enum value HostRecoveryOn = "on" @@ -107475,6 +117793,14 @@ const ( HostRecoveryOff = "off" ) +// HostRecovery_Values returns all elements of the HostRecovery enum +func HostRecovery_Values() []string { + return []string{ + HostRecoveryOn, + HostRecoveryOff, + } +} + const ( // HostTenancyDedicated is a HostTenancy enum value HostTenancyDedicated = "dedicated" @@ -107483,6 +117809,14 @@ const ( HostTenancyHost = "host" ) +// HostTenancy_Values returns all elements of the HostTenancy enum +func HostTenancy_Values() []string { + return []string{ + HostTenancyDedicated, + HostTenancyHost, + } +} + const ( // HttpTokensStateOptional is a HttpTokensState enum value HttpTokensStateOptional = "optional" @@ -107491,6 +117825,14 @@ const ( HttpTokensStateRequired = "required" ) +// HttpTokensState_Values returns all elements of the HttpTokensState enum +func HttpTokensState_Values() []string { + return []string{ + HttpTokensStateOptional, + HttpTokensStateRequired, + } +} + const ( // HypervisorTypeOvm is a HypervisorType enum value HypervisorTypeOvm = "ovm" @@ -107499,6 +117841,14 @@ const ( HypervisorTypeXen = "xen" ) +// HypervisorType_Values returns all elements of the HypervisorType enum +func HypervisorType_Values() []string { + return []string{ + HypervisorTypeOvm, + HypervisorTypeXen, + } +} + const ( // IamInstanceProfileAssociationStateAssociating is a IamInstanceProfileAssociationState enum value IamInstanceProfileAssociationStateAssociating = "associating" @@ -107513,6 +117863,16 @@ const ( IamInstanceProfileAssociationStateDisassociated = "disassociated" ) +// IamInstanceProfileAssociationState_Values returns all elements of the IamInstanceProfileAssociationState enum +func IamInstanceProfileAssociationState_Values() []string { + return []string{ + IamInstanceProfileAssociationStateAssociating, + IamInstanceProfileAssociationStateAssociated, + IamInstanceProfileAssociationStateDisassociating, + IamInstanceProfileAssociationStateDisassociated, + } +} + const ( // ImageAttributeNameDescription is a ImageAttributeName enum value ImageAttributeNameDescription = "description" @@ -107536,6 +117896,19 @@ const ( ImageAttributeNameSriovNetSupport = "sriovNetSupport" ) +// ImageAttributeName_Values returns all elements of the ImageAttributeName enum +func ImageAttributeName_Values() []string { + return []string{ + ImageAttributeNameDescription, + ImageAttributeNameKernel, + ImageAttributeNameRamdisk, + ImageAttributeNameLaunchPermission, + ImageAttributeNameProductCodes, + ImageAttributeNameBlockDeviceMapping, + ImageAttributeNameSriovNetSupport, + } +} + const ( // ImageStatePending is a ImageState enum value ImageStatePending = "pending" @@ -107559,6 +117932,19 @@ const ( ImageStateError = "error" ) +// ImageState_Values returns all elements of the ImageState enum +func ImageState_Values() []string { + return []string{ + ImageStatePending, + ImageStateAvailable, + ImageStateInvalid, + ImageStateDeregistered, + ImageStateTransient, + ImageStateFailed, + ImageStateError, + } +} + const ( // ImageTypeValuesMachine is a ImageTypeValues enum value ImageTypeValuesMachine = "machine" @@ -107570,6 +117956,15 @@ const ( ImageTypeValuesRamdisk = "ramdisk" ) +// ImageTypeValues_Values returns all elements of the ImageTypeValues enum +func ImageTypeValues_Values() []string { + return []string{ + ImageTypeValuesMachine, + ImageTypeValuesKernel, + ImageTypeValuesRamdisk, + } +} + const ( // InstanceAttributeNameInstanceType is a InstanceAttributeName enum value InstanceAttributeNameInstanceType = "instanceType" @@ -107612,8 +118007,32 @@ const ( // InstanceAttributeNameEnaSupport is a InstanceAttributeName enum value InstanceAttributeNameEnaSupport = "enaSupport" + + // InstanceAttributeNameEnclaveOptions is a InstanceAttributeName enum value + InstanceAttributeNameEnclaveOptions = "enclaveOptions" ) +// InstanceAttributeName_Values returns all elements of the InstanceAttributeName enum +func InstanceAttributeName_Values() []string { + return []string{ + InstanceAttributeNameInstanceType, + InstanceAttributeNameKernel, + InstanceAttributeNameRamdisk, + InstanceAttributeNameUserData, + InstanceAttributeNameDisableApiTermination, + InstanceAttributeNameInstanceInitiatedShutdownBehavior, + InstanceAttributeNameRootDeviceName, + InstanceAttributeNameBlockDeviceMapping, + InstanceAttributeNameProductCodes, + InstanceAttributeNameSourceDestCheck, + InstanceAttributeNameGroupSet, + InstanceAttributeNameEbsOptimized, + InstanceAttributeNameSriovNetSupport, + InstanceAttributeNameEnaSupport, + InstanceAttributeNameEnclaveOptions, + } +} + const ( // InstanceHealthStatusHealthy is a InstanceHealthStatus enum value InstanceHealthStatusHealthy = "healthy" @@ -107622,6 +118041,14 @@ const ( InstanceHealthStatusUnhealthy = "unhealthy" ) +// InstanceHealthStatus_Values returns all elements of the InstanceHealthStatus enum +func InstanceHealthStatus_Values() []string { + return []string{ + InstanceHealthStatusHealthy, + InstanceHealthStatusUnhealthy, + } +} + const ( // InstanceInterruptionBehaviorHibernate is a InstanceInterruptionBehavior enum value InstanceInterruptionBehaviorHibernate = "hibernate" @@ -107633,6 +118060,15 @@ const ( InstanceInterruptionBehaviorTerminate = "terminate" ) +// InstanceInterruptionBehavior_Values returns all elements of the InstanceInterruptionBehavior enum +func InstanceInterruptionBehavior_Values() []string { + return []string{ + InstanceInterruptionBehaviorHibernate, + InstanceInterruptionBehaviorStop, + InstanceInterruptionBehaviorTerminate, + } +} + const ( // InstanceLifecycleSpot is a InstanceLifecycle enum value InstanceLifecycleSpot = "spot" @@ -107641,6 +118077,14 @@ const ( InstanceLifecycleOnDemand = "on-demand" ) +// InstanceLifecycle_Values returns all elements of the InstanceLifecycle enum +func InstanceLifecycle_Values() []string { + return []string{ + InstanceLifecycleSpot, + InstanceLifecycleOnDemand, + } +} + const ( // InstanceLifecycleTypeSpot is a InstanceLifecycleType enum value InstanceLifecycleTypeSpot = "spot" @@ -107649,6 +118093,14 @@ const ( InstanceLifecycleTypeScheduled = "scheduled" ) +// InstanceLifecycleType_Values returns all elements of the InstanceLifecycleType enum +func InstanceLifecycleType_Values() []string { + return []string{ + InstanceLifecycleTypeSpot, + InstanceLifecycleTypeScheduled, + } +} + const ( // InstanceMatchCriteriaOpen is a InstanceMatchCriteria enum value InstanceMatchCriteriaOpen = "open" @@ -107657,6 +118109,14 @@ const ( InstanceMatchCriteriaTargeted = "targeted" ) +// InstanceMatchCriteria_Values returns all elements of the InstanceMatchCriteria enum +func InstanceMatchCriteria_Values() []string { + return []string{ + InstanceMatchCriteriaOpen, + InstanceMatchCriteriaTargeted, + } +} + const ( // InstanceMetadataEndpointStateDisabled is a InstanceMetadataEndpointState enum value InstanceMetadataEndpointStateDisabled = "disabled" @@ -107665,6 +118125,14 @@ const ( InstanceMetadataEndpointStateEnabled = "enabled" ) +// InstanceMetadataEndpointState_Values returns all elements of the InstanceMetadataEndpointState enum +func InstanceMetadataEndpointState_Values() []string { + return []string{ + InstanceMetadataEndpointStateDisabled, + InstanceMetadataEndpointStateEnabled, + } +} + const ( // InstanceMetadataOptionsStatePending is a InstanceMetadataOptionsState enum value InstanceMetadataOptionsStatePending = "pending" @@ -107673,6 +118141,14 @@ const ( InstanceMetadataOptionsStateApplied = "applied" ) +// InstanceMetadataOptionsState_Values returns all elements of the InstanceMetadataOptionsState enum +func InstanceMetadataOptionsState_Values() []string { + return []string{ + InstanceMetadataOptionsStatePending, + InstanceMetadataOptionsStateApplied, + } +} + const ( // InstanceStateNamePending is a InstanceStateName enum value InstanceStateNamePending = "pending" @@ -107693,6 +118169,18 @@ const ( InstanceStateNameStopped = "stopped" ) +// InstanceStateName_Values returns all elements of the InstanceStateName enum +func InstanceStateName_Values() []string { + return []string{ + InstanceStateNamePending, + InstanceStateNameRunning, + InstanceStateNameShuttingDown, + InstanceStateNameTerminated, + InstanceStateNameStopping, + InstanceStateNameStopped, + } +} + const ( // InstanceTypeT1Micro is a InstanceType enum value InstanceTypeT1Micro = "t1.micro" @@ -107760,6 +118248,27 @@ const ( // InstanceTypeT3a2xlarge is a InstanceType enum value InstanceTypeT3a2xlarge = "t3a.2xlarge" + // InstanceTypeT4gNano is a InstanceType enum value + InstanceTypeT4gNano = "t4g.nano" + + // InstanceTypeT4gMicro is a InstanceType enum value + InstanceTypeT4gMicro = "t4g.micro" + + // InstanceTypeT4gSmall is a InstanceType enum value + InstanceTypeT4gSmall = "t4g.small" + + // InstanceTypeT4gMedium is a InstanceType enum value + InstanceTypeT4gMedium = "t4g.medium" + + // InstanceTypeT4gLarge is a InstanceType enum value + InstanceTypeT4gLarge = "t4g.large" + + // InstanceTypeT4gXlarge is a InstanceType enum value + InstanceTypeT4gXlarge = "t4g.xlarge" + + // InstanceTypeT4g2xlarge is a InstanceType enum value + InstanceTypeT4g2xlarge = "t4g.2xlarge" + // InstanceTypeM1Small is a InstanceType enum value InstanceTypeM1Small = "m1.small" @@ -107949,6 +118458,60 @@ const ( // InstanceTypeR5ad24xlarge is a InstanceType enum value InstanceTypeR5ad24xlarge = "r5ad.24xlarge" + // InstanceTypeR6gMetal is a InstanceType enum value + InstanceTypeR6gMetal = "r6g.metal" + + // InstanceTypeR6gMedium is a InstanceType enum value + InstanceTypeR6gMedium = "r6g.medium" + + // InstanceTypeR6gLarge is a InstanceType enum value + InstanceTypeR6gLarge = "r6g.large" + + // InstanceTypeR6gXlarge is a InstanceType enum value + InstanceTypeR6gXlarge = "r6g.xlarge" + + // InstanceTypeR6g2xlarge is a InstanceType enum value + InstanceTypeR6g2xlarge = "r6g.2xlarge" + + // InstanceTypeR6g4xlarge is a InstanceType enum value + InstanceTypeR6g4xlarge = "r6g.4xlarge" + + // InstanceTypeR6g8xlarge is a InstanceType enum value + InstanceTypeR6g8xlarge = "r6g.8xlarge" + + // InstanceTypeR6g12xlarge is a InstanceType enum value + InstanceTypeR6g12xlarge = "r6g.12xlarge" + + // InstanceTypeR6g16xlarge is a InstanceType enum value + InstanceTypeR6g16xlarge = "r6g.16xlarge" + + // InstanceTypeR6gdMetal is a InstanceType enum value + InstanceTypeR6gdMetal = "r6gd.metal" + + // InstanceTypeR6gdMedium is a InstanceType enum value + InstanceTypeR6gdMedium = "r6gd.medium" + + // InstanceTypeR6gdLarge is a InstanceType enum value + InstanceTypeR6gdLarge = "r6gd.large" + + // InstanceTypeR6gdXlarge is a InstanceType enum value + InstanceTypeR6gdXlarge = "r6gd.xlarge" + + // InstanceTypeR6gd2xlarge is a InstanceType enum value + InstanceTypeR6gd2xlarge = "r6gd.2xlarge" + + // InstanceTypeR6gd4xlarge is a InstanceType enum value + InstanceTypeR6gd4xlarge = "r6gd.4xlarge" + + // InstanceTypeR6gd8xlarge is a InstanceType enum value + InstanceTypeR6gd8xlarge = "r6gd.8xlarge" + + // InstanceTypeR6gd12xlarge is a InstanceType enum value + InstanceTypeR6gd12xlarge = "r6gd.12xlarge" + + // InstanceTypeR6gd16xlarge is a InstanceType enum value + InstanceTypeR6gd16xlarge = "r6gd.16xlarge" + // InstanceTypeX116xlarge is a InstanceType enum value InstanceTypeX116xlarge = "x1.16xlarge" @@ -108099,6 +118662,54 @@ const ( // InstanceTypeC5Metal is a InstanceType enum value InstanceTypeC5Metal = "c5.metal" + // InstanceTypeC5aLarge is a InstanceType enum value + InstanceTypeC5aLarge = "c5a.large" + + // InstanceTypeC5aXlarge is a InstanceType enum value + InstanceTypeC5aXlarge = "c5a.xlarge" + + // InstanceTypeC5a2xlarge is a InstanceType enum value + InstanceTypeC5a2xlarge = "c5a.2xlarge" + + // InstanceTypeC5a4xlarge is a InstanceType enum value + InstanceTypeC5a4xlarge = "c5a.4xlarge" + + // InstanceTypeC5a8xlarge is a InstanceType enum value + InstanceTypeC5a8xlarge = "c5a.8xlarge" + + // InstanceTypeC5a12xlarge is a InstanceType enum value + InstanceTypeC5a12xlarge = "c5a.12xlarge" + + // InstanceTypeC5a16xlarge is a InstanceType enum value + InstanceTypeC5a16xlarge = "c5a.16xlarge" + + // InstanceTypeC5a24xlarge is a InstanceType enum value + InstanceTypeC5a24xlarge = "c5a.24xlarge" + + // InstanceTypeC5adLarge is a InstanceType enum value + InstanceTypeC5adLarge = "c5ad.large" + + // InstanceTypeC5adXlarge is a InstanceType enum value + InstanceTypeC5adXlarge = "c5ad.xlarge" + + // InstanceTypeC5ad2xlarge is a InstanceType enum value + InstanceTypeC5ad2xlarge = "c5ad.2xlarge" + + // InstanceTypeC5ad4xlarge is a InstanceType enum value + InstanceTypeC5ad4xlarge = "c5ad.4xlarge" + + // InstanceTypeC5ad8xlarge is a InstanceType enum value + InstanceTypeC5ad8xlarge = "c5ad.8xlarge" + + // InstanceTypeC5ad12xlarge is a InstanceType enum value + InstanceTypeC5ad12xlarge = "c5ad.12xlarge" + + // InstanceTypeC5ad16xlarge is a InstanceType enum value + InstanceTypeC5ad16xlarge = "c5ad.16xlarge" + + // InstanceTypeC5ad24xlarge is a InstanceType enum value + InstanceTypeC5ad24xlarge = "c5ad.24xlarge" + // InstanceTypeC5dLarge is a InstanceType enum value InstanceTypeC5dLarge = "c5d.large" @@ -108144,6 +118755,60 @@ const ( // InstanceTypeC5n18xlarge is a InstanceType enum value InstanceTypeC5n18xlarge = "c5n.18xlarge" + // InstanceTypeC6gMetal is a InstanceType enum value + InstanceTypeC6gMetal = "c6g.metal" + + // InstanceTypeC6gMedium is a InstanceType enum value + InstanceTypeC6gMedium = "c6g.medium" + + // InstanceTypeC6gLarge is a InstanceType enum value + InstanceTypeC6gLarge = "c6g.large" + + // InstanceTypeC6gXlarge is a InstanceType enum value + InstanceTypeC6gXlarge = "c6g.xlarge" + + // InstanceTypeC6g2xlarge is a InstanceType enum value + InstanceTypeC6g2xlarge = "c6g.2xlarge" + + // InstanceTypeC6g4xlarge is a InstanceType enum value + InstanceTypeC6g4xlarge = "c6g.4xlarge" + + // InstanceTypeC6g8xlarge is a InstanceType enum value + InstanceTypeC6g8xlarge = "c6g.8xlarge" + + // InstanceTypeC6g12xlarge is a InstanceType enum value + InstanceTypeC6g12xlarge = "c6g.12xlarge" + + // InstanceTypeC6g16xlarge is a InstanceType enum value + InstanceTypeC6g16xlarge = "c6g.16xlarge" + + // InstanceTypeC6gdMetal is a InstanceType enum value + InstanceTypeC6gdMetal = "c6gd.metal" + + // InstanceTypeC6gdMedium is a InstanceType enum value + InstanceTypeC6gdMedium = "c6gd.medium" + + // InstanceTypeC6gdLarge is a InstanceType enum value + InstanceTypeC6gdLarge = "c6gd.large" + + // InstanceTypeC6gdXlarge is a InstanceType enum value + InstanceTypeC6gdXlarge = "c6gd.xlarge" + + // InstanceTypeC6gd2xlarge is a InstanceType enum value + InstanceTypeC6gd2xlarge = "c6gd.2xlarge" + + // InstanceTypeC6gd4xlarge is a InstanceType enum value + InstanceTypeC6gd4xlarge = "c6gd.4xlarge" + + // InstanceTypeC6gd8xlarge is a InstanceType enum value + InstanceTypeC6gd8xlarge = "c6gd.8xlarge" + + // InstanceTypeC6gd12xlarge is a InstanceType enum value + InstanceTypeC6gd12xlarge = "c6gd.12xlarge" + + // InstanceTypeC6gd16xlarge is a InstanceType enum value + InstanceTypeC6gd16xlarge = "c6gd.16xlarge" + // InstanceTypeCc14xlarge is a InstanceType enum value InstanceTypeCc14xlarge = "cc1.4xlarge" @@ -108186,6 +118851,9 @@ const ( // InstanceTypeG4dn16xlarge is a InstanceType enum value InstanceTypeG4dn16xlarge = "g4dn.16xlarge" + // InstanceTypeG4dnMetal is a InstanceType enum value + InstanceTypeG4dnMetal = "g4dn.metal" + // InstanceTypeCg14xlarge is a InstanceType enum value InstanceTypeCg14xlarge = "cg1.4xlarge" @@ -108210,6 +118878,9 @@ const ( // InstanceTypeP3dn24xlarge is a InstanceType enum value InstanceTypeP3dn24xlarge = "p3dn.24xlarge" + // InstanceTypeP4d24xlarge is a InstanceType enum value + InstanceTypeP4d24xlarge = "p4d.24xlarge" + // InstanceTypeD2Xlarge is a InstanceType enum value InstanceTypeD2Xlarge = "d2.xlarge" @@ -108506,8 +119177,418 @@ const ( // InstanceTypeInf124xlarge is a InstanceType enum value InstanceTypeInf124xlarge = "inf1.24xlarge" + + // InstanceTypeM6gMetal is a InstanceType enum value + InstanceTypeM6gMetal = "m6g.metal" + + // InstanceTypeM6gMedium is a InstanceType enum value + InstanceTypeM6gMedium = "m6g.medium" + + // InstanceTypeM6gLarge is a InstanceType enum value + InstanceTypeM6gLarge = "m6g.large" + + // InstanceTypeM6gXlarge is a InstanceType enum value + InstanceTypeM6gXlarge = "m6g.xlarge" + + // InstanceTypeM6g2xlarge is a InstanceType enum value + InstanceTypeM6g2xlarge = "m6g.2xlarge" + + // InstanceTypeM6g4xlarge is a InstanceType enum value + InstanceTypeM6g4xlarge = "m6g.4xlarge" + + // InstanceTypeM6g8xlarge is a InstanceType enum value + InstanceTypeM6g8xlarge = "m6g.8xlarge" + + // InstanceTypeM6g12xlarge is a InstanceType enum value + InstanceTypeM6g12xlarge = "m6g.12xlarge" + + // InstanceTypeM6g16xlarge is a InstanceType enum value + InstanceTypeM6g16xlarge = "m6g.16xlarge" + + // InstanceTypeM6gdMetal is a InstanceType enum value + InstanceTypeM6gdMetal = "m6gd.metal" + + // InstanceTypeM6gdMedium is a InstanceType enum value + InstanceTypeM6gdMedium = "m6gd.medium" + + // InstanceTypeM6gdLarge is a InstanceType enum value + InstanceTypeM6gdLarge = "m6gd.large" + + // InstanceTypeM6gdXlarge is a InstanceType enum value + InstanceTypeM6gdXlarge = "m6gd.xlarge" + + // InstanceTypeM6gd2xlarge is a InstanceType enum value + InstanceTypeM6gd2xlarge = "m6gd.2xlarge" + + // InstanceTypeM6gd4xlarge is a InstanceType enum value + InstanceTypeM6gd4xlarge = "m6gd.4xlarge" + + // InstanceTypeM6gd8xlarge is a InstanceType enum value + InstanceTypeM6gd8xlarge = "m6gd.8xlarge" + + // InstanceTypeM6gd12xlarge is a InstanceType enum value + InstanceTypeM6gd12xlarge = "m6gd.12xlarge" + + // InstanceTypeM6gd16xlarge is a InstanceType enum value + InstanceTypeM6gd16xlarge = "m6gd.16xlarge" ) +// InstanceType_Values returns all elements of the InstanceType enum +func InstanceType_Values() []string { + return []string{ + InstanceTypeT1Micro, + InstanceTypeT2Nano, + InstanceTypeT2Micro, + InstanceTypeT2Small, + InstanceTypeT2Medium, + InstanceTypeT2Large, + InstanceTypeT2Xlarge, + InstanceTypeT22xlarge, + InstanceTypeT3Nano, + InstanceTypeT3Micro, + InstanceTypeT3Small, + InstanceTypeT3Medium, + InstanceTypeT3Large, + InstanceTypeT3Xlarge, + InstanceTypeT32xlarge, + InstanceTypeT3aNano, + InstanceTypeT3aMicro, + InstanceTypeT3aSmall, + InstanceTypeT3aMedium, + InstanceTypeT3aLarge, + InstanceTypeT3aXlarge, + InstanceTypeT3a2xlarge, + InstanceTypeT4gNano, + InstanceTypeT4gMicro, + InstanceTypeT4gSmall, + InstanceTypeT4gMedium, + InstanceTypeT4gLarge, + InstanceTypeT4gXlarge, + InstanceTypeT4g2xlarge, + InstanceTypeM1Small, + InstanceTypeM1Medium, + InstanceTypeM1Large, + InstanceTypeM1Xlarge, + InstanceTypeM3Medium, + InstanceTypeM3Large, + InstanceTypeM3Xlarge, + InstanceTypeM32xlarge, + InstanceTypeM4Large, + InstanceTypeM4Xlarge, + InstanceTypeM42xlarge, + InstanceTypeM44xlarge, + InstanceTypeM410xlarge, + InstanceTypeM416xlarge, + InstanceTypeM2Xlarge, + InstanceTypeM22xlarge, + InstanceTypeM24xlarge, + InstanceTypeCr18xlarge, + InstanceTypeR3Large, + InstanceTypeR3Xlarge, + InstanceTypeR32xlarge, + InstanceTypeR34xlarge, + InstanceTypeR38xlarge, + InstanceTypeR4Large, + InstanceTypeR4Xlarge, + InstanceTypeR42xlarge, + InstanceTypeR44xlarge, + InstanceTypeR48xlarge, + InstanceTypeR416xlarge, + InstanceTypeR5Large, + InstanceTypeR5Xlarge, + InstanceTypeR52xlarge, + InstanceTypeR54xlarge, + InstanceTypeR58xlarge, + InstanceTypeR512xlarge, + InstanceTypeR516xlarge, + InstanceTypeR524xlarge, + InstanceTypeR5Metal, + InstanceTypeR5aLarge, + InstanceTypeR5aXlarge, + InstanceTypeR5a2xlarge, + InstanceTypeR5a4xlarge, + InstanceTypeR5a8xlarge, + InstanceTypeR5a12xlarge, + InstanceTypeR5a16xlarge, + InstanceTypeR5a24xlarge, + InstanceTypeR5dLarge, + InstanceTypeR5dXlarge, + InstanceTypeR5d2xlarge, + InstanceTypeR5d4xlarge, + InstanceTypeR5d8xlarge, + InstanceTypeR5d12xlarge, + InstanceTypeR5d16xlarge, + InstanceTypeR5d24xlarge, + InstanceTypeR5dMetal, + InstanceTypeR5adLarge, + InstanceTypeR5adXlarge, + InstanceTypeR5ad2xlarge, + InstanceTypeR5ad4xlarge, + InstanceTypeR5ad8xlarge, + InstanceTypeR5ad12xlarge, + InstanceTypeR5ad16xlarge, + InstanceTypeR5ad24xlarge, + InstanceTypeR6gMetal, + InstanceTypeR6gMedium, + InstanceTypeR6gLarge, + InstanceTypeR6gXlarge, + InstanceTypeR6g2xlarge, + InstanceTypeR6g4xlarge, + InstanceTypeR6g8xlarge, + InstanceTypeR6g12xlarge, + InstanceTypeR6g16xlarge, + InstanceTypeR6gdMetal, + InstanceTypeR6gdMedium, + InstanceTypeR6gdLarge, + InstanceTypeR6gdXlarge, + InstanceTypeR6gd2xlarge, + InstanceTypeR6gd4xlarge, + InstanceTypeR6gd8xlarge, + InstanceTypeR6gd12xlarge, + InstanceTypeR6gd16xlarge, + InstanceTypeX116xlarge, + InstanceTypeX132xlarge, + InstanceTypeX1eXlarge, + InstanceTypeX1e2xlarge, + InstanceTypeX1e4xlarge, + InstanceTypeX1e8xlarge, + InstanceTypeX1e16xlarge, + InstanceTypeX1e32xlarge, + InstanceTypeI2Xlarge, + InstanceTypeI22xlarge, + InstanceTypeI24xlarge, + InstanceTypeI28xlarge, + InstanceTypeI3Large, + InstanceTypeI3Xlarge, + InstanceTypeI32xlarge, + InstanceTypeI34xlarge, + InstanceTypeI38xlarge, + InstanceTypeI316xlarge, + InstanceTypeI3Metal, + InstanceTypeI3enLarge, + InstanceTypeI3enXlarge, + InstanceTypeI3en2xlarge, + InstanceTypeI3en3xlarge, + InstanceTypeI3en6xlarge, + InstanceTypeI3en12xlarge, + InstanceTypeI3en24xlarge, + InstanceTypeI3enMetal, + InstanceTypeHi14xlarge, + InstanceTypeHs18xlarge, + InstanceTypeC1Medium, + InstanceTypeC1Xlarge, + InstanceTypeC3Large, + InstanceTypeC3Xlarge, + InstanceTypeC32xlarge, + InstanceTypeC34xlarge, + InstanceTypeC38xlarge, + InstanceTypeC4Large, + InstanceTypeC4Xlarge, + InstanceTypeC42xlarge, + InstanceTypeC44xlarge, + InstanceTypeC48xlarge, + InstanceTypeC5Large, + InstanceTypeC5Xlarge, + InstanceTypeC52xlarge, + InstanceTypeC54xlarge, + InstanceTypeC59xlarge, + InstanceTypeC512xlarge, + InstanceTypeC518xlarge, + InstanceTypeC524xlarge, + InstanceTypeC5Metal, + InstanceTypeC5aLarge, + InstanceTypeC5aXlarge, + InstanceTypeC5a2xlarge, + InstanceTypeC5a4xlarge, + InstanceTypeC5a8xlarge, + InstanceTypeC5a12xlarge, + InstanceTypeC5a16xlarge, + InstanceTypeC5a24xlarge, + InstanceTypeC5adLarge, + InstanceTypeC5adXlarge, + InstanceTypeC5ad2xlarge, + InstanceTypeC5ad4xlarge, + InstanceTypeC5ad8xlarge, + InstanceTypeC5ad12xlarge, + InstanceTypeC5ad16xlarge, + InstanceTypeC5ad24xlarge, + InstanceTypeC5dLarge, + InstanceTypeC5dXlarge, + InstanceTypeC5d2xlarge, + InstanceTypeC5d4xlarge, + InstanceTypeC5d9xlarge, + InstanceTypeC5d12xlarge, + InstanceTypeC5d18xlarge, + InstanceTypeC5d24xlarge, + InstanceTypeC5dMetal, + InstanceTypeC5nLarge, + InstanceTypeC5nXlarge, + InstanceTypeC5n2xlarge, + InstanceTypeC5n4xlarge, + InstanceTypeC5n9xlarge, + InstanceTypeC5n18xlarge, + InstanceTypeC6gMetal, + InstanceTypeC6gMedium, + InstanceTypeC6gLarge, + InstanceTypeC6gXlarge, + InstanceTypeC6g2xlarge, + InstanceTypeC6g4xlarge, + InstanceTypeC6g8xlarge, + InstanceTypeC6g12xlarge, + InstanceTypeC6g16xlarge, + InstanceTypeC6gdMetal, + InstanceTypeC6gdMedium, + InstanceTypeC6gdLarge, + InstanceTypeC6gdXlarge, + InstanceTypeC6gd2xlarge, + InstanceTypeC6gd4xlarge, + InstanceTypeC6gd8xlarge, + InstanceTypeC6gd12xlarge, + InstanceTypeC6gd16xlarge, + InstanceTypeCc14xlarge, + InstanceTypeCc28xlarge, + InstanceTypeG22xlarge, + InstanceTypeG28xlarge, + InstanceTypeG34xlarge, + InstanceTypeG38xlarge, + InstanceTypeG316xlarge, + InstanceTypeG3sXlarge, + InstanceTypeG4dnXlarge, + InstanceTypeG4dn2xlarge, + InstanceTypeG4dn4xlarge, + InstanceTypeG4dn8xlarge, + InstanceTypeG4dn12xlarge, + InstanceTypeG4dn16xlarge, + InstanceTypeG4dnMetal, + InstanceTypeCg14xlarge, + InstanceTypeP2Xlarge, + InstanceTypeP28xlarge, + InstanceTypeP216xlarge, + InstanceTypeP32xlarge, + InstanceTypeP38xlarge, + InstanceTypeP316xlarge, + InstanceTypeP3dn24xlarge, + InstanceTypeP4d24xlarge, + InstanceTypeD2Xlarge, + InstanceTypeD22xlarge, + InstanceTypeD24xlarge, + InstanceTypeD28xlarge, + InstanceTypeF12xlarge, + InstanceTypeF14xlarge, + InstanceTypeF116xlarge, + InstanceTypeM5Large, + InstanceTypeM5Xlarge, + InstanceTypeM52xlarge, + InstanceTypeM54xlarge, + InstanceTypeM58xlarge, + InstanceTypeM512xlarge, + InstanceTypeM516xlarge, + InstanceTypeM524xlarge, + InstanceTypeM5Metal, + InstanceTypeM5aLarge, + InstanceTypeM5aXlarge, + InstanceTypeM5a2xlarge, + InstanceTypeM5a4xlarge, + InstanceTypeM5a8xlarge, + InstanceTypeM5a12xlarge, + InstanceTypeM5a16xlarge, + InstanceTypeM5a24xlarge, + InstanceTypeM5dLarge, + InstanceTypeM5dXlarge, + InstanceTypeM5d2xlarge, + InstanceTypeM5d4xlarge, + InstanceTypeM5d8xlarge, + InstanceTypeM5d12xlarge, + InstanceTypeM5d16xlarge, + InstanceTypeM5d24xlarge, + InstanceTypeM5dMetal, + InstanceTypeM5adLarge, + InstanceTypeM5adXlarge, + InstanceTypeM5ad2xlarge, + InstanceTypeM5ad4xlarge, + InstanceTypeM5ad8xlarge, + InstanceTypeM5ad12xlarge, + InstanceTypeM5ad16xlarge, + InstanceTypeM5ad24xlarge, + InstanceTypeH12xlarge, + InstanceTypeH14xlarge, + InstanceTypeH18xlarge, + InstanceTypeH116xlarge, + InstanceTypeZ1dLarge, + InstanceTypeZ1dXlarge, + InstanceTypeZ1d2xlarge, + InstanceTypeZ1d3xlarge, + InstanceTypeZ1d6xlarge, + InstanceTypeZ1d12xlarge, + InstanceTypeZ1dMetal, + InstanceTypeU6tb1Metal, + InstanceTypeU9tb1Metal, + InstanceTypeU12tb1Metal, + InstanceTypeU18tb1Metal, + InstanceTypeU24tb1Metal, + InstanceTypeA1Medium, + InstanceTypeA1Large, + InstanceTypeA1Xlarge, + InstanceTypeA12xlarge, + InstanceTypeA14xlarge, + InstanceTypeA1Metal, + InstanceTypeM5dnLarge, + InstanceTypeM5dnXlarge, + InstanceTypeM5dn2xlarge, + InstanceTypeM5dn4xlarge, + InstanceTypeM5dn8xlarge, + InstanceTypeM5dn12xlarge, + InstanceTypeM5dn16xlarge, + InstanceTypeM5dn24xlarge, + InstanceTypeM5nLarge, + InstanceTypeM5nXlarge, + InstanceTypeM5n2xlarge, + InstanceTypeM5n4xlarge, + InstanceTypeM5n8xlarge, + InstanceTypeM5n12xlarge, + InstanceTypeM5n16xlarge, + InstanceTypeM5n24xlarge, + InstanceTypeR5dnLarge, + InstanceTypeR5dnXlarge, + InstanceTypeR5dn2xlarge, + InstanceTypeR5dn4xlarge, + InstanceTypeR5dn8xlarge, + InstanceTypeR5dn12xlarge, + InstanceTypeR5dn16xlarge, + InstanceTypeR5dn24xlarge, + InstanceTypeR5nLarge, + InstanceTypeR5nXlarge, + InstanceTypeR5n2xlarge, + InstanceTypeR5n4xlarge, + InstanceTypeR5n8xlarge, + InstanceTypeR5n12xlarge, + InstanceTypeR5n16xlarge, + InstanceTypeR5n24xlarge, + InstanceTypeInf1Xlarge, + InstanceTypeInf12xlarge, + InstanceTypeInf16xlarge, + InstanceTypeInf124xlarge, + InstanceTypeM6gMetal, + InstanceTypeM6gMedium, + InstanceTypeM6gLarge, + InstanceTypeM6gXlarge, + InstanceTypeM6g2xlarge, + InstanceTypeM6g4xlarge, + InstanceTypeM6g8xlarge, + InstanceTypeM6g12xlarge, + InstanceTypeM6g16xlarge, + InstanceTypeM6gdMetal, + InstanceTypeM6gdMedium, + InstanceTypeM6gdLarge, + InstanceTypeM6gdXlarge, + InstanceTypeM6gd2xlarge, + InstanceTypeM6gd4xlarge, + InstanceTypeM6gd8xlarge, + InstanceTypeM6gd12xlarge, + InstanceTypeM6gd16xlarge, + } +} + const ( // InstanceTypeHypervisorNitro is a InstanceTypeHypervisor enum value InstanceTypeHypervisorNitro = "nitro" @@ -108516,6 +119597,14 @@ const ( InstanceTypeHypervisorXen = "xen" ) +// InstanceTypeHypervisor_Values returns all elements of the InstanceTypeHypervisor enum +func InstanceTypeHypervisor_Values() []string { + return []string{ + InstanceTypeHypervisorNitro, + InstanceTypeHypervisorXen, + } +} + const ( // InterfacePermissionTypeInstanceAttach is a InterfacePermissionType enum value InterfacePermissionTypeInstanceAttach = "INSTANCE-ATTACH" @@ -108524,6 +119613,14 @@ const ( InterfacePermissionTypeEipAssociate = "EIP-ASSOCIATE" ) +// InterfacePermissionType_Values returns all elements of the InterfacePermissionType enum +func InterfacePermissionType_Values() []string { + return []string{ + InterfacePermissionTypeInstanceAttach, + InterfacePermissionTypeEipAssociate, + } +} + const ( // Ipv6SupportValueEnable is a Ipv6SupportValue enum value Ipv6SupportValueEnable = "enable" @@ -108532,6 +119629,14 @@ const ( Ipv6SupportValueDisable = "disable" ) +// Ipv6SupportValue_Values returns all elements of the Ipv6SupportValue enum +func Ipv6SupportValue_Values() []string { + return []string{ + Ipv6SupportValueEnable, + Ipv6SupportValueDisable, + } +} + const ( // LaunchTemplateErrorCodeLaunchTemplateIdDoesNotExist is a LaunchTemplateErrorCode enum value LaunchTemplateErrorCodeLaunchTemplateIdDoesNotExist = "launchTemplateIdDoesNotExist" @@ -108552,6 +119657,18 @@ const ( LaunchTemplateErrorCodeUnexpectedError = "unexpectedError" ) +// LaunchTemplateErrorCode_Values returns all elements of the LaunchTemplateErrorCode enum +func LaunchTemplateErrorCode_Values() []string { + return []string{ + LaunchTemplateErrorCodeLaunchTemplateIdDoesNotExist, + LaunchTemplateErrorCodeLaunchTemplateIdMalformed, + LaunchTemplateErrorCodeLaunchTemplateNameDoesNotExist, + LaunchTemplateErrorCodeLaunchTemplateNameMalformed, + LaunchTemplateErrorCodeLaunchTemplateVersionDoesNotExist, + LaunchTemplateErrorCodeUnexpectedError, + } +} + const ( // LaunchTemplateHttpTokensStateOptional is a LaunchTemplateHttpTokensState enum value LaunchTemplateHttpTokensStateOptional = "optional" @@ -108560,6 +119677,14 @@ const ( LaunchTemplateHttpTokensStateRequired = "required" ) +// LaunchTemplateHttpTokensState_Values returns all elements of the LaunchTemplateHttpTokensState enum +func LaunchTemplateHttpTokensState_Values() []string { + return []string{ + LaunchTemplateHttpTokensStateOptional, + LaunchTemplateHttpTokensStateRequired, + } +} + const ( // LaunchTemplateInstanceMetadataEndpointStateDisabled is a LaunchTemplateInstanceMetadataEndpointState enum value LaunchTemplateInstanceMetadataEndpointStateDisabled = "disabled" @@ -108568,6 +119693,14 @@ const ( LaunchTemplateInstanceMetadataEndpointStateEnabled = "enabled" ) +// LaunchTemplateInstanceMetadataEndpointState_Values returns all elements of the LaunchTemplateInstanceMetadataEndpointState enum +func LaunchTemplateInstanceMetadataEndpointState_Values() []string { + return []string{ + LaunchTemplateInstanceMetadataEndpointStateDisabled, + LaunchTemplateInstanceMetadataEndpointStateEnabled, + } +} + const ( // LaunchTemplateInstanceMetadataOptionsStatePending is a LaunchTemplateInstanceMetadataOptionsState enum value LaunchTemplateInstanceMetadataOptionsStatePending = "pending" @@ -108576,6 +119709,14 @@ const ( LaunchTemplateInstanceMetadataOptionsStateApplied = "applied" ) +// LaunchTemplateInstanceMetadataOptionsState_Values returns all elements of the LaunchTemplateInstanceMetadataOptionsState enum +func LaunchTemplateInstanceMetadataOptionsState_Values() []string { + return []string{ + LaunchTemplateInstanceMetadataOptionsStatePending, + LaunchTemplateInstanceMetadataOptionsStateApplied, + } +} + const ( // ListingStateAvailable is a ListingState enum value ListingStateAvailable = "available" @@ -108590,6 +119731,16 @@ const ( ListingStatePending = "pending" ) +// ListingState_Values returns all elements of the ListingState enum +func ListingState_Values() []string { + return []string{ + ListingStateAvailable, + ListingStateSold, + ListingStateCancelled, + ListingStatePending, + } +} + const ( // ListingStatusActive is a ListingStatus enum value ListingStatusActive = "active" @@ -108604,6 +119755,16 @@ const ( ListingStatusClosed = "closed" ) +// ListingStatus_Values returns all elements of the ListingStatus enum +func ListingStatus_Values() []string { + return []string{ + ListingStatusActive, + ListingStatusPending, + ListingStatusCancelled, + ListingStatusClosed, + } +} + const ( // LocalGatewayRouteStatePending is a LocalGatewayRouteState enum value LocalGatewayRouteStatePending = "pending" @@ -108621,6 +119782,17 @@ const ( LocalGatewayRouteStateDeleted = "deleted" ) +// LocalGatewayRouteState_Values returns all elements of the LocalGatewayRouteState enum +func LocalGatewayRouteState_Values() []string { + return []string{ + LocalGatewayRouteStatePending, + LocalGatewayRouteStateActive, + LocalGatewayRouteStateBlackhole, + LocalGatewayRouteStateDeleting, + LocalGatewayRouteStateDeleted, + } +} + const ( // LocalGatewayRouteTypeStatic is a LocalGatewayRouteType enum value LocalGatewayRouteTypeStatic = "static" @@ -108629,6 +119801,14 @@ const ( LocalGatewayRouteTypePropagated = "propagated" ) +// LocalGatewayRouteType_Values returns all elements of the LocalGatewayRouteType enum +func LocalGatewayRouteType_Values() []string { + return []string{ + LocalGatewayRouteTypeStatic, + LocalGatewayRouteTypePropagated, + } +} + const ( // LocationTypeRegion is a LocationType enum value LocationTypeRegion = "region" @@ -108640,6 +119820,15 @@ const ( LocationTypeAvailabilityZoneId = "availability-zone-id" ) +// LocationType_Values returns all elements of the LocationType enum +func LocationType_Values() []string { + return []string{ + LocationTypeRegion, + LocationTypeAvailabilityZone, + LocationTypeAvailabilityZoneId, + } +} + const ( // LogDestinationTypeCloudWatchLogs is a LogDestinationType enum value LogDestinationTypeCloudWatchLogs = "cloud-watch-logs" @@ -108648,11 +119837,26 @@ const ( LogDestinationTypeS3 = "s3" ) +// LogDestinationType_Values returns all elements of the LogDestinationType enum +func LogDestinationType_Values() []string { + return []string{ + LogDestinationTypeCloudWatchLogs, + LogDestinationTypeS3, + } +} + const ( // MarketTypeSpot is a MarketType enum value MarketTypeSpot = "spot" ) +// MarketType_Values returns all elements of the MarketType enum +func MarketType_Values() []string { + return []string{ + MarketTypeSpot, + } +} + const ( // MembershipTypeStatic is a MembershipType enum value MembershipTypeStatic = "static" @@ -108661,6 +119865,30 @@ const ( MembershipTypeIgmp = "igmp" ) +// MembershipType_Values returns all elements of the MembershipType enum +func MembershipType_Values() []string { + return []string{ + MembershipTypeStatic, + MembershipTypeIgmp, + } +} + +const ( + // ModifyAvailabilityZoneOptInStatusOptedIn is a ModifyAvailabilityZoneOptInStatus enum value + ModifyAvailabilityZoneOptInStatusOptedIn = "opted-in" + + // ModifyAvailabilityZoneOptInStatusNotOptedIn is a ModifyAvailabilityZoneOptInStatus enum value + ModifyAvailabilityZoneOptInStatusNotOptedIn = "not-opted-in" +) + +// ModifyAvailabilityZoneOptInStatus_Values returns all elements of the ModifyAvailabilityZoneOptInStatus enum +func ModifyAvailabilityZoneOptInStatus_Values() []string { + return []string{ + ModifyAvailabilityZoneOptInStatusOptedIn, + ModifyAvailabilityZoneOptInStatusNotOptedIn, + } +} + const ( // MonitoringStateDisabled is a MonitoringState enum value MonitoringStateDisabled = "disabled" @@ -108675,6 +119903,16 @@ const ( MonitoringStatePending = "pending" ) +// MonitoringState_Values returns all elements of the MonitoringState enum +func MonitoringState_Values() []string { + return []string{ + MonitoringStateDisabled, + MonitoringStateDisabling, + MonitoringStateEnabled, + MonitoringStatePending, + } +} + const ( // MoveStatusMovingToVpc is a MoveStatus enum value MoveStatusMovingToVpc = "movingToVpc" @@ -108683,6 +119921,14 @@ const ( MoveStatusRestoringToClassic = "restoringToClassic" ) +// MoveStatus_Values returns all elements of the MoveStatus enum +func MoveStatus_Values() []string { + return []string{ + MoveStatusMovingToVpc, + MoveStatusRestoringToClassic, + } +} + const ( // MulticastSupportValueEnable is a MulticastSupportValue enum value MulticastSupportValueEnable = "enable" @@ -108691,6 +119937,14 @@ const ( MulticastSupportValueDisable = "disable" ) +// MulticastSupportValue_Values returns all elements of the MulticastSupportValue enum +func MulticastSupportValue_Values() []string { + return []string{ + MulticastSupportValueEnable, + MulticastSupportValueDisable, + } +} + const ( // NatGatewayStatePending is a NatGatewayState enum value NatGatewayStatePending = "pending" @@ -108708,6 +119962,17 @@ const ( NatGatewayStateDeleted = "deleted" ) +// NatGatewayState_Values returns all elements of the NatGatewayState enum +func NatGatewayState_Values() []string { + return []string{ + NatGatewayStatePending, + NatGatewayStateFailed, + NatGatewayStateAvailable, + NatGatewayStateDeleting, + NatGatewayStateDeleted, + } +} + const ( // NetworkInterfaceAttributeDescription is a NetworkInterfaceAttribute enum value NetworkInterfaceAttributeDescription = "description" @@ -108722,11 +119987,28 @@ const ( NetworkInterfaceAttributeAttachment = "attachment" ) +// NetworkInterfaceAttribute_Values returns all elements of the NetworkInterfaceAttribute enum +func NetworkInterfaceAttribute_Values() []string { + return []string{ + NetworkInterfaceAttributeDescription, + NetworkInterfaceAttributeGroupSet, + NetworkInterfaceAttributeSourceDestCheck, + NetworkInterfaceAttributeAttachment, + } +} + const ( // NetworkInterfaceCreationTypeEfa is a NetworkInterfaceCreationType enum value NetworkInterfaceCreationTypeEfa = "efa" ) +// NetworkInterfaceCreationType_Values returns all elements of the NetworkInterfaceCreationType enum +func NetworkInterfaceCreationType_Values() []string { + return []string{ + NetworkInterfaceCreationTypeEfa, + } +} + const ( // NetworkInterfacePermissionStateCodePending is a NetworkInterfacePermissionStateCode enum value NetworkInterfacePermissionStateCodePending = "pending" @@ -108741,6 +120023,16 @@ const ( NetworkInterfacePermissionStateCodeRevoked = "revoked" ) +// NetworkInterfacePermissionStateCode_Values returns all elements of the NetworkInterfacePermissionStateCode enum +func NetworkInterfacePermissionStateCode_Values() []string { + return []string{ + NetworkInterfacePermissionStateCodePending, + NetworkInterfacePermissionStateCodeGranted, + NetworkInterfacePermissionStateCodeRevoking, + NetworkInterfacePermissionStateCodeRevoked, + } +} + const ( // NetworkInterfaceStatusAvailable is a NetworkInterfaceStatus enum value NetworkInterfaceStatusAvailable = "available" @@ -108758,6 +120050,17 @@ const ( NetworkInterfaceStatusDetaching = "detaching" ) +// NetworkInterfaceStatus_Values returns all elements of the NetworkInterfaceStatus enum +func NetworkInterfaceStatus_Values() []string { + return []string{ + NetworkInterfaceStatusAvailable, + NetworkInterfaceStatusAssociated, + NetworkInterfaceStatusAttaching, + NetworkInterfaceStatusInUse, + NetworkInterfaceStatusDetaching, + } +} + const ( // NetworkInterfaceTypeInterface is a NetworkInterfaceType enum value NetworkInterfaceTypeInterface = "interface" @@ -108769,6 +120072,15 @@ const ( NetworkInterfaceTypeEfa = "efa" ) +// NetworkInterfaceType_Values returns all elements of the NetworkInterfaceType enum +func NetworkInterfaceType_Values() []string { + return []string{ + NetworkInterfaceTypeInterface, + NetworkInterfaceTypeNatGateway, + NetworkInterfaceTypeEfa, + } +} + const ( // OfferingClassTypeStandard is a OfferingClassType enum value OfferingClassTypeStandard = "standard" @@ -108777,6 +120089,14 @@ const ( OfferingClassTypeConvertible = "convertible" ) +// OfferingClassType_Values returns all elements of the OfferingClassType enum +func OfferingClassType_Values() []string { + return []string{ + OfferingClassTypeStandard, + OfferingClassTypeConvertible, + } +} + const ( // OfferingTypeValuesHeavyUtilization is a OfferingTypeValues enum value OfferingTypeValuesHeavyUtilization = "Heavy Utilization" @@ -108797,6 +120117,18 @@ const ( OfferingTypeValuesAllUpfront = "All Upfront" ) +// OfferingTypeValues_Values returns all elements of the OfferingTypeValues enum +func OfferingTypeValues_Values() []string { + return []string{ + OfferingTypeValuesHeavyUtilization, + OfferingTypeValuesMediumUtilization, + OfferingTypeValuesLightUtilization, + OfferingTypeValuesNoUpfront, + OfferingTypeValuesPartialUpfront, + OfferingTypeValuesAllUpfront, + } +} + const ( // OnDemandAllocationStrategyLowestPrice is a OnDemandAllocationStrategy enum value OnDemandAllocationStrategyLowestPrice = "lowestPrice" @@ -108805,6 +120137,14 @@ const ( OnDemandAllocationStrategyPrioritized = "prioritized" ) +// OnDemandAllocationStrategy_Values returns all elements of the OnDemandAllocationStrategy enum +func OnDemandAllocationStrategy_Values() []string { + return []string{ + OnDemandAllocationStrategyLowestPrice, + OnDemandAllocationStrategyPrioritized, + } +} + const ( // OperationTypeAdd is a OperationType enum value OperationTypeAdd = "add" @@ -108813,6 +120153,14 @@ const ( OperationTypeRemove = "remove" ) +// OperationType_Values returns all elements of the OperationType enum +func OperationType_Values() []string { + return []string{ + OperationTypeAdd, + OperationTypeRemove, + } +} + const ( // PaymentOptionAllUpfront is a PaymentOption enum value PaymentOptionAllUpfront = "AllUpfront" @@ -108824,11 +120172,27 @@ const ( PaymentOptionNoUpfront = "NoUpfront" ) +// PaymentOption_Values returns all elements of the PaymentOption enum +func PaymentOption_Values() []string { + return []string{ + PaymentOptionAllUpfront, + PaymentOptionPartialUpfront, + PaymentOptionNoUpfront, + } +} + const ( // PermissionGroupAll is a PermissionGroup enum value PermissionGroupAll = "all" ) +// PermissionGroup_Values returns all elements of the PermissionGroup enum +func PermissionGroup_Values() []string { + return []string{ + PermissionGroupAll, + } +} + const ( // PlacementGroupStatePending is a PlacementGroupState enum value PlacementGroupStatePending = "pending" @@ -108843,6 +120207,16 @@ const ( PlacementGroupStateDeleted = "deleted" ) +// PlacementGroupState_Values returns all elements of the PlacementGroupState enum +func PlacementGroupState_Values() []string { + return []string{ + PlacementGroupStatePending, + PlacementGroupStateAvailable, + PlacementGroupStateDeleting, + PlacementGroupStateDeleted, + } +} + const ( // PlacementGroupStrategyCluster is a PlacementGroupStrategy enum value PlacementGroupStrategyCluster = "cluster" @@ -108854,6 +120228,15 @@ const ( PlacementGroupStrategySpread = "spread" ) +// PlacementGroupStrategy_Values returns all elements of the PlacementGroupStrategy enum +func PlacementGroupStrategy_Values() []string { + return []string{ + PlacementGroupStrategyCluster, + PlacementGroupStrategyPartition, + PlacementGroupStrategySpread, + } +} + const ( // PlacementStrategyCluster is a PlacementStrategy enum value PlacementStrategyCluster = "cluster" @@ -108865,11 +120248,83 @@ const ( PlacementStrategyPartition = "partition" ) +// PlacementStrategy_Values returns all elements of the PlacementStrategy enum +func PlacementStrategy_Values() []string { + return []string{ + PlacementStrategyCluster, + PlacementStrategySpread, + PlacementStrategyPartition, + } +} + const ( // PlatformValuesWindows is a PlatformValues enum value PlatformValuesWindows = "Windows" ) +// PlatformValues_Values returns all elements of the PlatformValues enum +func PlatformValues_Values() []string { + return []string{ + PlatformValuesWindows, + } +} + +const ( + // PrefixListStateCreateInProgress is a PrefixListState enum value + PrefixListStateCreateInProgress = "create-in-progress" + + // PrefixListStateCreateComplete is a PrefixListState enum value + PrefixListStateCreateComplete = "create-complete" + + // PrefixListStateCreateFailed is a PrefixListState enum value + PrefixListStateCreateFailed = "create-failed" + + // PrefixListStateModifyInProgress is a PrefixListState enum value + PrefixListStateModifyInProgress = "modify-in-progress" + + // PrefixListStateModifyComplete is a PrefixListState enum value + PrefixListStateModifyComplete = "modify-complete" + + // PrefixListStateModifyFailed is a PrefixListState enum value + PrefixListStateModifyFailed = "modify-failed" + + // PrefixListStateRestoreInProgress is a PrefixListState enum value + PrefixListStateRestoreInProgress = "restore-in-progress" + + // PrefixListStateRestoreComplete is a PrefixListState enum value + PrefixListStateRestoreComplete = "restore-complete" + + // PrefixListStateRestoreFailed is a PrefixListState enum value + PrefixListStateRestoreFailed = "restore-failed" + + // PrefixListStateDeleteInProgress is a PrefixListState enum value + PrefixListStateDeleteInProgress = "delete-in-progress" + + // PrefixListStateDeleteComplete is a PrefixListState enum value + PrefixListStateDeleteComplete = "delete-complete" + + // PrefixListStateDeleteFailed is a PrefixListState enum value + PrefixListStateDeleteFailed = "delete-failed" +) + +// PrefixListState_Values returns all elements of the PrefixListState enum +func PrefixListState_Values() []string { + return []string{ + PrefixListStateCreateInProgress, + PrefixListStateCreateComplete, + PrefixListStateCreateFailed, + PrefixListStateModifyInProgress, + PrefixListStateModifyComplete, + PrefixListStateModifyFailed, + PrefixListStateRestoreInProgress, + PrefixListStateRestoreComplete, + PrefixListStateRestoreFailed, + PrefixListStateDeleteInProgress, + PrefixListStateDeleteComplete, + PrefixListStateDeleteFailed, + } +} + const ( // PrincipalTypeAll is a PrincipalType enum value PrincipalTypeAll = "All" @@ -108890,6 +120345,18 @@ const ( PrincipalTypeRole = "Role" ) +// PrincipalType_Values returns all elements of the PrincipalType enum +func PrincipalType_Values() []string { + return []string{ + PrincipalTypeAll, + PrincipalTypeService, + PrincipalTypeOrganizationUnit, + PrincipalTypeAccount, + PrincipalTypeUser, + PrincipalTypeRole, + } +} + const ( // ProductCodeValuesDevpay is a ProductCodeValues enum value ProductCodeValuesDevpay = "devpay" @@ -108898,6 +120365,14 @@ const ( ProductCodeValuesMarketplace = "marketplace" ) +// ProductCodeValues_Values returns all elements of the ProductCodeValues enum +func ProductCodeValues_Values() []string { + return []string{ + ProductCodeValuesDevpay, + ProductCodeValuesMarketplace, + } +} + const ( // RIProductDescriptionLinuxUnix is a RIProductDescription enum value RIProductDescriptionLinuxUnix = "Linux/UNIX" @@ -108912,11 +120387,40 @@ const ( RIProductDescriptionWindowsAmazonVpc = "Windows (Amazon VPC)" ) +// RIProductDescription_Values returns all elements of the RIProductDescription enum +func RIProductDescription_Values() []string { + return []string{ + RIProductDescriptionLinuxUnix, + RIProductDescriptionLinuxUnixamazonVpc, + RIProductDescriptionWindows, + RIProductDescriptionWindowsAmazonVpc, + } +} + const ( // RecurringChargeFrequencyHourly is a RecurringChargeFrequency enum value RecurringChargeFrequencyHourly = "Hourly" ) +// RecurringChargeFrequency_Values returns all elements of the RecurringChargeFrequency enum +func RecurringChargeFrequency_Values() []string { + return []string{ + RecurringChargeFrequencyHourly, + } +} + +const ( + // ReplacementStrategyLaunch is a ReplacementStrategy enum value + ReplacementStrategyLaunch = "launch" +) + +// ReplacementStrategy_Values returns all elements of the ReplacementStrategy enum +func ReplacementStrategy_Values() []string { + return []string{ + ReplacementStrategyLaunch, + } +} + const ( // ReportInstanceReasonCodesInstanceStuckInState is a ReportInstanceReasonCodes enum value ReportInstanceReasonCodesInstanceStuckInState = "instance-stuck-in-state" @@ -108946,6 +120450,21 @@ const ( ReportInstanceReasonCodesOther = "other" ) +// ReportInstanceReasonCodes_Values returns all elements of the ReportInstanceReasonCodes enum +func ReportInstanceReasonCodes_Values() []string { + return []string{ + ReportInstanceReasonCodesInstanceStuckInState, + ReportInstanceReasonCodesUnresponsive, + ReportInstanceReasonCodesNotAcceptingCredentials, + ReportInstanceReasonCodesPasswordNotAvailable, + ReportInstanceReasonCodesPerformanceNetwork, + ReportInstanceReasonCodesPerformanceInstanceStore, + ReportInstanceReasonCodesPerformanceEbsVolume, + ReportInstanceReasonCodesPerformanceOther, + ReportInstanceReasonCodesOther, + } +} + const ( // ReportStatusTypeOk is a ReportStatusType enum value ReportStatusTypeOk = "ok" @@ -108954,6 +120473,14 @@ const ( ReportStatusTypeImpaired = "impaired" ) +// ReportStatusType_Values returns all elements of the ReportStatusType enum +func ReportStatusType_Values() []string { + return []string{ + ReportStatusTypeOk, + ReportStatusTypeImpaired, + } +} + const ( // ReservationStatePaymentPending is a ReservationState enum value ReservationStatePaymentPending = "payment-pending" @@ -108968,6 +120495,16 @@ const ( ReservationStateRetired = "retired" ) +// ReservationState_Values returns all elements of the ReservationState enum +func ReservationState_Values() []string { + return []string{ + ReservationStatePaymentPending, + ReservationStatePaymentFailed, + ReservationStateActive, + ReservationStateRetired, + } +} + const ( // ReservedInstanceStatePaymentPending is a ReservedInstanceState enum value ReservedInstanceStatePaymentPending = "payment-pending" @@ -108988,16 +120525,42 @@ const ( ReservedInstanceStateQueuedDeleted = "queued-deleted" ) +// ReservedInstanceState_Values returns all elements of the ReservedInstanceState enum +func ReservedInstanceState_Values() []string { + return []string{ + ReservedInstanceStatePaymentPending, + ReservedInstanceStateActive, + ReservedInstanceStatePaymentFailed, + ReservedInstanceStateRetired, + ReservedInstanceStateQueued, + ReservedInstanceStateQueuedDeleted, + } +} + const ( // ResetFpgaImageAttributeNameLoadPermission is a ResetFpgaImageAttributeName enum value ResetFpgaImageAttributeNameLoadPermission = "loadPermission" ) +// ResetFpgaImageAttributeName_Values returns all elements of the ResetFpgaImageAttributeName enum +func ResetFpgaImageAttributeName_Values() []string { + return []string{ + ResetFpgaImageAttributeNameLoadPermission, + } +} + const ( // ResetImageAttributeNameLaunchPermission is a ResetImageAttributeName enum value ResetImageAttributeNameLaunchPermission = "launchPermission" ) +// ResetImageAttributeName_Values returns all elements of the ResetImageAttributeName enum +func ResetImageAttributeName_Values() []string { + return []string{ + ResetImageAttributeNameLaunchPermission, + } +} + const ( // ResourceTypeClientVpnEndpoint is a ResourceType enum value ResourceTypeClientVpnEndpoint = "client-vpn-endpoint" @@ -109011,9 +120574,21 @@ const ( // ResourceTypeDhcpOptions is a ResourceType enum value ResourceTypeDhcpOptions = "dhcp-options" + // ResourceTypeEgressOnlyInternetGateway is a ResourceType enum value + ResourceTypeEgressOnlyInternetGateway = "egress-only-internet-gateway" + // ResourceTypeElasticIp is a ResourceType enum value ResourceTypeElasticIp = "elastic-ip" + // ResourceTypeElasticGpu is a ResourceType enum value + ResourceTypeElasticGpu = "elastic-gpu" + + // ResourceTypeExportImageTask is a ResourceType enum value + ResourceTypeExportImageTask = "export-image-task" + + // ResourceTypeExportInstanceTask is a ResourceType enum value + ResourceTypeExportInstanceTask = "export-instance-task" + // ResourceTypeFleet is a ResourceType enum value ResourceTypeFleet = "fleet" @@ -109026,6 +120601,12 @@ const ( // ResourceTypeImage is a ResourceType enum value ResourceTypeImage = "image" + // ResourceTypeImportImageTask is a ResourceType enum value + ResourceTypeImportImageTask = "import-image-task" + + // ResourceTypeImportSnapshotTask is a ResourceType enum value + ResourceTypeImportSnapshotTask = "import-snapshot-task" + // ResourceTypeInstance is a ResourceType enum value ResourceTypeInstance = "instance" @@ -109038,6 +120619,9 @@ const ( // ResourceTypeLaunchTemplate is a ResourceType enum value ResourceTypeLaunchTemplate = "launch-template" + // ResourceTypeLocalGatewayRouteTableVpcAssociation is a ResourceType enum value + ResourceTypeLocalGatewayRouteTableVpcAssociation = "local-gateway-route-table-vpc-association" + // ResourceTypeNatgateway is a ResourceType enum value ResourceTypeNatgateway = "natgateway" @@ -109106,8 +120690,61 @@ const ( // ResourceTypeVpnGateway is a ResourceType enum value ResourceTypeVpnGateway = "vpn-gateway" + + // ResourceTypeVpcFlowLog is a ResourceType enum value + ResourceTypeVpcFlowLog = "vpc-flow-log" ) +// ResourceType_Values returns all elements of the ResourceType enum +func ResourceType_Values() []string { + return []string{ + ResourceTypeClientVpnEndpoint, + ResourceTypeCustomerGateway, + ResourceTypeDedicatedHost, + ResourceTypeDhcpOptions, + ResourceTypeEgressOnlyInternetGateway, + ResourceTypeElasticIp, + ResourceTypeElasticGpu, + ResourceTypeExportImageTask, + ResourceTypeExportInstanceTask, + ResourceTypeFleet, + ResourceTypeFpgaImage, + ResourceTypeHostReservation, + ResourceTypeImage, + ResourceTypeImportImageTask, + ResourceTypeImportSnapshotTask, + ResourceTypeInstance, + ResourceTypeInternetGateway, + ResourceTypeKeyPair, + ResourceTypeLaunchTemplate, + ResourceTypeLocalGatewayRouteTableVpcAssociation, + ResourceTypeNatgateway, + ResourceTypeNetworkAcl, + ResourceTypeNetworkInterface, + ResourceTypePlacementGroup, + ResourceTypeReservedInstances, + ResourceTypeRouteTable, + ResourceTypeSecurityGroup, + ResourceTypeSnapshot, + ResourceTypeSpotFleetRequest, + ResourceTypeSpotInstancesRequest, + ResourceTypeSubnet, + ResourceTypeTrafficMirrorFilter, + ResourceTypeTrafficMirrorSession, + ResourceTypeTrafficMirrorTarget, + ResourceTypeTransitGateway, + ResourceTypeTransitGatewayAttachment, + ResourceTypeTransitGatewayMulticastDomain, + ResourceTypeTransitGatewayRouteTable, + ResourceTypeVolume, + ResourceTypeVpc, + ResourceTypeVpcPeeringConnection, + ResourceTypeVpnConnection, + ResourceTypeVpnGateway, + ResourceTypeVpcFlowLog, + } +} + const ( // RootDeviceTypeEbs is a RootDeviceType enum value RootDeviceTypeEbs = "ebs" @@ -109116,6 +120753,14 @@ const ( RootDeviceTypeInstanceStore = "instance-store" ) +// RootDeviceType_Values returns all elements of the RootDeviceType enum +func RootDeviceType_Values() []string { + return []string{ + RootDeviceTypeEbs, + RootDeviceTypeInstanceStore, + } +} + const ( // RouteOriginCreateRouteTable is a RouteOrigin enum value RouteOriginCreateRouteTable = "CreateRouteTable" @@ -109127,6 +120772,15 @@ const ( RouteOriginEnableVgwRoutePropagation = "EnableVgwRoutePropagation" ) +// RouteOrigin_Values returns all elements of the RouteOrigin enum +func RouteOrigin_Values() []string { + return []string{ + RouteOriginCreateRouteTable, + RouteOriginCreateRoute, + RouteOriginEnableVgwRoutePropagation, + } +} + const ( // RouteStateActive is a RouteState enum value RouteStateActive = "active" @@ -109135,6 +120789,14 @@ const ( RouteStateBlackhole = "blackhole" ) +// RouteState_Values returns all elements of the RouteState enum +func RouteState_Values() []string { + return []string{ + RouteStateActive, + RouteStateBlackhole, + } +} + const ( // RouteTableAssociationStateCodeAssociating is a RouteTableAssociationStateCode enum value RouteTableAssociationStateCodeAssociating = "associating" @@ -109152,6 +120814,17 @@ const ( RouteTableAssociationStateCodeFailed = "failed" ) +// RouteTableAssociationStateCode_Values returns all elements of the RouteTableAssociationStateCode enum +func RouteTableAssociationStateCode_Values() []string { + return []string{ + RouteTableAssociationStateCodeAssociating, + RouteTableAssociationStateCodeAssociated, + RouteTableAssociationStateCodeDisassociating, + RouteTableAssociationStateCodeDisassociated, + RouteTableAssociationStateCodeFailed, + } +} + const ( // RuleActionAllow is a RuleAction enum value RuleActionAllow = "allow" @@ -109160,6 +120833,14 @@ const ( RuleActionDeny = "deny" ) +// RuleAction_Values returns all elements of the RuleAction enum +func RuleAction_Values() []string { + return []string{ + RuleActionAllow, + RuleActionDeny, + } +} + const ( // ScopeAvailabilityZone is a Scope enum value ScopeAvailabilityZone = "Availability Zone" @@ -109168,6 +120849,30 @@ const ( ScopeRegion = "Region" ) +// Scope_Values returns all elements of the Scope enum +func Scope_Values() []string { + return []string{ + ScopeAvailabilityZone, + ScopeRegion, + } +} + +const ( + // SelfServicePortalEnabled is a SelfServicePortal enum value + SelfServicePortalEnabled = "enabled" + + // SelfServicePortalDisabled is a SelfServicePortal enum value + SelfServicePortalDisabled = "disabled" +) + +// SelfServicePortal_Values returns all elements of the SelfServicePortal enum +func SelfServicePortal_Values() []string { + return []string{ + SelfServicePortalEnabled, + SelfServicePortalDisabled, + } +} + const ( // ServiceStatePending is a ServiceState enum value ServiceStatePending = "Pending" @@ -109185,6 +120890,17 @@ const ( ServiceStateFailed = "Failed" ) +// ServiceState_Values returns all elements of the ServiceState enum +func ServiceState_Values() []string { + return []string{ + ServiceStatePending, + ServiceStateAvailable, + ServiceStateDeleting, + ServiceStateDeleted, + ServiceStateFailed, + } +} + const ( // ServiceTypeInterface is a ServiceType enum value ServiceTypeInterface = "Interface" @@ -109193,6 +120909,14 @@ const ( ServiceTypeGateway = "Gateway" ) +// ServiceType_Values returns all elements of the ServiceType enum +func ServiceType_Values() []string { + return []string{ + ServiceTypeInterface, + ServiceTypeGateway, + } +} + const ( // ShutdownBehaviorStop is a ShutdownBehavior enum value ShutdownBehaviorStop = "stop" @@ -109201,6 +120925,14 @@ const ( ShutdownBehaviorTerminate = "terminate" ) +// ShutdownBehavior_Values returns all elements of the ShutdownBehavior enum +func ShutdownBehavior_Values() []string { + return []string{ + ShutdownBehaviorStop, + ShutdownBehaviorTerminate, + } +} + const ( // SnapshotAttributeNameProductCodes is a SnapshotAttributeName enum value SnapshotAttributeNameProductCodes = "productCodes" @@ -109209,6 +120941,14 @@ const ( SnapshotAttributeNameCreateVolumePermission = "createVolumePermission" ) +// SnapshotAttributeName_Values returns all elements of the SnapshotAttributeName enum +func SnapshotAttributeName_Values() []string { + return []string{ + SnapshotAttributeNameProductCodes, + SnapshotAttributeNameCreateVolumePermission, + } +} + const ( // SnapshotStatePending is a SnapshotState enum value SnapshotStatePending = "pending" @@ -109220,6 +120960,15 @@ const ( SnapshotStateError = "error" ) +// SnapshotState_Values returns all elements of the SnapshotState enum +func SnapshotState_Values() []string { + return []string{ + SnapshotStatePending, + SnapshotStateCompleted, + SnapshotStateError, + } +} + const ( // SpotAllocationStrategyLowestPrice is a SpotAllocationStrategy enum value SpotAllocationStrategyLowestPrice = "lowest-price" @@ -109231,6 +120980,15 @@ const ( SpotAllocationStrategyCapacityOptimized = "capacity-optimized" ) +// SpotAllocationStrategy_Values returns all elements of the SpotAllocationStrategy enum +func SpotAllocationStrategy_Values() []string { + return []string{ + SpotAllocationStrategyLowestPrice, + SpotAllocationStrategyDiversified, + SpotAllocationStrategyCapacityOptimized, + } +} + const ( // SpotInstanceInterruptionBehaviorHibernate is a SpotInstanceInterruptionBehavior enum value SpotInstanceInterruptionBehaviorHibernate = "hibernate" @@ -109242,6 +121000,15 @@ const ( SpotInstanceInterruptionBehaviorTerminate = "terminate" ) +// SpotInstanceInterruptionBehavior_Values returns all elements of the SpotInstanceInterruptionBehavior enum +func SpotInstanceInterruptionBehavior_Values() []string { + return []string{ + SpotInstanceInterruptionBehaviorHibernate, + SpotInstanceInterruptionBehaviorStop, + SpotInstanceInterruptionBehaviorTerminate, + } +} + const ( // SpotInstanceStateOpen is a SpotInstanceState enum value SpotInstanceStateOpen = "open" @@ -109259,6 +121026,17 @@ const ( SpotInstanceStateFailed = "failed" ) +// SpotInstanceState_Values returns all elements of the SpotInstanceState enum +func SpotInstanceState_Values() []string { + return []string{ + SpotInstanceStateOpen, + SpotInstanceStateActive, + SpotInstanceStateClosed, + SpotInstanceStateCancelled, + SpotInstanceStateFailed, + } +} + const ( // SpotInstanceTypeOneTime is a SpotInstanceType enum value SpotInstanceTypeOneTime = "one-time" @@ -109267,6 +121045,14 @@ const ( SpotInstanceTypePersistent = "persistent" ) +// SpotInstanceType_Values returns all elements of the SpotInstanceType enum +func SpotInstanceType_Values() []string { + return []string{ + SpotInstanceTypeOneTime, + SpotInstanceTypePersistent, + } +} + const ( // StatePendingAcceptance is a State enum value StatePendingAcceptance = "PendingAcceptance" @@ -109293,6 +121079,20 @@ const ( StateExpired = "Expired" ) +// State_Values returns all elements of the State enum +func State_Values() []string { + return []string{ + StatePendingAcceptance, + StatePending, + StateAvailable, + StateDeleting, + StateDeleted, + StateRejected, + StateFailed, + StateExpired, + } +} + const ( // StatusMoveInProgress is a Status enum value StatusMoveInProgress = "MoveInProgress" @@ -109304,11 +121104,27 @@ const ( StatusInClassic = "InClassic" ) +// Status_Values returns all elements of the Status enum +func Status_Values() []string { + return []string{ + StatusMoveInProgress, + StatusInVpc, + StatusInClassic, + } +} + const ( // StatusNameReachability is a StatusName enum value StatusNameReachability = "reachability" ) +// StatusName_Values returns all elements of the StatusName enum +func StatusName_Values() []string { + return []string{ + StatusNameReachability, + } +} + const ( // StatusTypePassed is a StatusType enum value StatusTypePassed = "passed" @@ -109323,6 +121139,16 @@ const ( StatusTypeInitializing = "initializing" ) +// StatusType_Values returns all elements of the StatusType enum +func StatusType_Values() []string { + return []string{ + StatusTypePassed, + StatusTypeFailed, + StatusTypeInsufficientData, + StatusTypeInitializing, + } +} + const ( // SubnetCidrBlockStateCodeAssociating is a SubnetCidrBlockStateCode enum value SubnetCidrBlockStateCodeAssociating = "associating" @@ -109343,6 +121169,18 @@ const ( SubnetCidrBlockStateCodeFailed = "failed" ) +// SubnetCidrBlockStateCode_Values returns all elements of the SubnetCidrBlockStateCode enum +func SubnetCidrBlockStateCode_Values() []string { + return []string{ + SubnetCidrBlockStateCodeAssociating, + SubnetCidrBlockStateCodeAssociated, + SubnetCidrBlockStateCodeDisassociating, + SubnetCidrBlockStateCodeDisassociated, + SubnetCidrBlockStateCodeFailing, + SubnetCidrBlockStateCodeFailed, + } +} + const ( // SubnetStatePending is a SubnetState enum value SubnetStatePending = "pending" @@ -109351,6 +121189,14 @@ const ( SubnetStateAvailable = "available" ) +// SubnetState_Values returns all elements of the SubnetState enum +func SubnetState_Values() []string { + return []string{ + SubnetStatePending, + SubnetStateAvailable, + } +} + const ( // SummaryStatusOk is a SummaryStatus enum value SummaryStatusOk = "ok" @@ -109368,6 +121214,17 @@ const ( SummaryStatusInitializing = "initializing" ) +// SummaryStatus_Values returns all elements of the SummaryStatus enum +func SummaryStatus_Values() []string { + return []string{ + SummaryStatusOk, + SummaryStatusImpaired, + SummaryStatusInsufficientData, + SummaryStatusNotApplicable, + SummaryStatusInitializing, + } +} + const ( // TelemetryStatusUp is a TelemetryStatus enum value TelemetryStatusUp = "UP" @@ -109376,6 +121233,14 @@ const ( TelemetryStatusDown = "DOWN" ) +// TelemetryStatus_Values returns all elements of the TelemetryStatus enum +func TelemetryStatus_Values() []string { + return []string{ + TelemetryStatusUp, + TelemetryStatusDown, + } +} + const ( // TenancyDefault is a Tenancy enum value TenancyDefault = "default" @@ -109387,6 +121252,15 @@ const ( TenancyHost = "host" ) +// Tenancy_Values returns all elements of the Tenancy enum +func Tenancy_Values() []string { + return []string{ + TenancyDefault, + TenancyDedicated, + TenancyHost, + } +} + const ( // TrafficDirectionIngress is a TrafficDirection enum value TrafficDirectionIngress = "ingress" @@ -109395,6 +121269,14 @@ const ( TrafficDirectionEgress = "egress" ) +// TrafficDirection_Values returns all elements of the TrafficDirection enum +func TrafficDirection_Values() []string { + return []string{ + TrafficDirectionIngress, + TrafficDirectionEgress, + } +} + const ( // TrafficMirrorFilterRuleFieldDestinationPortRange is a TrafficMirrorFilterRuleField enum value TrafficMirrorFilterRuleFieldDestinationPortRange = "destination-port-range" @@ -109409,11 +121291,28 @@ const ( TrafficMirrorFilterRuleFieldDescription = "description" ) +// TrafficMirrorFilterRuleField_Values returns all elements of the TrafficMirrorFilterRuleField enum +func TrafficMirrorFilterRuleField_Values() []string { + return []string{ + TrafficMirrorFilterRuleFieldDestinationPortRange, + TrafficMirrorFilterRuleFieldSourcePortRange, + TrafficMirrorFilterRuleFieldProtocol, + TrafficMirrorFilterRuleFieldDescription, + } +} + const ( // TrafficMirrorNetworkServiceAmazonDns is a TrafficMirrorNetworkService enum value TrafficMirrorNetworkServiceAmazonDns = "amazon-dns" ) +// TrafficMirrorNetworkService_Values returns all elements of the TrafficMirrorNetworkService enum +func TrafficMirrorNetworkService_Values() []string { + return []string{ + TrafficMirrorNetworkServiceAmazonDns, + } +} + const ( // TrafficMirrorRuleActionAccept is a TrafficMirrorRuleAction enum value TrafficMirrorRuleActionAccept = "accept" @@ -109422,6 +121321,14 @@ const ( TrafficMirrorRuleActionReject = "reject" ) +// TrafficMirrorRuleAction_Values returns all elements of the TrafficMirrorRuleAction enum +func TrafficMirrorRuleAction_Values() []string { + return []string{ + TrafficMirrorRuleActionAccept, + TrafficMirrorRuleActionReject, + } +} + const ( // TrafficMirrorSessionFieldPacketLength is a TrafficMirrorSessionField enum value TrafficMirrorSessionFieldPacketLength = "packet-length" @@ -109433,6 +121340,15 @@ const ( TrafficMirrorSessionFieldVirtualNetworkId = "virtual-network-id" ) +// TrafficMirrorSessionField_Values returns all elements of the TrafficMirrorSessionField enum +func TrafficMirrorSessionField_Values() []string { + return []string{ + TrafficMirrorSessionFieldPacketLength, + TrafficMirrorSessionFieldDescription, + TrafficMirrorSessionFieldVirtualNetworkId, + } +} + const ( // TrafficMirrorTargetTypeNetworkInterface is a TrafficMirrorTargetType enum value TrafficMirrorTargetTypeNetworkInterface = "network-interface" @@ -109441,6 +121357,14 @@ const ( TrafficMirrorTargetTypeNetworkLoadBalancer = "network-load-balancer" ) +// TrafficMirrorTargetType_Values returns all elements of the TrafficMirrorTargetType enum +func TrafficMirrorTargetType_Values() []string { + return []string{ + TrafficMirrorTargetTypeNetworkInterface, + TrafficMirrorTargetTypeNetworkLoadBalancer, + } +} + const ( // TrafficTypeAccept is a TrafficType enum value TrafficTypeAccept = "ACCEPT" @@ -109452,6 +121376,15 @@ const ( TrafficTypeAll = "ALL" ) +// TrafficType_Values returns all elements of the TrafficType enum +func TrafficType_Values() []string { + return []string{ + TrafficTypeAccept, + TrafficTypeReject, + TrafficTypeAll, + } +} + const ( // TransitGatewayAssociationStateAssociating is a TransitGatewayAssociationState enum value TransitGatewayAssociationStateAssociating = "associating" @@ -109466,6 +121399,16 @@ const ( TransitGatewayAssociationStateDisassociated = "disassociated" ) +// TransitGatewayAssociationState_Values returns all elements of the TransitGatewayAssociationState enum +func TransitGatewayAssociationState_Values() []string { + return []string{ + TransitGatewayAssociationStateAssociating, + TransitGatewayAssociationStateAssociated, + TransitGatewayAssociationStateDisassociating, + TransitGatewayAssociationStateDisassociated, + } +} + const ( // TransitGatewayAttachmentResourceTypeVpc is a TransitGatewayAttachmentResourceType enum value TransitGatewayAttachmentResourceTypeVpc = "vpc" @@ -109476,14 +121419,31 @@ const ( // TransitGatewayAttachmentResourceTypeDirectConnectGateway is a TransitGatewayAttachmentResourceType enum value TransitGatewayAttachmentResourceTypeDirectConnectGateway = "direct-connect-gateway" + // TransitGatewayAttachmentResourceTypePeering is a TransitGatewayAttachmentResourceType enum value + TransitGatewayAttachmentResourceTypePeering = "peering" + // TransitGatewayAttachmentResourceTypeTgwPeering is a TransitGatewayAttachmentResourceType enum value TransitGatewayAttachmentResourceTypeTgwPeering = "tgw-peering" ) +// TransitGatewayAttachmentResourceType_Values returns all elements of the TransitGatewayAttachmentResourceType enum +func TransitGatewayAttachmentResourceType_Values() []string { + return []string{ + TransitGatewayAttachmentResourceTypeVpc, + TransitGatewayAttachmentResourceTypeVpn, + TransitGatewayAttachmentResourceTypeDirectConnectGateway, + TransitGatewayAttachmentResourceTypePeering, + TransitGatewayAttachmentResourceTypeTgwPeering, + } +} + const ( // TransitGatewayAttachmentStateInitiating is a TransitGatewayAttachmentState enum value TransitGatewayAttachmentStateInitiating = "initiating" + // TransitGatewayAttachmentStateInitiatingRequest is a TransitGatewayAttachmentState enum value + TransitGatewayAttachmentStateInitiatingRequest = "initiatingRequest" + // TransitGatewayAttachmentStatePendingAcceptance is a TransitGatewayAttachmentState enum value TransitGatewayAttachmentStatePendingAcceptance = "pendingAcceptance" @@ -109518,6 +121478,25 @@ const ( TransitGatewayAttachmentStateFailing = "failing" ) +// TransitGatewayAttachmentState_Values returns all elements of the TransitGatewayAttachmentState enum +func TransitGatewayAttachmentState_Values() []string { + return []string{ + TransitGatewayAttachmentStateInitiating, + TransitGatewayAttachmentStateInitiatingRequest, + TransitGatewayAttachmentStatePendingAcceptance, + TransitGatewayAttachmentStateRollingBack, + TransitGatewayAttachmentStatePending, + TransitGatewayAttachmentStateAvailable, + TransitGatewayAttachmentStateModifying, + TransitGatewayAttachmentStateDeleting, + TransitGatewayAttachmentStateDeleted, + TransitGatewayAttachmentStateFailed, + TransitGatewayAttachmentStateRejected, + TransitGatewayAttachmentStateRejecting, + TransitGatewayAttachmentStateFailing, + } +} + const ( // TransitGatewayMulitcastDomainAssociationStateAssociating is a TransitGatewayMulitcastDomainAssociationState enum value TransitGatewayMulitcastDomainAssociationStateAssociating = "associating" @@ -109532,6 +121511,16 @@ const ( TransitGatewayMulitcastDomainAssociationStateDisassociated = "disassociated" ) +// TransitGatewayMulitcastDomainAssociationState_Values returns all elements of the TransitGatewayMulitcastDomainAssociationState enum +func TransitGatewayMulitcastDomainAssociationState_Values() []string { + return []string{ + TransitGatewayMulitcastDomainAssociationStateAssociating, + TransitGatewayMulitcastDomainAssociationStateAssociated, + TransitGatewayMulitcastDomainAssociationStateDisassociating, + TransitGatewayMulitcastDomainAssociationStateDisassociated, + } +} + const ( // TransitGatewayMulticastDomainStatePending is a TransitGatewayMulticastDomainState enum value TransitGatewayMulticastDomainStatePending = "pending" @@ -109546,6 +121535,40 @@ const ( TransitGatewayMulticastDomainStateDeleted = "deleted" ) +// TransitGatewayMulticastDomainState_Values returns all elements of the TransitGatewayMulticastDomainState enum +func TransitGatewayMulticastDomainState_Values() []string { + return []string{ + TransitGatewayMulticastDomainStatePending, + TransitGatewayMulticastDomainStateAvailable, + TransitGatewayMulticastDomainStateDeleting, + TransitGatewayMulticastDomainStateDeleted, + } +} + +const ( + // TransitGatewayPrefixListReferenceStatePending is a TransitGatewayPrefixListReferenceState enum value + TransitGatewayPrefixListReferenceStatePending = "pending" + + // TransitGatewayPrefixListReferenceStateAvailable is a TransitGatewayPrefixListReferenceState enum value + TransitGatewayPrefixListReferenceStateAvailable = "available" + + // TransitGatewayPrefixListReferenceStateModifying is a TransitGatewayPrefixListReferenceState enum value + TransitGatewayPrefixListReferenceStateModifying = "modifying" + + // TransitGatewayPrefixListReferenceStateDeleting is a TransitGatewayPrefixListReferenceState enum value + TransitGatewayPrefixListReferenceStateDeleting = "deleting" +) + +// TransitGatewayPrefixListReferenceState_Values returns all elements of the TransitGatewayPrefixListReferenceState enum +func TransitGatewayPrefixListReferenceState_Values() []string { + return []string{ + TransitGatewayPrefixListReferenceStatePending, + TransitGatewayPrefixListReferenceStateAvailable, + TransitGatewayPrefixListReferenceStateModifying, + TransitGatewayPrefixListReferenceStateDeleting, + } +} + const ( // TransitGatewayPropagationStateEnabling is a TransitGatewayPropagationState enum value TransitGatewayPropagationStateEnabling = "enabling" @@ -109560,6 +121583,16 @@ const ( TransitGatewayPropagationStateDisabled = "disabled" ) +// TransitGatewayPropagationState_Values returns all elements of the TransitGatewayPropagationState enum +func TransitGatewayPropagationState_Values() []string { + return []string{ + TransitGatewayPropagationStateEnabling, + TransitGatewayPropagationStateEnabled, + TransitGatewayPropagationStateDisabling, + TransitGatewayPropagationStateDisabled, + } +} + const ( // TransitGatewayRouteStatePending is a TransitGatewayRouteState enum value TransitGatewayRouteStatePending = "pending" @@ -109577,6 +121610,17 @@ const ( TransitGatewayRouteStateDeleted = "deleted" ) +// TransitGatewayRouteState_Values returns all elements of the TransitGatewayRouteState enum +func TransitGatewayRouteState_Values() []string { + return []string{ + TransitGatewayRouteStatePending, + TransitGatewayRouteStateActive, + TransitGatewayRouteStateBlackhole, + TransitGatewayRouteStateDeleting, + TransitGatewayRouteStateDeleted, + } +} + const ( // TransitGatewayRouteTableStatePending is a TransitGatewayRouteTableState enum value TransitGatewayRouteTableStatePending = "pending" @@ -109591,6 +121635,16 @@ const ( TransitGatewayRouteTableStateDeleted = "deleted" ) +// TransitGatewayRouteTableState_Values returns all elements of the TransitGatewayRouteTableState enum +func TransitGatewayRouteTableState_Values() []string { + return []string{ + TransitGatewayRouteTableStatePending, + TransitGatewayRouteTableStateAvailable, + TransitGatewayRouteTableStateDeleting, + TransitGatewayRouteTableStateDeleted, + } +} + const ( // TransitGatewayRouteTypeStatic is a TransitGatewayRouteType enum value TransitGatewayRouteTypeStatic = "static" @@ -109599,6 +121653,14 @@ const ( TransitGatewayRouteTypePropagated = "propagated" ) +// TransitGatewayRouteType_Values returns all elements of the TransitGatewayRouteType enum +func TransitGatewayRouteType_Values() []string { + return []string{ + TransitGatewayRouteTypeStatic, + TransitGatewayRouteTypePropagated, + } +} + const ( // TransitGatewayStatePending is a TransitGatewayState enum value TransitGatewayStatePending = "pending" @@ -109616,6 +121678,17 @@ const ( TransitGatewayStateDeleted = "deleted" ) +// TransitGatewayState_Values returns all elements of the TransitGatewayState enum +func TransitGatewayState_Values() []string { + return []string{ + TransitGatewayStatePending, + TransitGatewayStateAvailable, + TransitGatewayStateModifying, + TransitGatewayStateDeleting, + TransitGatewayStateDeleted, + } +} + const ( // TransportProtocolTcp is a TransportProtocol enum value TransportProtocolTcp = "tcp" @@ -109624,6 +121697,30 @@ const ( TransportProtocolUdp = "udp" ) +// TransportProtocol_Values returns all elements of the TransportProtocol enum +func TransportProtocol_Values() []string { + return []string{ + TransportProtocolTcp, + TransportProtocolUdp, + } +} + +const ( + // TunnelInsideIpVersionIpv4 is a TunnelInsideIpVersion enum value + TunnelInsideIpVersionIpv4 = "ipv4" + + // TunnelInsideIpVersionIpv6 is a TunnelInsideIpVersion enum value + TunnelInsideIpVersionIpv6 = "ipv6" +) + +// TunnelInsideIpVersion_Values returns all elements of the TunnelInsideIpVersion enum +func TunnelInsideIpVersion_Values() []string { + return []string{ + TunnelInsideIpVersionIpv4, + TunnelInsideIpVersionIpv6, + } +} + const ( // UnlimitedSupportedInstanceFamilyT2 is a UnlimitedSupportedInstanceFamily enum value UnlimitedSupportedInstanceFamilyT2 = "t2" @@ -109633,8 +121730,21 @@ const ( // UnlimitedSupportedInstanceFamilyT3a is a UnlimitedSupportedInstanceFamily enum value UnlimitedSupportedInstanceFamilyT3a = "t3a" + + // UnlimitedSupportedInstanceFamilyT4g is a UnlimitedSupportedInstanceFamily enum value + UnlimitedSupportedInstanceFamilyT4g = "t4g" ) +// UnlimitedSupportedInstanceFamily_Values returns all elements of the UnlimitedSupportedInstanceFamily enum +func UnlimitedSupportedInstanceFamily_Values() []string { + return []string{ + UnlimitedSupportedInstanceFamilyT2, + UnlimitedSupportedInstanceFamilyT3, + UnlimitedSupportedInstanceFamilyT3a, + UnlimitedSupportedInstanceFamilyT4g, + } +} + const ( // UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdMalformed is a UnsuccessfulInstanceCreditSpecificationErrorCode enum value UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdMalformed = "InvalidInstanceID.Malformed" @@ -109649,6 +121759,16 @@ const ( UnsuccessfulInstanceCreditSpecificationErrorCodeInstanceCreditSpecificationNotSupported = "InstanceCreditSpecification.NotSupported" ) +// UnsuccessfulInstanceCreditSpecificationErrorCode_Values returns all elements of the UnsuccessfulInstanceCreditSpecificationErrorCode enum +func UnsuccessfulInstanceCreditSpecificationErrorCode_Values() []string { + return []string{ + UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdMalformed, + UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdNotFound, + UnsuccessfulInstanceCreditSpecificationErrorCodeIncorrectInstanceState, + UnsuccessfulInstanceCreditSpecificationErrorCodeInstanceCreditSpecificationNotSupported, + } +} + const ( // UsageClassTypeSpot is a UsageClassType enum value UsageClassTypeSpot = "spot" @@ -109657,6 +121777,14 @@ const ( UsageClassTypeOnDemand = "on-demand" ) +// UsageClassType_Values returns all elements of the UsageClassType enum +func UsageClassType_Values() []string { + return []string{ + UsageClassTypeSpot, + UsageClassTypeOnDemand, + } +} + const ( // VirtualizationTypeHvm is a VirtualizationType enum value VirtualizationTypeHvm = "hvm" @@ -109665,6 +121793,14 @@ const ( VirtualizationTypeParavirtual = "paravirtual" ) +// VirtualizationType_Values returns all elements of the VirtualizationType enum +func VirtualizationType_Values() []string { + return []string{ + VirtualizationTypeHvm, + VirtualizationTypeParavirtual, + } +} + const ( // VolumeAttachmentStateAttaching is a VolumeAttachmentState enum value VolumeAttachmentStateAttaching = "attaching" @@ -109682,6 +121818,17 @@ const ( VolumeAttachmentStateBusy = "busy" ) +// VolumeAttachmentState_Values returns all elements of the VolumeAttachmentState enum +func VolumeAttachmentState_Values() []string { + return []string{ + VolumeAttachmentStateAttaching, + VolumeAttachmentStateAttached, + VolumeAttachmentStateDetaching, + VolumeAttachmentStateDetached, + VolumeAttachmentStateBusy, + } +} + const ( // VolumeAttributeNameAutoEnableIo is a VolumeAttributeName enum value VolumeAttributeNameAutoEnableIo = "autoEnableIO" @@ -109690,6 +121837,14 @@ const ( VolumeAttributeNameProductCodes = "productCodes" ) +// VolumeAttributeName_Values returns all elements of the VolumeAttributeName enum +func VolumeAttributeName_Values() []string { + return []string{ + VolumeAttributeNameAutoEnableIo, + VolumeAttributeNameProductCodes, + } +} + const ( // VolumeModificationStateModifying is a VolumeModificationState enum value VolumeModificationStateModifying = "modifying" @@ -109704,6 +121859,16 @@ const ( VolumeModificationStateFailed = "failed" ) +// VolumeModificationState_Values returns all elements of the VolumeModificationState enum +func VolumeModificationState_Values() []string { + return []string{ + VolumeModificationStateModifying, + VolumeModificationStateOptimizing, + VolumeModificationStateCompleted, + VolumeModificationStateFailed, + } +} + const ( // VolumeStateCreating is a VolumeState enum value VolumeStateCreating = "creating" @@ -109724,6 +121889,18 @@ const ( VolumeStateError = "error" ) +// VolumeState_Values returns all elements of the VolumeState enum +func VolumeState_Values() []string { + return []string{ + VolumeStateCreating, + VolumeStateAvailable, + VolumeStateInUse, + VolumeStateDeleting, + VolumeStateDeleted, + VolumeStateError, + } +} + const ( // VolumeStatusInfoStatusOk is a VolumeStatusInfoStatus enum value VolumeStatusInfoStatusOk = "ok" @@ -109735,6 +121912,15 @@ const ( VolumeStatusInfoStatusInsufficientData = "insufficient-data" ) +// VolumeStatusInfoStatus_Values returns all elements of the VolumeStatusInfoStatus enum +func VolumeStatusInfoStatus_Values() []string { + return []string{ + VolumeStatusInfoStatusOk, + VolumeStatusInfoStatusImpaired, + VolumeStatusInfoStatusInsufficientData, + } +} + const ( // VolumeStatusNameIoEnabled is a VolumeStatusName enum value VolumeStatusNameIoEnabled = "io-enabled" @@ -109743,6 +121929,14 @@ const ( VolumeStatusNameIoPerformance = "io-performance" ) +// VolumeStatusName_Values returns all elements of the VolumeStatusName enum +func VolumeStatusName_Values() []string { + return []string{ + VolumeStatusNameIoEnabled, + VolumeStatusNameIoPerformance, + } +} + const ( // VolumeTypeStandard is a VolumeType enum value VolumeTypeStandard = "standard" @@ -109750,6 +121944,9 @@ const ( // VolumeTypeIo1 is a VolumeType enum value VolumeTypeIo1 = "io1" + // VolumeTypeIo2 is a VolumeType enum value + VolumeTypeIo2 = "io2" + // VolumeTypeGp2 is a VolumeType enum value VolumeTypeGp2 = "gp2" @@ -109760,6 +121957,18 @@ const ( VolumeTypeSt1 = "st1" ) +// VolumeType_Values returns all elements of the VolumeType enum +func VolumeType_Values() []string { + return []string{ + VolumeTypeStandard, + VolumeTypeIo1, + VolumeTypeIo2, + VolumeTypeGp2, + VolumeTypeSc1, + VolumeTypeSt1, + } +} + const ( // VpcAttributeNameEnableDnsSupport is a VpcAttributeName enum value VpcAttributeNameEnableDnsSupport = "enableDnsSupport" @@ -109768,6 +121977,14 @@ const ( VpcAttributeNameEnableDnsHostnames = "enableDnsHostnames" ) +// VpcAttributeName_Values returns all elements of the VpcAttributeName enum +func VpcAttributeName_Values() []string { + return []string{ + VpcAttributeNameEnableDnsSupport, + VpcAttributeNameEnableDnsHostnames, + } +} + const ( // VpcCidrBlockStateCodeAssociating is a VpcCidrBlockStateCode enum value VpcCidrBlockStateCodeAssociating = "associating" @@ -109788,6 +122005,18 @@ const ( VpcCidrBlockStateCodeFailed = "failed" ) +// VpcCidrBlockStateCode_Values returns all elements of the VpcCidrBlockStateCode enum +func VpcCidrBlockStateCode_Values() []string { + return []string{ + VpcCidrBlockStateCodeAssociating, + VpcCidrBlockStateCodeAssociated, + VpcCidrBlockStateCodeDisassociating, + VpcCidrBlockStateCodeDisassociated, + VpcCidrBlockStateCodeFailing, + VpcCidrBlockStateCodeFailed, + } +} + const ( // VpcEndpointTypeInterface is a VpcEndpointType enum value VpcEndpointTypeInterface = "Interface" @@ -109796,6 +122025,14 @@ const ( VpcEndpointTypeGateway = "Gateway" ) +// VpcEndpointType_Values returns all elements of the VpcEndpointType enum +func VpcEndpointType_Values() []string { + return []string{ + VpcEndpointTypeInterface, + VpcEndpointTypeGateway, + } +} + const ( // VpcPeeringConnectionStateReasonCodeInitiatingRequest is a VpcPeeringConnectionStateReasonCode enum value VpcPeeringConnectionStateReasonCodeInitiatingRequest = "initiating-request" @@ -109825,6 +122062,21 @@ const ( VpcPeeringConnectionStateReasonCodeDeleting = "deleting" ) +// VpcPeeringConnectionStateReasonCode_Values returns all elements of the VpcPeeringConnectionStateReasonCode enum +func VpcPeeringConnectionStateReasonCode_Values() []string { + return []string{ + VpcPeeringConnectionStateReasonCodeInitiatingRequest, + VpcPeeringConnectionStateReasonCodePendingAcceptance, + VpcPeeringConnectionStateReasonCodeActive, + VpcPeeringConnectionStateReasonCodeDeleted, + VpcPeeringConnectionStateReasonCodeRejected, + VpcPeeringConnectionStateReasonCodeFailed, + VpcPeeringConnectionStateReasonCodeExpired, + VpcPeeringConnectionStateReasonCodeProvisioning, + VpcPeeringConnectionStateReasonCodeDeleting, + } +} + const ( // VpcStatePending is a VpcState enum value VpcStatePending = "pending" @@ -109833,11 +122085,26 @@ const ( VpcStateAvailable = "available" ) +// VpcState_Values returns all elements of the VpcState enum +func VpcState_Values() []string { + return []string{ + VpcStatePending, + VpcStateAvailable, + } +} + const ( // VpcTenancyDefault is a VpcTenancy enum value VpcTenancyDefault = "default" ) +// VpcTenancy_Values returns all elements of the VpcTenancy enum +func VpcTenancy_Values() []string { + return []string{ + VpcTenancyDefault, + } +} + const ( // VpnEcmpSupportValueEnable is a VpnEcmpSupportValue enum value VpnEcmpSupportValueEnable = "enable" @@ -109846,11 +122113,26 @@ const ( VpnEcmpSupportValueDisable = "disable" ) +// VpnEcmpSupportValue_Values returns all elements of the VpnEcmpSupportValue enum +func VpnEcmpSupportValue_Values() []string { + return []string{ + VpnEcmpSupportValueEnable, + VpnEcmpSupportValueDisable, + } +} + const ( // VpnProtocolOpenvpn is a VpnProtocol enum value VpnProtocolOpenvpn = "openvpn" ) +// VpnProtocol_Values returns all elements of the VpnProtocol enum +func VpnProtocol_Values() []string { + return []string{ + VpnProtocolOpenvpn, + } +} + const ( // VpnStatePending is a VpnState enum value VpnStatePending = "pending" @@ -109865,7 +122147,24 @@ const ( VpnStateDeleted = "deleted" ) +// VpnState_Values returns all elements of the VpnState enum +func VpnState_Values() []string { + return []string{ + VpnStatePending, + VpnStateAvailable, + VpnStateDeleting, + VpnStateDeleted, + } +} + const ( // VpnStaticRouteSourceStatic is a VpnStaticRouteSource enum value VpnStaticRouteSourceStatic = "Static" ) + +// VpnStaticRouteSource_Values returns all elements of the VpnStaticRouteSource enum +func VpnStaticRouteSource_Values() []string { + return []string{ + VpnStaticRouteSourceStatic, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go index efec8d8a94e4..3ad30591894c 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go @@ -26,8 +26,12 @@ func init() { // only set the retryer on request if config doesn't have a retryer if r.Config.Retryer == nil && (r.Operation.Name == opModifyNetworkInterfaceAttribute || r.Operation.Name == opAssignPrivateIpAddresses) { + maxRetries := client.DefaultRetryerMaxNumRetries + if m := r.Config.MaxRetries; m != nil && *m != aws.UseServiceDefaultRetries { + maxRetries = *m + } r.Retryer = client.DefaultRetryer{ - NumMaxRetries: client.DefaultRetryerMaxNumRetries, + NumMaxRetries: maxRetries, MinRetryDelay: customRetryerMinRetryDelay, MinThrottleDelay: customRetryerMinRetryDelay, MaxRetryDelay: customRetryerMaxRetryDelay, diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go b/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go index 5fcf63e6bb3a..462b049cc3c5 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go @@ -57,12 +57,15 @@ func (c *ECR) BatchCheckLayerAvailabilityRequest(input *BatchCheckLayerAvailabil // BatchCheckLayerAvailability API operation for Amazon EC2 Container Registry. // -// Check the availability of multiple image layers in a specified registry and -// repository. +// Checks the availability of one or more image layers in a repository. +// +// When an image is pushed to a repository, each image layer is checked to verify +// if it has been uploaded before. If it has been uploaded, then the image layer +// is skipped. // -// This operation is used by the Amazon ECR proxy, and it is not intended for -// general use by customers for pulling and pushing images. In most cases, you -// should use the docker CLI to pull, tag, and push images. +// This operation is used by the Amazon ECR proxy and is not generally used +// by customers for pulling and pushing images. In most cases, you should use +// the docker CLI to pull, tag, and push images. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -149,8 +152,8 @@ func (c *ECR) BatchDeleteImageRequest(input *BatchDeleteImageInput) (req *reques // BatchDeleteImage API operation for Amazon EC2 Container Registry. // -// Deletes a list of specified images within a specified repository. Images -// are specified with either imageTag or imageDigest. +// Deletes a list of specified images within a repository. Images are specified +// with either an imageTag or imageDigest. // // You can remove a tag from an image by specifying the image's tag in your // request. When you remove the last tag from an image, the image is deleted @@ -244,8 +247,11 @@ func (c *ECR) BatchGetImageRequest(input *BatchGetImageInput) (req *request.Requ // BatchGetImage API operation for Amazon EC2 Container Registry. // -// Gets detailed information for specified images within a specified repository. -// Images are specified with either imageTag or imageDigest. +// Gets detailed information for an image. Images are specified with either +// an imageTag or imageDigest. +// +// When an image is pulled, the BatchGetImage API is called once to retrieve +// the image manifest. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -336,9 +342,12 @@ func (c *ECR) CompleteLayerUploadRequest(input *CompleteLayerUploadInput) (req * // registry, repository name, and upload ID. You can optionally provide a sha256 // digest of the image layer for data validation purposes. // -// This operation is used by the Amazon ECR proxy, and it is not intended for -// general use by customers for pulling and pushing images. In most cases, you -// should use the docker CLI to pull, tag, and push images. +// When an image is pushed, the CompleteLayerUpload API is called once per each +// new image layer to verify that the upload has completed. +// +// This operation is used by the Amazon ECR proxy and is not generally used +// by customers for pulling and pushing images. In most cases, you should use +// the docker CLI to pull, tag, and push images. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -360,7 +369,7 @@ func (c *ECR) CompleteLayerUploadRequest(input *CompleteLayerUploadInput) (req * // repository and ensure that you are performing operations on the correct registry. // // * UploadNotFoundException -// The upload could not be found, or the specified upload id is not valid for +// The upload could not be found, or the specified upload ID is not valid for // this repository. // // * InvalidLayerException @@ -376,6 +385,9 @@ func (c *ECR) CompleteLayerUploadRequest(input *CompleteLayerUploadInput) (req * // * EmptyUploadException // The specified layer upload does not contain any layer parts. // +// * KmsException +// The operation failed due to a KMS exception. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CompleteLayerUpload func (c *ECR) CompleteLayerUpload(input *CompleteLayerUploadInput) (*CompleteLayerUploadOutput, error) { req, out := c.CompleteLayerUploadRequest(input) @@ -442,9 +454,7 @@ func (c *ECR) CreateRepositoryRequest(input *CreateRepositoryInput) (req *reques // CreateRepository API operation for Amazon EC2 Container Registry. // -// Creates an Amazon Elastic Container Registry (Amazon ECR) repository, where -// users can push and pull Docker images. For more information, see Amazon ECR -// Repositories (https://docs.aws.amazon.com/AmazonECR/latest/userguide/Repositories.html) +// Creates a repository. For more information, see Amazon ECR Repositories (https://docs.aws.amazon.com/AmazonECR/latest/userguide/Repositories.html) // in the Amazon Elastic Container Registry User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -476,10 +486,12 @@ func (c *ECR) CreateRepositoryRequest(input *CreateRepositoryInput) (req *reques // // * LimitExceededException // The operation did not succeed because it would have exceeded a service limit -// for your account. For more information, see Amazon ECR Default Service Limits -// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. // +// * KmsException +// The operation failed due to a KMS exception. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreateRepository func (c *ECR) CreateRepository(input *CreateRepositoryInput) (*CreateRepositoryOutput, error) { req, out := c.CreateRepositoryRequest(input) @@ -546,7 +558,7 @@ func (c *ECR) DeleteLifecyclePolicyRequest(input *DeleteLifecyclePolicyInput) (r // DeleteLifecyclePolicy API operation for Amazon EC2 Container Registry. // -// Deletes the specified lifecycle policy. +// Deletes the lifecycle policy associated with the specified repository. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -636,8 +648,9 @@ func (c *ECR) DeleteRepositoryRequest(input *DeleteRepositoryInput) (req *reques // DeleteRepository API operation for Amazon EC2 Container Registry. // -// Deletes an existing image repository. If a repository contains images, you -// must use the force option to delete it. +// Deletes a repository. If the repository contains images, you must either +// delete all images in the repository or use the force option to delete the +// repository. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -662,6 +675,9 @@ func (c *ECR) DeleteRepositoryRequest(input *DeleteRepositoryInput) (req *reques // The specified repository contains images. To delete a repository that contains // images, you must force the deletion with the force parameter. // +// * KmsException +// The operation failed due to a KMS exception. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeleteRepository func (c *ECR) DeleteRepository(input *DeleteRepositoryInput) (*DeleteRepositoryOutput, error) { req, out := c.DeleteRepositoryRequest(input) @@ -728,7 +744,7 @@ func (c *ECR) DeleteRepositoryPolicyRequest(input *DeleteRepositoryPolicyInput) // DeleteRepositoryPolicy API operation for Amazon EC2 Container Registry. // -// Deletes the repository policy from a specified repository. +// Deletes the repository policy associated with the specified repository. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -825,7 +841,7 @@ func (c *ECR) DescribeImageScanFindingsRequest(input *DescribeImageScanFindingsI // DescribeImageScanFindings API operation for Amazon EC2 Container Registry. // -// Describes the image scan findings for the specified image. +// Returns the scan findings for the specified image. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -977,8 +993,7 @@ func (c *ECR) DescribeImagesRequest(input *DescribeImagesInput) (req *request.Re // DescribeImages API operation for Amazon EC2 Container Registry. // -// Returns metadata about the images in a repository, including image size, -// image tags, and creation date. +// Returns metadata about the images in a repository. // // Beginning with Docker version 1.9, the Docker client compresses image layers // before pushing them to a V2 Docker registry. The output of the docker images @@ -1270,14 +1285,16 @@ func (c *ECR) GetAuthorizationTokenRequest(input *GetAuthorizationTokenInput) (r // GetAuthorizationToken API operation for Amazon EC2 Container Registry. // -// Retrieves a token that is valid for a specified registry for 12 hours. This -// command allows you to use the docker CLI to push and pull images with Amazon -// ECR. If you do not specify a registry, the default registry is assumed. +// Retrieves an authorization token. An authorization token represents your +// IAM authentication credentials and can be used to access any Amazon ECR registry +// that your IAM principal has access to. The authorization token is valid for +// 12 hours. // -// The authorizationToken returned for each registry specified is a base64 encoded -// string that can be decoded and used in a docker login command to authenticate -// to a registry. The AWS CLI offers an aws ecr get-login command that simplifies -// the login process. +// The authorizationToken returned is a base64 encoded string that can be decoded +// and used in a docker login command to authenticate to a registry. The AWS +// CLI offers an get-login-password command that simplifies the login process. +// For more information, see Registry Authentication (https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html#registry_auth) +// in the Amazon Elastic Container Registry User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1363,9 +1380,12 @@ func (c *ECR) GetDownloadUrlForLayerRequest(input *GetDownloadUrlForLayerInput) // Retrieves the pre-signed Amazon S3 download URL corresponding to an image // layer. You can only get URLs for image layers that are referenced in an image. // -// This operation is used by the Amazon ECR proxy, and it is not intended for -// general use by customers for pulling and pushing images. In most cases, you -// should use the docker CLI to pull, tag, and push images. +// When an image is pulled, the GetDownloadUrlForLayer API is called once per +// image layer that is not already cached. +// +// This operation is used by the Amazon ECR proxy and is not generally used +// by customers for pulling and pushing images. In most cases, you should use +// the docker CLI to pull, tag, and push images. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1460,7 +1480,7 @@ func (c *ECR) GetLifecyclePolicyRequest(input *GetLifecyclePolicyInput) (req *re // GetLifecyclePolicy API operation for Amazon EC2 Container Registry. // -// Retrieves the specified lifecycle policy. +// Retrieves the lifecycle policy for the specified repository. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1556,7 +1576,8 @@ func (c *ECR) GetLifecyclePolicyPreviewRequest(input *GetLifecyclePolicyPreviewI // GetLifecyclePolicyPreview API operation for Amazon EC2 Container Registry. // -// Retrieves the results of the specified lifecycle policy preview request. +// Retrieves the results of the lifecycle policy preview request for the specified +// repository. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1698,7 +1719,7 @@ func (c *ECR) GetRepositoryPolicyRequest(input *GetRepositoryPolicyInput) (req * // GetRepositoryPolicy API operation for Amazon EC2 Container Registry. // -// Retrieves the repository policy for a specified repository. +// Retrieves the repository policy for the specified repository. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1789,11 +1810,15 @@ func (c *ECR) InitiateLayerUploadRequest(input *InitiateLayerUploadInput) (req * // InitiateLayerUpload API operation for Amazon EC2 Container Registry. // -// Notify Amazon ECR that you intend to upload an image layer. +// Notifies Amazon ECR that you intend to upload an image layer. +// +// When an image is pushed, the InitiateLayerUpload API is called once per image +// layer that has not already been uploaded. Whether or not an image layer has +// been uploaded is determined by the BatchCheckLayerAvailability API action. // -// This operation is used by the Amazon ECR proxy, and it is not intended for -// general use by customers for pulling and pushing images. In most cases, you -// should use the docker CLI to pull, tag, and push images. +// This operation is used by the Amazon ECR proxy and is not generally used +// by customers for pulling and pushing images. In most cases, you should use +// the docker CLI to pull, tag, and push images. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1814,6 +1839,9 @@ func (c *ECR) InitiateLayerUploadRequest(input *InitiateLayerUploadInput) (req * // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // +// * KmsException +// The operation failed due to a KMS exception. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/InitiateLayerUpload func (c *ECR) InitiateLayerUpload(input *InitiateLayerUploadInput) (*InitiateLayerUploadOutput, error) { req, out := c.InitiateLayerUploadRequest(input) @@ -1886,13 +1914,14 @@ func (c *ECR) ListImagesRequest(input *ListImagesInput) (req *request.Request, o // ListImages API operation for Amazon EC2 Container Registry. // -// Lists all the image IDs for a given repository. +// Lists all the image IDs for the specified repository. // -// You can filter images based on whether or not they are tagged by setting -// the tagStatus parameter to TAGGED or UNTAGGED. For example, you can filter -// your results to return only UNTAGGED images and then pipe that result to -// a BatchDeleteImage operation to delete them. Or, you can filter your results -// to return only TAGGED images to list all of the tags in your repository. +// You can filter images based on whether or not they are tagged by using the +// tagStatus filter and specifying either TAGGED, UNTAGGED or ANY. For example, +// you can filter your results to return only UNTAGGED images and then pipe +// that result to a BatchDeleteImage operation to delete them. Or, you can filter +// your results to return only TAGGED images to list all of the tags in your +// repository. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2120,9 +2149,13 @@ func (c *ECR) PutImageRequest(input *PutImageInput) (req *request.Request, outpu // // Creates or updates the image manifest and tags associated with an image. // -// This operation is used by the Amazon ECR proxy, and it is not intended for -// general use by customers for pulling and pushing images. In most cases, you -// should use the docker CLI to pull, tag, and push images. +// When an image is pushed and all new image layers have been uploaded, the +// PutImage API is called once to create or update the image manifest and the +// tags associated with the image. +// +// This operation is used by the Amazon ECR proxy and is not generally used +// by customers for pulling and pushing images. In most cases, you should use +// the docker CLI to pull, tag, and push images. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2151,16 +2184,25 @@ func (c *ECR) PutImageRequest(input *PutImageInput) (req *request.Request, outpu // The specified layers could not be found, or the specified layer is not valid // for this repository. // +// * ReferencedImagesNotFoundException +// The manifest list is referencing an image that does not exist. +// // * LimitExceededException // The operation did not succeed because it would have exceeded a service limit -// for your account. For more information, see Amazon ECR Default Service Limits -// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. // // * ImageTagAlreadyExistsException // The specified image is tagged with a tag that already exists. The repository // is configured for tag immutability. // +// * ImageDigestDoesNotMatchException +// The specified image digest does not match the digest that Amazon ECR calculated +// for the image. +// +// * KmsException +// The operation failed due to a KMS exception. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImage func (c *ECR) PutImage(input *PutImageInput) (*PutImageOutput, error) { req, out := c.PutImageRequest(input) @@ -2227,7 +2269,7 @@ func (c *ECR) PutImageScanningConfigurationRequest(input *PutImageScanningConfig // PutImageScanningConfiguration API operation for Amazon EC2 Container Registry. // -// Updates the image scanning configuration for a repository. +// Updates the image scanning configuration for the specified repository. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2314,10 +2356,8 @@ func (c *ECR) PutImageTagMutabilityRequest(input *PutImageTagMutabilityInput) (r // PutImageTagMutability API operation for Amazon EC2 Container Registry. // -// Updates the image tag mutability settings for a repository. When a repository -// is configured with tag immutability, all image tags within the repository -// will be prevented them from being overwritten. For more information, see -// Image Tag Mutability (https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-tag-mutability.html) +// Updates the image tag mutability settings for the specified repository. For +// more information, see Image Tag Mutability (https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-tag-mutability.html) // in the Amazon Elastic Container Registry User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2405,8 +2445,8 @@ func (c *ECR) PutLifecyclePolicyRequest(input *PutLifecyclePolicyInput) (req *re // PutLifecyclePolicy API operation for Amazon EC2 Container Registry. // -// Creates or updates a lifecycle policy. For information about lifecycle policy -// syntax, see Lifecycle Policy Template (https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html). +// Creates or updates the lifecycle policy for the specified repository. For +// more information, see Lifecycle Policy Template (https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2493,8 +2533,8 @@ func (c *ECR) SetRepositoryPolicyRequest(input *SetRepositoryPolicyInput) (req * // SetRepositoryPolicy API operation for Amazon EC2 Container Registry. // -// Applies a repository policy on a specified repository to control access permissions. -// For more information, see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicies.html) +// Applies a repository policy to the specified repository to control access +// permissions. For more information, see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html) // in the Amazon Elastic Container Registry User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2602,6 +2642,14 @@ func (c *ECR) StartImageScanRequest(input *StartImageScanInput) (req *request.Re // The specified parameter is invalid. Review the available parameters for the // API request. // +// * UnsupportedImageTypeException +// The image is of a type that cannot be scanned. +// +// * LimitExceededException +// The operation did not succeed because it would have exceeded a service limit +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) +// in the Amazon Elastic Container Registry User Guide. +// // * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. @@ -2675,8 +2723,9 @@ func (c *ECR) StartLifecyclePolicyPreviewRequest(input *StartLifecyclePolicyPrev // StartLifecyclePolicyPreview API operation for Amazon EC2 Container Registry. // -// Starts a preview of the specified lifecycle policy. This allows you to see -// the results before creating the lifecycle policy. +// Starts a preview of a lifecycle policy for the specified repository. This +// allows you to see the results before associating the lifecycle policy with +// the repository. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2701,8 +2750,8 @@ func (c *ECR) StartLifecyclePolicyPreviewRequest(input *StartLifecyclePolicyPrev // The lifecycle policy could not be found, and no policy is set to the repository. // // * LifecyclePolicyPreviewInProgressException -// The previous lifecycle policy preview request has not completed. Please try -// again later. +// The previous lifecycle policy preview request has not completed. Wait and +// try again. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/StartLifecyclePolicyPreview func (c *ECR) StartLifecyclePolicyPreview(input *StartLifecyclePolicyPreviewInput) (*StartLifecyclePolicyPreviewOutput, error) { @@ -2967,9 +3016,13 @@ func (c *ECR) UploadLayerPartRequest(input *UploadLayerPartInput) (req *request. // // Uploads an image layer part to Amazon ECR. // -// This operation is used by the Amazon ECR proxy, and it is not intended for -// general use by customers for pulling and pushing images. In most cases, you -// should use the docker CLI to pull, tag, and push images. +// When an image is pushed, each new image layer is uploaded in parts. The maximum +// size of each image layer part can be 20971520 bytes (or about 20MB). The +// UploadLayerPart API is called once per each new image layer part. +// +// This operation is used by the Amazon ECR proxy and is not generally used +// by customers for pulling and pushing images. In most cases, you should use +// the docker CLI to pull, tag, and push images. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2995,15 +3048,17 @@ func (c *ECR) UploadLayerPartRequest(input *UploadLayerPartInput) (req *request. // repository and ensure that you are performing operations on the correct registry. // // * UploadNotFoundException -// The upload could not be found, or the specified upload id is not valid for +// The upload could not be found, or the specified upload ID is not valid for // this repository. // // * LimitExceededException // The operation did not succeed because it would have exceeded a service limit -// for your account. For more information, see Amazon ECR Default Service Limits -// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. // +// * KmsException +// The operation failed due to a KMS exception. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UploadLayerPart func (c *ECR) UploadLayerPart(input *UploadLayerPartInput) (*UploadLayerPartOutput, error) { req, out := c.UploadLayerPartRequest(input) @@ -3584,9 +3639,12 @@ func (s *CompleteLayerUploadOutput) SetUploadId(v string) *CompleteLayerUploadOu type CreateRepositoryInput struct { _ struct{} `type:"structure"` - // The image scanning configuration for the repository. This setting determines - // whether images are scanned for known vulnerabilities after being pushed to - // the repository. + // The encryption configuration for the repository. This determines how the + // contents of your repository are encrypted at rest. + EncryptionConfiguration *EncryptionConfiguration `locationName:"encryptionConfiguration" type:"structure"` + + // The image scanning configuration for the repository. This determines whether + // images are scanned for known vulnerabilities after being pushed to the repository. ImageScanningConfiguration *ImageScanningConfiguration `locationName:"imageScanningConfiguration" type:"structure"` // The tag mutability setting for the repository. If this parameter is omitted, @@ -3628,6 +3686,11 @@ func (s *CreateRepositoryInput) Validate() error { if s.RepositoryName != nil && len(*s.RepositoryName) < 2 { invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2)) } + if s.EncryptionConfiguration != nil { + if err := s.EncryptionConfiguration.Validate(); err != nil { + invalidParams.AddNested("EncryptionConfiguration", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -3635,6 +3698,12 @@ func (s *CreateRepositoryInput) Validate() error { return nil } +// SetEncryptionConfiguration sets the EncryptionConfiguration field's value. +func (s *CreateRepositoryInput) SetEncryptionConfiguration(v *EncryptionConfiguration) *CreateRepositoryInput { + s.EncryptionConfiguration = v + return s +} + // SetImageScanningConfiguration sets the ImageScanningConfiguration field's value. func (s *CreateRepositoryInput) SetImageScanningConfiguration(v *ImageScanningConfiguration) *CreateRepositoryInput { s.ImageScanningConfiguration = v @@ -4430,8 +4499,8 @@ func (s *DescribeRepositoriesOutput) SetRepositories(v []*Repository) *DescribeR // The specified layer upload does not contain any layer parts. type EmptyUploadException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -4449,17 +4518,17 @@ func (s EmptyUploadException) GoString() string { func newErrorEmptyUploadException(v protocol.ResponseMetadata) error { return &EmptyUploadException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s EmptyUploadException) Code() string { +func (s *EmptyUploadException) Code() string { return "EmptyUploadException" } // Message returns the exception's message. -func (s EmptyUploadException) Message() string { +func (s *EmptyUploadException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -4467,29 +4536,110 @@ func (s EmptyUploadException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s EmptyUploadException) OrigErr() error { +func (s *EmptyUploadException) OrigErr() error { return nil } -func (s EmptyUploadException) Error() string { +func (s *EmptyUploadException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s EmptyUploadException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *EmptyUploadException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s EmptyUploadException) RequestID() string { - return s.respMetadata.RequestID +func (s *EmptyUploadException) RequestID() string { + return s.RespMetadata.RequestID +} + +// The encryption configuration for the repository. This determines how the +// contents of your repository are encrypted at rest. +// +// By default, when no encryption configuration is set or the AES256 encryption +// type is used, Amazon ECR uses server-side encryption with Amazon S3-managed +// encryption keys which encrypts your data at rest using an AES-256 encryption +// algorithm. This does not require any action on your part. +// +// For more control over the encryption of the contents of your repository, +// you can use server-side encryption with customer master keys (CMKs) stored +// in AWS Key Management Service (AWS KMS) to encrypt your images. For more +// information, see Amazon ECR encryption at rest (https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) +// in the Amazon Elastic Container Registry User Guide. +type EncryptionConfiguration struct { + _ struct{} `type:"structure"` + + // The encryption type to use. + // + // If you use the KMS encryption type, the contents of the repository will be + // encrypted using server-side encryption with customer master keys (CMKs) stored + // in AWS KMS. When you use AWS KMS to encrypt your data, you can either use + // the default AWS managed CMK for Amazon ECR, or specify your own CMK, which + // you already created. For more information, see Protecting Data Using Server-Side + // Encryption with CMKs Stored in AWS Key Management Service (SSE-KMS) (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) + // in the Amazon Simple Storage Service Console Developer Guide.. + // + // If you use the AES256 encryption type, Amazon ECR uses server-side encryption + // with Amazon S3-managed encryption keys which encrypts the images in the repository + // using an AES-256 encryption algorithm. For more information, see Protecting + // Data Using Server-Side Encryption with Amazon S3-Managed Encryption Keys + // (SSE-S3) (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) + // in the Amazon Simple Storage Service Console Developer Guide.. + // + // EncryptionType is a required field + EncryptionType *string `locationName:"encryptionType" type:"string" required:"true" enum:"EncryptionType"` + + // If you use the KMS encryption type, specify the CMK to use for encryption. + // The alias, key ID, or full ARN of the CMK can be specified. The key must + // exist in the same Region as the repository. If no key is specified, the default + // AWS managed CMK for Amazon ECR will be used. + KmsKey *string `locationName:"kmsKey" min:"1" type:"string"` +} + +// String returns the string representation +func (s EncryptionConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EncryptionConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EncryptionConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EncryptionConfiguration"} + if s.EncryptionType == nil { + invalidParams.Add(request.NewErrParamRequired("EncryptionType")) + } + if s.KmsKey != nil && len(*s.KmsKey) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KmsKey", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetEncryptionType sets the EncryptionType field's value. +func (s *EncryptionConfiguration) SetEncryptionType(v string) *EncryptionConfiguration { + s.EncryptionType = &v + return s +} + +// SetKmsKey sets the KmsKey field's value. +func (s *EncryptionConfiguration) SetKmsKey(v string) *EncryptionConfiguration { + s.KmsKey = &v + return s } type GetAuthorizationTokenInput struct { _ struct{} `type:"structure"` // A list of AWS account IDs that are associated with the registries for which - // to get authorization tokens. If you do not specify a registry, the default + // to get AuthorizationData objects. If you do not specify a registry, the default // registry is assumed. RegistryIds []*string `locationName:"registryIds" min:"1" type:"list"` } @@ -5043,6 +5193,9 @@ type Image struct { // The image manifest associated with the image. ImageManifest *string `locationName:"imageManifest" min:"1" type:"string"` + // The manifest media type of the image. + ImageManifestMediaType *string `locationName:"imageManifestMediaType" type:"string"` + // The AWS account ID associated with the registry containing the image. RegistryId *string `locationName:"registryId" type:"string"` @@ -5072,6 +5225,12 @@ func (s *Image) SetImageManifest(v string) *Image { return s } +// SetImageManifestMediaType sets the ImageManifestMediaType field's value. +func (s *Image) SetImageManifestMediaType(v string) *Image { + s.ImageManifestMediaType = &v + return s +} + // SetRegistryId sets the RegistryId field's value. func (s *Image) SetRegistryId(v string) *Image { s.RegistryId = &v @@ -5087,8 +5246,8 @@ func (s *Image) SetRepositoryName(v string) *Image { // The specified image has already been pushed, and there were no changes to // the manifest or image tag after the last push. type ImageAlreadyExistsException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -5106,17 +5265,17 @@ func (s ImageAlreadyExistsException) GoString() string { func newErrorImageAlreadyExistsException(v protocol.ResponseMetadata) error { return &ImageAlreadyExistsException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s ImageAlreadyExistsException) Code() string { +func (s *ImageAlreadyExistsException) Code() string { return "ImageAlreadyExistsException" } // Message returns the exception's message. -func (s ImageAlreadyExistsException) Message() string { +func (s *ImageAlreadyExistsException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -5124,31 +5283,37 @@ func (s ImageAlreadyExistsException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s ImageAlreadyExistsException) OrigErr() error { +func (s *ImageAlreadyExistsException) OrigErr() error { return nil } -func (s ImageAlreadyExistsException) Error() string { +func (s *ImageAlreadyExistsException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s ImageAlreadyExistsException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *ImageAlreadyExistsException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s ImageAlreadyExistsException) RequestID() string { - return s.respMetadata.RequestID +func (s *ImageAlreadyExistsException) RequestID() string { + return s.RespMetadata.RequestID } // An object that describes an image returned by a DescribeImages operation. type ImageDetail struct { _ struct{} `type:"structure"` + // The artifact media type of the image. + ArtifactMediaType *string `locationName:"artifactMediaType" type:"string"` + // The sha256 digest of the image manifest. ImageDigest *string `locationName:"imageDigest" type:"string"` + // The media type of the image manifest. + ImageManifestMediaType *string `locationName:"imageManifestMediaType" type:"string"` + // The date and time, expressed in standard JavaScript date format, at which // the current image was pushed to the repository. ImagePushedAt *time.Time `locationName:"imagePushedAt" type:"timestamp"` @@ -5161,6 +5326,9 @@ type ImageDetail struct { // The size, in bytes, of the image in the repository. // + // If the image is a manifest list, this will be the max size of all manifests + // in the list. + // // Beginning with Docker version 1.9, the Docker client compresses image layers // before pushing them to a V2 Docker registry. The output of the docker images // command shows the uncompressed image size, so it may return a larger image @@ -5187,12 +5355,24 @@ func (s ImageDetail) GoString() string { return s.String() } +// SetArtifactMediaType sets the ArtifactMediaType field's value. +func (s *ImageDetail) SetArtifactMediaType(v string) *ImageDetail { + s.ArtifactMediaType = &v + return s +} + // SetImageDigest sets the ImageDigest field's value. func (s *ImageDetail) SetImageDigest(v string) *ImageDetail { s.ImageDigest = &v return s } +// SetImageManifestMediaType sets the ImageManifestMediaType field's value. +func (s *ImageDetail) SetImageManifestMediaType(v string) *ImageDetail { + s.ImageManifestMediaType = &v + return s +} + // SetImagePushedAt sets the ImagePushedAt field's value. func (s *ImageDetail) SetImagePushedAt(v time.Time) *ImageDetail { s.ImagePushedAt = &v @@ -5235,6 +5415,63 @@ func (s *ImageDetail) SetRepositoryName(v string) *ImageDetail { return s } +// The specified image digest does not match the digest that Amazon ECR calculated +// for the image. +type ImageDigestDoesNotMatchException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ImageDigestDoesNotMatchException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImageDigestDoesNotMatchException) GoString() string { + return s.String() +} + +func newErrorImageDigestDoesNotMatchException(v protocol.ResponseMetadata) error { + return &ImageDigestDoesNotMatchException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ImageDigestDoesNotMatchException) Code() string { + return "ImageDigestDoesNotMatchException" +} + +// Message returns the exception's message. +func (s *ImageDigestDoesNotMatchException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ImageDigestDoesNotMatchException) OrigErr() error { + return nil +} + +func (s *ImageDigestDoesNotMatchException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ImageDigestDoesNotMatchException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ImageDigestDoesNotMatchException) RequestID() string { + return s.RespMetadata.RequestID +} + // An object representing an Amazon ECR image failure. type ImageFailure struct { _ struct{} `type:"structure"` @@ -5325,8 +5562,8 @@ func (s *ImageIdentifier) SetImageTag(v string) *ImageIdentifier { // The image requested does not exist in the specified repository. type ImageNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -5343,17 +5580,17 @@ func (s ImageNotFoundException) GoString() string { func newErrorImageNotFoundException(v protocol.ResponseMetadata) error { return &ImageNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s ImageNotFoundException) Code() string { +func (s *ImageNotFoundException) Code() string { return "ImageNotFoundException" } // Message returns the exception's message. -func (s ImageNotFoundException) Message() string { +func (s *ImageNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -5361,22 +5598,22 @@ func (s ImageNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s ImageNotFoundException) OrigErr() error { +func (s *ImageNotFoundException) OrigErr() error { return nil } -func (s ImageNotFoundException) Error() string { +func (s *ImageNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s ImageNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *ImageNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s ImageNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *ImageNotFoundException) RequestID() string { + return s.RespMetadata.RequestID } // Contains information about an image scan finding. @@ -5596,8 +5833,8 @@ func (s *ImageScanningConfiguration) SetScanOnPush(v bool) *ImageScanningConfigu // The specified image is tagged with a tag that already exists. The repository // is configured for tag immutability. type ImageTagAlreadyExistsException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -5614,17 +5851,17 @@ func (s ImageTagAlreadyExistsException) GoString() string { func newErrorImageTagAlreadyExistsException(v protocol.ResponseMetadata) error { return &ImageTagAlreadyExistsException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s ImageTagAlreadyExistsException) Code() string { +func (s *ImageTagAlreadyExistsException) Code() string { return "ImageTagAlreadyExistsException" } // Message returns the exception's message. -func (s ImageTagAlreadyExistsException) Message() string { +func (s *ImageTagAlreadyExistsException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -5632,22 +5869,22 @@ func (s ImageTagAlreadyExistsException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s ImageTagAlreadyExistsException) OrigErr() error { +func (s *ImageTagAlreadyExistsException) OrigErr() error { return nil } -func (s ImageTagAlreadyExistsException) Error() string { +func (s *ImageTagAlreadyExistsException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s ImageTagAlreadyExistsException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *ImageTagAlreadyExistsException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s ImageTagAlreadyExistsException) RequestID() string { - return s.respMetadata.RequestID +func (s *ImageTagAlreadyExistsException) RequestID() string { + return s.RespMetadata.RequestID } type InitiateLayerUploadInput struct { @@ -5738,8 +5975,8 @@ func (s *InitiateLayerUploadOutput) SetUploadId(v string) *InitiateLayerUploadOu // The layer digest calculation performed by Amazon ECR upon receipt of the // image layer does not match the digest specified. type InvalidLayerException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -5757,17 +5994,17 @@ func (s InvalidLayerException) GoString() string { func newErrorInvalidLayerException(v protocol.ResponseMetadata) error { return &InvalidLayerException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidLayerException) Code() string { +func (s *InvalidLayerException) Code() string { return "InvalidLayerException" } // Message returns the exception's message. -func (s InvalidLayerException) Message() string { +func (s *InvalidLayerException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -5775,29 +6012,29 @@ func (s InvalidLayerException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidLayerException) OrigErr() error { +func (s *InvalidLayerException) OrigErr() error { return nil } -func (s InvalidLayerException) Error() string { +func (s *InvalidLayerException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidLayerException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidLayerException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidLayerException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidLayerException) RequestID() string { + return s.RespMetadata.RequestID } // The layer part size is not valid, or the first byte specified is not consecutive // to the last byte of a previous layer part upload. type InvalidLayerPartException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The last valid byte received from the layer part upload that is associated // with the exception. @@ -5828,17 +6065,17 @@ func (s InvalidLayerPartException) GoString() string { func newErrorInvalidLayerPartException(v protocol.ResponseMetadata) error { return &InvalidLayerPartException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidLayerPartException) Code() string { +func (s *InvalidLayerPartException) Code() string { return "InvalidLayerPartException" } // Message returns the exception's message. -func (s InvalidLayerPartException) Message() string { +func (s *InvalidLayerPartException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -5846,29 +6083,29 @@ func (s InvalidLayerPartException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidLayerPartException) OrigErr() error { +func (s *InvalidLayerPartException) OrigErr() error { return nil } -func (s InvalidLayerPartException) Error() string { +func (s *InvalidLayerPartException) Error() string { return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidLayerPartException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidLayerPartException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidLayerPartException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidLayerPartException) RequestID() string { + return s.RespMetadata.RequestID } // The specified parameter is invalid. Review the available parameters for the // API request. type InvalidParameterException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -5886,17 +6123,17 @@ func (s InvalidParameterException) GoString() string { func newErrorInvalidParameterException(v protocol.ResponseMetadata) error { return &InvalidParameterException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidParameterException) Code() string { +func (s *InvalidParameterException) Code() string { return "InvalidParameterException" } // Message returns the exception's message. -func (s InvalidParameterException) Message() string { +func (s *InvalidParameterException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -5904,30 +6141,30 @@ func (s InvalidParameterException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidParameterException) OrigErr() error { +func (s *InvalidParameterException) OrigErr() error { return nil } -func (s InvalidParameterException) Error() string { +func (s *InvalidParameterException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidParameterException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidParameterException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidParameterException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidParameterException) RequestID() string { + return s.RespMetadata.RequestID } // An invalid parameter has been specified. Tag keys can have a maximum character // length of 128 characters, and tag values can have a maximum length of 256 // characters. type InvalidTagParameterException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -5944,17 +6181,17 @@ func (s InvalidTagParameterException) GoString() string { func newErrorInvalidTagParameterException(v protocol.ResponseMetadata) error { return &InvalidTagParameterException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidTagParameterException) Code() string { +func (s *InvalidTagParameterException) Code() string { return "InvalidTagParameterException" } // Message returns the exception's message. -func (s InvalidTagParameterException) Message() string { +func (s *InvalidTagParameterException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -5962,22 +6199,81 @@ func (s InvalidTagParameterException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidTagParameterException) OrigErr() error { +func (s *InvalidTagParameterException) OrigErr() error { return nil } -func (s InvalidTagParameterException) Error() string { +func (s *InvalidTagParameterException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidTagParameterException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidTagParameterException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidTagParameterException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidTagParameterException) RequestID() string { + return s.RespMetadata.RequestID +} + +// The operation failed due to a KMS exception. +type KmsException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The error code returned by AWS KMS. + KmsError *string `locationName:"kmsError" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s KmsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s KmsException) GoString() string { + return s.String() +} + +func newErrorKmsException(v protocol.ResponseMetadata) error { + return &KmsException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *KmsException) Code() string { + return "KmsException" +} + +// Message returns the exception's message. +func (s *KmsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *KmsException) OrigErr() error { + return nil +} + +func (s *KmsException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *KmsException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *KmsException) RequestID() string { + return s.RespMetadata.RequestID } // An object representing an Amazon ECR image layer. @@ -6034,8 +6330,8 @@ func (s *Layer) SetMediaType(v string) *Layer { // The image layer already exists in the associated repository. type LayerAlreadyExistsException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -6053,17 +6349,17 @@ func (s LayerAlreadyExistsException) GoString() string { func newErrorLayerAlreadyExistsException(v protocol.ResponseMetadata) error { return &LayerAlreadyExistsException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s LayerAlreadyExistsException) Code() string { +func (s *LayerAlreadyExistsException) Code() string { return "LayerAlreadyExistsException" } // Message returns the exception's message. -func (s LayerAlreadyExistsException) Message() string { +func (s *LayerAlreadyExistsException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6071,22 +6367,22 @@ func (s LayerAlreadyExistsException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s LayerAlreadyExistsException) OrigErr() error { +func (s *LayerAlreadyExistsException) OrigErr() error { return nil } -func (s LayerAlreadyExistsException) Error() string { +func (s *LayerAlreadyExistsException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s LayerAlreadyExistsException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *LayerAlreadyExistsException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s LayerAlreadyExistsException) RequestID() string { - return s.respMetadata.RequestID +func (s *LayerAlreadyExistsException) RequestID() string { + return s.RespMetadata.RequestID } // An object representing an Amazon ECR image layer failure. @@ -6134,8 +6430,8 @@ func (s *LayerFailure) SetLayerDigest(v string) *LayerFailure { // The specified layer is not available because it is not associated with an // image. Unassociated image layers may be cleaned up at any time. type LayerInaccessibleException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -6153,17 +6449,17 @@ func (s LayerInaccessibleException) GoString() string { func newErrorLayerInaccessibleException(v protocol.ResponseMetadata) error { return &LayerInaccessibleException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s LayerInaccessibleException) Code() string { +func (s *LayerInaccessibleException) Code() string { return "LayerInaccessibleException" } // Message returns the exception's message. -func (s LayerInaccessibleException) Message() string { +func (s *LayerInaccessibleException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6171,28 +6467,28 @@ func (s LayerInaccessibleException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s LayerInaccessibleException) OrigErr() error { +func (s *LayerInaccessibleException) OrigErr() error { return nil } -func (s LayerInaccessibleException) Error() string { +func (s *LayerInaccessibleException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s LayerInaccessibleException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *LayerInaccessibleException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s LayerInaccessibleException) RequestID() string { - return s.respMetadata.RequestID +func (s *LayerInaccessibleException) RequestID() string { + return s.RespMetadata.RequestID } // Layer parts must be at least 5 MiB in size. type LayerPartTooSmallException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -6210,17 +6506,17 @@ func (s LayerPartTooSmallException) GoString() string { func newErrorLayerPartTooSmallException(v protocol.ResponseMetadata) error { return &LayerPartTooSmallException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s LayerPartTooSmallException) Code() string { +func (s *LayerPartTooSmallException) Code() string { return "LayerPartTooSmallException" } // Message returns the exception's message. -func (s LayerPartTooSmallException) Message() string { +func (s *LayerPartTooSmallException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6228,29 +6524,29 @@ func (s LayerPartTooSmallException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s LayerPartTooSmallException) OrigErr() error { +func (s *LayerPartTooSmallException) OrigErr() error { return nil } -func (s LayerPartTooSmallException) Error() string { +func (s *LayerPartTooSmallException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s LayerPartTooSmallException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *LayerPartTooSmallException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s LayerPartTooSmallException) RequestID() string { - return s.respMetadata.RequestID +func (s *LayerPartTooSmallException) RequestID() string { + return s.RespMetadata.RequestID } // The specified layers could not be found, or the specified layer is not valid // for this repository. type LayersNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -6268,17 +6564,17 @@ func (s LayersNotFoundException) GoString() string { func newErrorLayersNotFoundException(v protocol.ResponseMetadata) error { return &LayersNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s LayersNotFoundException) Code() string { +func (s *LayersNotFoundException) Code() string { return "LayersNotFoundException" } // Message returns the exception's message. -func (s LayersNotFoundException) Message() string { +func (s *LayersNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6286,28 +6582,28 @@ func (s LayersNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s LayersNotFoundException) OrigErr() error { +func (s *LayersNotFoundException) OrigErr() error { return nil } -func (s LayersNotFoundException) Error() string { +func (s *LayersNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s LayersNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *LayersNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s LayersNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *LayersNotFoundException) RequestID() string { + return s.RespMetadata.RequestID } // The lifecycle policy could not be found, and no policy is set to the repository. type LifecyclePolicyNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -6324,17 +6620,17 @@ func (s LifecyclePolicyNotFoundException) GoString() string { func newErrorLifecyclePolicyNotFoundException(v protocol.ResponseMetadata) error { return &LifecyclePolicyNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s LifecyclePolicyNotFoundException) Code() string { +func (s *LifecyclePolicyNotFoundException) Code() string { return "LifecyclePolicyNotFoundException" } // Message returns the exception's message. -func (s LifecyclePolicyNotFoundException) Message() string { +func (s *LifecyclePolicyNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6342,22 +6638,22 @@ func (s LifecyclePolicyNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s LifecyclePolicyNotFoundException) OrigErr() error { +func (s *LifecyclePolicyNotFoundException) OrigErr() error { return nil } -func (s LifecyclePolicyNotFoundException) Error() string { +func (s *LifecyclePolicyNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s LifecyclePolicyNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *LifecyclePolicyNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s LifecyclePolicyNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *LifecyclePolicyNotFoundException) RequestID() string { + return s.RespMetadata.RequestID } // The filter for the lifecycle policy preview. @@ -6384,11 +6680,11 @@ func (s *LifecyclePolicyPreviewFilter) SetTagStatus(v string) *LifecyclePolicyPr return s } -// The previous lifecycle policy preview request has not completed. Please try -// again later. +// The previous lifecycle policy preview request has not completed. Wait and +// try again. type LifecyclePolicyPreviewInProgressException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -6405,17 +6701,17 @@ func (s LifecyclePolicyPreviewInProgressException) GoString() string { func newErrorLifecyclePolicyPreviewInProgressException(v protocol.ResponseMetadata) error { return &LifecyclePolicyPreviewInProgressException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s LifecyclePolicyPreviewInProgressException) Code() string { +func (s *LifecyclePolicyPreviewInProgressException) Code() string { return "LifecyclePolicyPreviewInProgressException" } // Message returns the exception's message. -func (s LifecyclePolicyPreviewInProgressException) Message() string { +func (s *LifecyclePolicyPreviewInProgressException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6423,28 +6719,28 @@ func (s LifecyclePolicyPreviewInProgressException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s LifecyclePolicyPreviewInProgressException) OrigErr() error { +func (s *LifecyclePolicyPreviewInProgressException) OrigErr() error { return nil } -func (s LifecyclePolicyPreviewInProgressException) Error() string { +func (s *LifecyclePolicyPreviewInProgressException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s LifecyclePolicyPreviewInProgressException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *LifecyclePolicyPreviewInProgressException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s LifecyclePolicyPreviewInProgressException) RequestID() string { - return s.respMetadata.RequestID +func (s *LifecyclePolicyPreviewInProgressException) RequestID() string { + return s.RespMetadata.RequestID } // There is no dry run for this repository. type LifecyclePolicyPreviewNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -6461,17 +6757,17 @@ func (s LifecyclePolicyPreviewNotFoundException) GoString() string { func newErrorLifecyclePolicyPreviewNotFoundException(v protocol.ResponseMetadata) error { return &LifecyclePolicyPreviewNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s LifecyclePolicyPreviewNotFoundException) Code() string { +func (s *LifecyclePolicyPreviewNotFoundException) Code() string { return "LifecyclePolicyPreviewNotFoundException" } // Message returns the exception's message. -func (s LifecyclePolicyPreviewNotFoundException) Message() string { +func (s *LifecyclePolicyPreviewNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6479,22 +6775,22 @@ func (s LifecyclePolicyPreviewNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s LifecyclePolicyPreviewNotFoundException) OrigErr() error { +func (s *LifecyclePolicyPreviewNotFoundException) OrigErr() error { return nil } -func (s LifecyclePolicyPreviewNotFoundException) Error() string { +func (s *LifecyclePolicyPreviewNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s LifecyclePolicyPreviewNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *LifecyclePolicyPreviewNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s LifecyclePolicyPreviewNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *LifecyclePolicyPreviewNotFoundException) RequestID() string { + return s.RespMetadata.RequestID } // The result of the lifecycle policy preview. @@ -6607,12 +6903,11 @@ func (s *LifecyclePolicyRuleAction) SetType(v string) *LifecyclePolicyRuleAction } // The operation did not succeed because it would have exceeded a service limit -// for your account. For more information, see Amazon ECR Default Service Limits -// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. type LimitExceededException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -6630,17 +6925,17 @@ func (s LimitExceededException) GoString() string { func newErrorLimitExceededException(v protocol.ResponseMetadata) error { return &LimitExceededException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s LimitExceededException) Code() string { +func (s *LimitExceededException) Code() string { return "LimitExceededException" } // Message returns the exception's message. -func (s LimitExceededException) Message() string { +func (s *LimitExceededException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6648,22 +6943,22 @@ func (s LimitExceededException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s LimitExceededException) OrigErr() error { +func (s *LimitExceededException) OrigErr() error { return nil } -func (s LimitExceededException) Error() string { +func (s *LimitExceededException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s LimitExceededException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *LimitExceededException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s LimitExceededException) RequestID() string { - return s.respMetadata.RequestID +func (s *LimitExceededException) RequestID() string { + return s.RespMetadata.RequestID } // An object representing a filter on a ListImages operation. @@ -6885,13 +7180,22 @@ func (s *ListTagsForResourceOutput) SetTags(v []*Tag) *ListTagsForResourceOutput type PutImageInput struct { _ struct{} `type:"structure"` + // The image digest of the image manifest corresponding to the image. + ImageDigest *string `locationName:"imageDigest" type:"string"` + // The image manifest corresponding to the image to be uploaded. // // ImageManifest is a required field ImageManifest *string `locationName:"imageManifest" min:"1" type:"string" required:"true"` + // The media type of the image manifest. If you push an image manifest that + // does not contain the mediaType field, you must specify the imageManifestMediaType + // in the request. + ImageManifestMediaType *string `locationName:"imageManifestMediaType" type:"string"` + // The tag to associate with the image. This parameter is required for images - // that use the Docker Image Manifest V2 Schema 2 or OCI formats. + // that use the Docker Image Manifest V2 Schema 2 or Open Container Initiative + // (OCI) formats. ImageTag *string `locationName:"imageTag" min:"1" type:"string"` // The AWS account ID associated with the registry that contains the repository @@ -6940,12 +7244,24 @@ func (s *PutImageInput) Validate() error { return nil } +// SetImageDigest sets the ImageDigest field's value. +func (s *PutImageInput) SetImageDigest(v string) *PutImageInput { + s.ImageDigest = &v + return s +} + // SetImageManifest sets the ImageManifest field's value. func (s *PutImageInput) SetImageManifest(v string) *PutImageInput { s.ImageManifest = &v return s } +// SetImageManifestMediaType sets the ImageManifestMediaType field's value. +func (s *PutImageInput) SetImageManifestMediaType(v string) *PutImageInput { + s.ImageManifestMediaType = &v + return s +} + // SetImageTag sets the ImageTag field's value. func (s *PutImageInput) SetImageTag(v string) *PutImageInput { s.ImageTag = &v @@ -7315,6 +7631,62 @@ func (s *PutLifecyclePolicyOutput) SetRepositoryName(v string) *PutLifecyclePoli return s } +// The manifest list is referencing an image that does not exist. +type ReferencedImagesNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ReferencedImagesNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ReferencedImagesNotFoundException) GoString() string { + return s.String() +} + +func newErrorReferencedImagesNotFoundException(v protocol.ResponseMetadata) error { + return &ReferencedImagesNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ReferencedImagesNotFoundException) Code() string { + return "ReferencedImagesNotFoundException" +} + +// Message returns the exception's message. +func (s *ReferencedImagesNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ReferencedImagesNotFoundException) OrigErr() error { + return nil +} + +func (s *ReferencedImagesNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ReferencedImagesNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ReferencedImagesNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + // An object representing a repository. type Repository struct { _ struct{} `type:"structure"` @@ -7322,6 +7694,10 @@ type Repository struct { // The date and time, in JavaScript date format, when the repository was created. CreatedAt *time.Time `locationName:"createdAt" type:"timestamp"` + // The encryption configuration for the repository. This determines how the + // contents of your repository are encrypted at rest. + EncryptionConfiguration *EncryptionConfiguration `locationName:"encryptionConfiguration" type:"structure"` + // The image scanning configuration for a repository. ImageScanningConfiguration *ImageScanningConfiguration `locationName:"imageScanningConfiguration" type:"structure"` @@ -7340,8 +7716,8 @@ type Repository struct { // The name of the repository. RepositoryName *string `locationName:"repositoryName" min:"2" type:"string"` - // The URI for the repository. You can use this URI for Docker push or pull - // operations. + // The URI for the repository. You can use this URI for container image push + // and pull operations. RepositoryUri *string `locationName:"repositoryUri" type:"string"` } @@ -7361,6 +7737,12 @@ func (s *Repository) SetCreatedAt(v time.Time) *Repository { return s } +// SetEncryptionConfiguration sets the EncryptionConfiguration field's value. +func (s *Repository) SetEncryptionConfiguration(v *EncryptionConfiguration) *Repository { + s.EncryptionConfiguration = v + return s +} + // SetImageScanningConfiguration sets the ImageScanningConfiguration field's value. func (s *Repository) SetImageScanningConfiguration(v *ImageScanningConfiguration) *Repository { s.ImageScanningConfiguration = v @@ -7399,8 +7781,8 @@ func (s *Repository) SetRepositoryUri(v string) *Repository { // The specified repository already exists in the specified registry. type RepositoryAlreadyExistsException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -7418,17 +7800,17 @@ func (s RepositoryAlreadyExistsException) GoString() string { func newErrorRepositoryAlreadyExistsException(v protocol.ResponseMetadata) error { return &RepositoryAlreadyExistsException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s RepositoryAlreadyExistsException) Code() string { +func (s *RepositoryAlreadyExistsException) Code() string { return "RepositoryAlreadyExistsException" } // Message returns the exception's message. -func (s RepositoryAlreadyExistsException) Message() string { +func (s *RepositoryAlreadyExistsException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7436,29 +7818,29 @@ func (s RepositoryAlreadyExistsException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s RepositoryAlreadyExistsException) OrigErr() error { +func (s *RepositoryAlreadyExistsException) OrigErr() error { return nil } -func (s RepositoryAlreadyExistsException) Error() string { +func (s *RepositoryAlreadyExistsException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s RepositoryAlreadyExistsException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *RepositoryAlreadyExistsException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s RepositoryAlreadyExistsException) RequestID() string { - return s.respMetadata.RequestID +func (s *RepositoryAlreadyExistsException) RequestID() string { + return s.RespMetadata.RequestID } // The specified repository contains images. To delete a repository that contains // images, you must force the deletion with the force parameter. type RepositoryNotEmptyException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -7476,17 +7858,17 @@ func (s RepositoryNotEmptyException) GoString() string { func newErrorRepositoryNotEmptyException(v protocol.ResponseMetadata) error { return &RepositoryNotEmptyException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s RepositoryNotEmptyException) Code() string { +func (s *RepositoryNotEmptyException) Code() string { return "RepositoryNotEmptyException" } // Message returns the exception's message. -func (s RepositoryNotEmptyException) Message() string { +func (s *RepositoryNotEmptyException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7494,29 +7876,29 @@ func (s RepositoryNotEmptyException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s RepositoryNotEmptyException) OrigErr() error { +func (s *RepositoryNotEmptyException) OrigErr() error { return nil } -func (s RepositoryNotEmptyException) Error() string { +func (s *RepositoryNotEmptyException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s RepositoryNotEmptyException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *RepositoryNotEmptyException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s RepositoryNotEmptyException) RequestID() string { - return s.respMetadata.RequestID +func (s *RepositoryNotEmptyException) RequestID() string { + return s.RespMetadata.RequestID } // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. type RepositoryNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -7534,17 +7916,17 @@ func (s RepositoryNotFoundException) GoString() string { func newErrorRepositoryNotFoundException(v protocol.ResponseMetadata) error { return &RepositoryNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s RepositoryNotFoundException) Code() string { +func (s *RepositoryNotFoundException) Code() string { return "RepositoryNotFoundException" } // Message returns the exception's message. -func (s RepositoryNotFoundException) Message() string { +func (s *RepositoryNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7552,29 +7934,29 @@ func (s RepositoryNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s RepositoryNotFoundException) OrigErr() error { +func (s *RepositoryNotFoundException) OrigErr() error { return nil } -func (s RepositoryNotFoundException) Error() string { +func (s *RepositoryNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s RepositoryNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *RepositoryNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s RepositoryNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *RepositoryNotFoundException) RequestID() string { + return s.RespMetadata.RequestID } // The specified repository and registry combination does not have an associated // repository policy. type RepositoryPolicyNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -7592,17 +7974,17 @@ func (s RepositoryPolicyNotFoundException) GoString() string { func newErrorRepositoryPolicyNotFoundException(v protocol.ResponseMetadata) error { return &RepositoryPolicyNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s RepositoryPolicyNotFoundException) Code() string { +func (s *RepositoryPolicyNotFoundException) Code() string { return "RepositoryPolicyNotFoundException" } // Message returns the exception's message. -func (s RepositoryPolicyNotFoundException) Message() string { +func (s *RepositoryPolicyNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7610,29 +7992,29 @@ func (s RepositoryPolicyNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s RepositoryPolicyNotFoundException) OrigErr() error { +func (s *RepositoryPolicyNotFoundException) OrigErr() error { return nil } -func (s RepositoryPolicyNotFoundException) Error() string { +func (s *RepositoryPolicyNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s RepositoryPolicyNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *RepositoryPolicyNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s RepositoryPolicyNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *RepositoryPolicyNotFoundException) RequestID() string { + return s.RespMetadata.RequestID } // The specified image scan could not be found. Ensure that image scanning is // enabled on the repository and try again. type ScanNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -7649,17 +8031,17 @@ func (s ScanNotFoundException) GoString() string { func newErrorScanNotFoundException(v protocol.ResponseMetadata) error { return &ScanNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s ScanNotFoundException) Code() string { +func (s *ScanNotFoundException) Code() string { return "ScanNotFoundException" } // Message returns the exception's message. -func (s ScanNotFoundException) Message() string { +func (s *ScanNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7667,28 +8049,28 @@ func (s ScanNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s ScanNotFoundException) OrigErr() error { +func (s *ScanNotFoundException) OrigErr() error { return nil } -func (s ScanNotFoundException) Error() string { +func (s *ScanNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s ScanNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *ScanNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s ScanNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *ScanNotFoundException) RequestID() string { + return s.RespMetadata.RequestID } // These errors are usually caused by a server-side issue. type ServerException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -7706,17 +8088,17 @@ func (s ServerException) GoString() string { func newErrorServerException(v protocol.ResponseMetadata) error { return &ServerException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s ServerException) Code() string { +func (s *ServerException) Code() string { return "ServerException" } // Message returns the exception's message. -func (s ServerException) Message() string { +func (s *ServerException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7724,22 +8106,22 @@ func (s ServerException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s ServerException) OrigErr() error { +func (s *ServerException) OrigErr() error { return nil } -func (s ServerException) Error() string { +func (s *ServerException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s ServerException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *ServerException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s ServerException) RequestID() string { - return s.respMetadata.RequestID +func (s *ServerException) RequestID() string { + return s.RespMetadata.RequestID } type SetRepositoryPolicyInput struct { @@ -7751,7 +8133,7 @@ type SetRepositoryPolicyInput struct { Force *bool `locationName:"force" type:"boolean"` // The JSON repository policy text to apply to the repository. For more information, - // see Amazon ECR Repository Policy Examples (https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html) + // see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) // in the Amazon Elastic Container Registry User Guide. // // PolicyText is a required field @@ -8206,8 +8588,8 @@ func (s TagResourceOutput) GoString() string { // The list of tags on the repository is over the limit. The maximum number // of tags that can be applied to a repository is 50. type TooManyTagsException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -8224,17 +8606,17 @@ func (s TooManyTagsException) GoString() string { func newErrorTooManyTagsException(v protocol.ResponseMetadata) error { return &TooManyTagsException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s TooManyTagsException) Code() string { +func (s *TooManyTagsException) Code() string { return "TooManyTagsException" } // Message returns the exception's message. -func (s TooManyTagsException) Message() string { +func (s *TooManyTagsException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -8242,22 +8624,78 @@ func (s TooManyTagsException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s TooManyTagsException) OrigErr() error { +func (s *TooManyTagsException) OrigErr() error { return nil } -func (s TooManyTagsException) Error() string { +func (s *TooManyTagsException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s TooManyTagsException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *TooManyTagsException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s TooManyTagsException) RequestID() string { - return s.respMetadata.RequestID +func (s *TooManyTagsException) RequestID() string { + return s.RespMetadata.RequestID +} + +// The image is of a type that cannot be scanned. +type UnsupportedImageTypeException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s UnsupportedImageTypeException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UnsupportedImageTypeException) GoString() string { + return s.String() +} + +func newErrorUnsupportedImageTypeException(v protocol.ResponseMetadata) error { + return &UnsupportedImageTypeException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *UnsupportedImageTypeException) Code() string { + return "UnsupportedImageTypeException" +} + +// Message returns the exception's message. +func (s *UnsupportedImageTypeException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *UnsupportedImageTypeException) OrigErr() error { + return nil +} + +func (s *UnsupportedImageTypeException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *UnsupportedImageTypeException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *UnsupportedImageTypeException) RequestID() string { + return s.RespMetadata.RequestID } type UntagResourceInput struct { @@ -8337,12 +8775,14 @@ type UploadLayerPartInput struct { // LayerPartBlob is a required field LayerPartBlob []byte `locationName:"layerPartBlob" type:"blob" required:"true"` - // The integer value of the first byte of the layer part. + // The position of the first byte of the layer part witin the overall image + // layer. // // PartFirstByte is a required field PartFirstByte *int64 `locationName:"partFirstByte" type:"long" required:"true"` - // The integer value of the last byte of the layer part. + // The position of the last byte of the layer part within the overall image + // layer. // // PartLastByte is a required field PartLastByte *int64 `locationName:"partLastByte" type:"long" required:"true"` @@ -8487,11 +8927,11 @@ func (s *UploadLayerPartOutput) SetUploadId(v string) *UploadLayerPartOutput { return s } -// The upload could not be found, or the specified upload id is not valid for +// The upload could not be found, or the specified upload ID is not valid for // this repository. type UploadNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The error message associated with the exception. Message_ *string `locationName:"message" type:"string"` @@ -8509,17 +8949,17 @@ func (s UploadNotFoundException) GoString() string { func newErrorUploadNotFoundException(v protocol.ResponseMetadata) error { return &UploadNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s UploadNotFoundException) Code() string { +func (s *UploadNotFoundException) Code() string { return "UploadNotFoundException" } // Message returns the exception's message. -func (s UploadNotFoundException) Message() string { +func (s *UploadNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -8527,22 +8967,38 @@ func (s UploadNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s UploadNotFoundException) OrigErr() error { +func (s *UploadNotFoundException) OrigErr() error { return nil } -func (s UploadNotFoundException) Error() string { +func (s *UploadNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s UploadNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *UploadNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s UploadNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *UploadNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + +const ( + // EncryptionTypeAes256 is a EncryptionType enum value + EncryptionTypeAes256 = "AES256" + + // EncryptionTypeKms is a EncryptionType enum value + EncryptionTypeKms = "KMS" +) + +// EncryptionType_Values returns all elements of the EncryptionType enum +func EncryptionType_Values() []string { + return []string{ + EncryptionTypeAes256, + EncryptionTypeKms, + } } const ( @@ -8565,11 +9021,30 @@ const ( FindingSeverityUndefined = "UNDEFINED" ) +// FindingSeverity_Values returns all elements of the FindingSeverity enum +func FindingSeverity_Values() []string { + return []string{ + FindingSeverityInformational, + FindingSeverityLow, + FindingSeverityMedium, + FindingSeverityHigh, + FindingSeverityCritical, + FindingSeverityUndefined, + } +} + const ( // ImageActionTypeExpire is a ImageActionType enum value ImageActionTypeExpire = "EXPIRE" ) +// ImageActionType_Values returns all elements of the ImageActionType enum +func ImageActionType_Values() []string { + return []string{ + ImageActionTypeExpire, + } +} + const ( // ImageFailureCodeInvalidImageDigest is a ImageFailureCode enum value ImageFailureCodeInvalidImageDigest = "InvalidImageDigest" @@ -8585,8 +9060,27 @@ const ( // ImageFailureCodeMissingDigestAndTag is a ImageFailureCode enum value ImageFailureCodeMissingDigestAndTag = "MissingDigestAndTag" + + // ImageFailureCodeImageReferencedByManifestList is a ImageFailureCode enum value + ImageFailureCodeImageReferencedByManifestList = "ImageReferencedByManifestList" + + // ImageFailureCodeKmsError is a ImageFailureCode enum value + ImageFailureCodeKmsError = "KmsError" ) +// ImageFailureCode_Values returns all elements of the ImageFailureCode enum +func ImageFailureCode_Values() []string { + return []string{ + ImageFailureCodeInvalidImageDigest, + ImageFailureCodeInvalidImageTag, + ImageFailureCodeImageTagDoesNotMatchDigest, + ImageFailureCodeImageNotFound, + ImageFailureCodeMissingDigestAndTag, + ImageFailureCodeImageReferencedByManifestList, + ImageFailureCodeKmsError, + } +} + const ( // ImageTagMutabilityMutable is a ImageTagMutability enum value ImageTagMutabilityMutable = "MUTABLE" @@ -8595,6 +9089,14 @@ const ( ImageTagMutabilityImmutable = "IMMUTABLE" ) +// ImageTagMutability_Values returns all elements of the ImageTagMutability enum +func ImageTagMutability_Values() []string { + return []string{ + ImageTagMutabilityMutable, + ImageTagMutabilityImmutable, + } +} + const ( // LayerAvailabilityAvailable is a LayerAvailability enum value LayerAvailabilityAvailable = "AVAILABLE" @@ -8603,6 +9105,14 @@ const ( LayerAvailabilityUnavailable = "UNAVAILABLE" ) +// LayerAvailability_Values returns all elements of the LayerAvailability enum +func LayerAvailability_Values() []string { + return []string{ + LayerAvailabilityAvailable, + LayerAvailabilityUnavailable, + } +} + const ( // LayerFailureCodeInvalidLayerDigest is a LayerFailureCode enum value LayerFailureCodeInvalidLayerDigest = "InvalidLayerDigest" @@ -8611,6 +9121,14 @@ const ( LayerFailureCodeMissingLayerDigest = "MissingLayerDigest" ) +// LayerFailureCode_Values returns all elements of the LayerFailureCode enum +func LayerFailureCode_Values() []string { + return []string{ + LayerFailureCodeInvalidLayerDigest, + LayerFailureCodeMissingLayerDigest, + } +} + const ( // LifecyclePolicyPreviewStatusInProgress is a LifecyclePolicyPreviewStatus enum value LifecyclePolicyPreviewStatusInProgress = "IN_PROGRESS" @@ -8625,6 +9143,16 @@ const ( LifecyclePolicyPreviewStatusFailed = "FAILED" ) +// LifecyclePolicyPreviewStatus_Values returns all elements of the LifecyclePolicyPreviewStatus enum +func LifecyclePolicyPreviewStatus_Values() []string { + return []string{ + LifecyclePolicyPreviewStatusInProgress, + LifecyclePolicyPreviewStatusComplete, + LifecyclePolicyPreviewStatusExpired, + LifecyclePolicyPreviewStatusFailed, + } +} + const ( // ScanStatusInProgress is a ScanStatus enum value ScanStatusInProgress = "IN_PROGRESS" @@ -8636,6 +9164,15 @@ const ( ScanStatusFailed = "FAILED" ) +// ScanStatus_Values returns all elements of the ScanStatus enum +func ScanStatus_Values() []string { + return []string{ + ScanStatusInProgress, + ScanStatusComplete, + ScanStatusFailed, + } +} + const ( // TagStatusTagged is a TagStatus enum value TagStatusTagged = "TAGGED" @@ -8646,3 +9183,12 @@ const ( // TagStatusAny is a TagStatus enum value TagStatusAny = "ANY" ) + +// TagStatus_Values returns all elements of the TagStatus enum +func TagStatus_Values() []string { + return []string{ + TagStatusTagged, + TagStatusUntagged, + TagStatusAny, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/doc.go b/vendor/github.com/aws/aws-sdk-go/service/ecr/doc.go index d970974bcda6..3c3843ae3e57 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecr/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/doc.go @@ -3,12 +3,13 @@ // Package ecr provides the client and types for making API // requests to Amazon EC2 Container Registry. // -// Amazon Elastic Container Registry (Amazon ECR) is a managed Docker registry -// service. Customers can use the familiar Docker CLI to push, pull, and manage -// images. Amazon ECR provides a secure, scalable, and reliable registry. Amazon -// ECR supports private Docker repositories with resource-based permissions +// Amazon Elastic Container Registry (Amazon ECR) is a managed container image +// registry service. Customers can use the familiar Docker CLI, or their preferred +// client, to push, pull, and manage images. Amazon ECR provides a secure, scalable, +// and reliable registry for your Docker or Open Container Initiative (OCI) +// images. Amazon ECR supports private repositories with resource-based permissions // using IAM so that specific users or Amazon EC2 instances can access repositories -// and images. Developers can use the Docker CLI to author and manage images. +// and images. // // See https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21 for more information on this service. // diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go b/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go index 732d865bf404..8191013264f1 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go @@ -21,6 +21,13 @@ const ( // the manifest or image tag after the last push. ErrCodeImageAlreadyExistsException = "ImageAlreadyExistsException" + // ErrCodeImageDigestDoesNotMatchException for service response error code + // "ImageDigestDoesNotMatchException". + // + // The specified image digest does not match the digest that Amazon ECR calculated + // for the image. + ErrCodeImageDigestDoesNotMatchException = "ImageDigestDoesNotMatchException" + // ErrCodeImageNotFoundException for service response error code // "ImageNotFoundException". // @@ -63,6 +70,12 @@ const ( // characters. ErrCodeInvalidTagParameterException = "InvalidTagParameterException" + // ErrCodeKmsException for service response error code + // "KmsException". + // + // The operation failed due to a KMS exception. + ErrCodeKmsException = "KmsException" + // ErrCodeLayerAlreadyExistsException for service response error code // "LayerAlreadyExistsException". // @@ -98,8 +111,8 @@ const ( // ErrCodeLifecyclePolicyPreviewInProgressException for service response error code // "LifecyclePolicyPreviewInProgressException". // - // The previous lifecycle policy preview request has not completed. Please try - // again later. + // The previous lifecycle policy preview request has not completed. Wait and + // try again. ErrCodeLifecyclePolicyPreviewInProgressException = "LifecyclePolicyPreviewInProgressException" // ErrCodeLifecyclePolicyPreviewNotFoundException for service response error code @@ -112,11 +125,16 @@ const ( // "LimitExceededException". // // The operation did not succeed because it would have exceeded a service limit - // for your account. For more information, see Amazon ECR Default Service Limits - // (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) + // for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. ErrCodeLimitExceededException = "LimitExceededException" + // ErrCodeReferencedImagesNotFoundException for service response error code + // "ReferencedImagesNotFoundException". + // + // The manifest list is referencing an image that does not exist. + ErrCodeReferencedImagesNotFoundException = "ReferencedImagesNotFoundException" + // ErrCodeRepositoryAlreadyExistsException for service response error code // "RepositoryAlreadyExistsException". // @@ -164,10 +182,16 @@ const ( // of tags that can be applied to a repository is 50. ErrCodeTooManyTagsException = "TooManyTagsException" + // ErrCodeUnsupportedImageTypeException for service response error code + // "UnsupportedImageTypeException". + // + // The image is of a type that cannot be scanned. + ErrCodeUnsupportedImageTypeException = "UnsupportedImageTypeException" + // ErrCodeUploadNotFoundException for service response error code // "UploadNotFoundException". // - // The upload could not be found, or the specified upload id is not valid for + // The upload could not be found, or the specified upload ID is not valid for // this repository. ErrCodeUploadNotFoundException = "UploadNotFoundException" ) @@ -175,12 +199,14 @@ const ( var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "EmptyUploadException": newErrorEmptyUploadException, "ImageAlreadyExistsException": newErrorImageAlreadyExistsException, + "ImageDigestDoesNotMatchException": newErrorImageDigestDoesNotMatchException, "ImageNotFoundException": newErrorImageNotFoundException, "ImageTagAlreadyExistsException": newErrorImageTagAlreadyExistsException, "InvalidLayerException": newErrorInvalidLayerException, "InvalidLayerPartException": newErrorInvalidLayerPartException, "InvalidParameterException": newErrorInvalidParameterException, "InvalidTagParameterException": newErrorInvalidTagParameterException, + "KmsException": newErrorKmsException, "LayerAlreadyExistsException": newErrorLayerAlreadyExistsException, "LayerInaccessibleException": newErrorLayerInaccessibleException, "LayerPartTooSmallException": newErrorLayerPartTooSmallException, @@ -189,6 +215,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "LifecyclePolicyPreviewInProgressException": newErrorLifecyclePolicyPreviewInProgressException, "LifecyclePolicyPreviewNotFoundException": newErrorLifecyclePolicyPreviewNotFoundException, "LimitExceededException": newErrorLimitExceededException, + "ReferencedImagesNotFoundException": newErrorReferencedImagesNotFoundException, "RepositoryAlreadyExistsException": newErrorRepositoryAlreadyExistsException, "RepositoryNotEmptyException": newErrorRepositoryNotEmptyException, "RepositoryNotFoundException": newErrorRepositoryNotFoundException, @@ -196,5 +223,6 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "ScanNotFoundException": newErrorScanNotFoundException, "ServerException": newErrorServerException, "TooManyTagsException": newErrorTooManyTagsException, + "UnsupportedImageTypeException": newErrorUnsupportedImageTypeException, "UploadNotFoundException": newErrorUploadNotFoundException, } diff --git a/vendor/github.com/aws/aws-sdk-go/service/elb/api.go b/vendor/github.com/aws/aws-sdk-go/service/elb/api.go index c2e93fa72d33..00eba43323ab 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elb/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elb/api.go @@ -64,7 +64,7 @@ func (c *ELB) AddTagsRequest(input *AddTagsInput) (req *request.Request, output // Each tag consists of a key and an optional value. If a tag with the same // key is already associated with the load balancer, AddTags updates its value. // -// For more information, see Tag Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/add-remove-tags.html) +// For more information, see Tag Your Classic Load Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/add-remove-tags.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -155,7 +155,7 @@ func (c *ELB) ApplySecurityGroupsToLoadBalancerRequest(input *ApplySecurityGroup // private cloud (VPC). The specified security groups override the previously // associated security groups. // -// For more information, see Security Groups for Load Balancers in a VPC (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-groups.html#elb-vpc-security-groups) +// For more information, see Security Groups for Load Balancers in a VPC (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-groups.html#elb-vpc-security-groups) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -246,7 +246,7 @@ func (c *ELB) AttachLoadBalancerToSubnetsRequest(input *AttachLoadBalancerToSubn // // The load balancer evenly distributes requests across all registered subnets. // For more information, see Add or Remove Subnets for Your Load Balancer in -// a VPC (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-manage-subnets.html) +// a VPC (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-manage-subnets.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -339,7 +339,7 @@ func (c *ELB) ConfigureHealthCheckRequest(input *ConfigureHealthCheckInput) (req // of your EC2 instances. // // For more information, see Configure Health Checks for Your Load Balancer -// (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-healthchecks.html) +// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-healthchecks.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -433,7 +433,7 @@ func (c *ELB) CreateAppCookieStickinessPolicyRequest(input *CreateAppCookieStick // If the application cookie is explicitly removed or expires, the session stops // being sticky until a new application cookie is issued. // -// For more information, see Application-Controlled Session Stickiness (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-application) +// For more information, see Application-Controlled Session Stickiness (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-application) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -538,7 +538,7 @@ func (c *ELB) CreateLBCookieStickinessPolicyRequest(input *CreateLBCookieStickin // the same user to that server. The validity of the cookie is based on the // cookie expiration time, which is specified in the policy configuration. // -// For more information, see Duration-Based Session Stickiness (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-duration) +// For more information, see Duration-Based Session Stickiness (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-duration) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -638,7 +638,7 @@ func (c *ELB) CreateLoadBalancerRequest(input *CreateLoadBalancerInput) (req *re // // You can create up to 20 load balancers per region per account. You can request // an increase for the number of load balancers for your account. For more information, -// see Limits for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-limits.html) +// see Limits for Your Classic Load Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-limits.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -762,7 +762,7 @@ func (c *ELB) CreateLoadBalancerListenersRequest(input *CreateLoadBalancerListen // the properties of the new listener must match the properties of the existing // listener. // -// For more information, see Listeners for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html) +// For more information, see Listeners for Your Classic Load Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1209,7 +1209,7 @@ func (c *ELB) DeregisterInstancesFromLoadBalancerRequest(input *DeregisterInstan // You can use DescribeLoadBalancers to verify that the instance is deregistered // from the load balancer. // -// For more information, see Register or De-Register EC2 Instances (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-deregister-register-instances.html) +// For more information, see Register or De-Register EC2 Instances (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-deregister-register-instances.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1295,7 +1295,7 @@ func (c *ELB) DescribeAccountLimitsRequest(input *DescribeAccountLimitsInput) (r // Describes the current Elastic Load Balancing resource limits for your AWS // account. // -// For more information, see Limits for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-limits.html) +// For more information, see Limits for Your Classic Load Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-limits.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2037,7 +2037,7 @@ func (c *ELB) DisableAvailabilityZonesForLoadBalancerRequest(input *DisableAvail // the OutOfService state. Then, the load balancer attempts to equally balance // the traffic among its remaining Availability Zones. // -// For more information, see Add or Remove Availability Zones (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-az.html) +// For more information, see Add or Remove Availability Zones (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-az.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2127,7 +2127,7 @@ func (c *ELB) EnableAvailabilityZonesForLoadBalancerRequest(input *EnableAvailab // // The load balancer evenly distributes requests across all its registered Availability // Zones that contain instances. For more information, see Add or Remove Availability -// Zones (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-az.html) +// Zones (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-az.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2216,13 +2216,13 @@ func (c *ELB) ModifyLoadBalancerAttributesRequest(input *ModifyLoadBalancerAttri // // For more information, see the following in the Classic Load Balancers Guide: // -// * Cross-Zone Load Balancing (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) +// * Cross-Zone Load Balancing (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) // -// * Connection Draining (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) +// * Connection Draining (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) // -// * Access Logs (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/access-log-collection.html) +// * Access Logs (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/access-log-collection.html) // -// * Idle Connection Timeout (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) +// * Idle Connection Timeout (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2328,7 +2328,7 @@ func (c *ELB) RegisterInstancesWithLoadBalancerRequest(input *RegisterInstancesW // // To deregister instances from a load balancer, use DeregisterInstancesFromLoadBalancer. // -// For more information, see Register or De-Register EC2 Instances (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-deregister-register-instances.html) +// For more information, see Register or De-Register EC2 Instances (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-deregister-register-instances.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2497,7 +2497,7 @@ func (c *ELB) SetLoadBalancerListenerSSLCertificateRequest(input *SetLoadBalance // the same load balancer and port. // // For more information about updating your SSL certificate, see Replace the -// SSL Certificate for Your Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-update-ssl-cert.html) +// SSL Certificate for Your Load Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-update-ssl-cert.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2605,9 +2605,9 @@ func (c *ELB) SetLoadBalancerPoliciesForBackendServerRequest(input *SetLoadBalan // that the policy is associated with the EC2 instance. // // For more information about enabling back-end instance authentication, see -// Configure Back-end Instance Authentication (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html#configure_backendauth_clt) +// Configure Back-end Instance Authentication (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html#configure_backendauth_clt) // in the Classic Load Balancers Guide. For more information about Proxy Protocol, -// see Configure Proxy Protocol Support (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-proxy-protocol.html) +// see Configure Proxy Protocol Support (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-proxy-protocol.html) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2700,9 +2700,9 @@ func (c *ELB) SetLoadBalancerPoliciesOfListenerRequest(input *SetLoadBalancerPol // To enable back-end server authentication, use SetLoadBalancerPoliciesForBackendServer. // // For more information about setting policies, see Update the SSL Negotiation -// Configuration (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-config-update.html), -// Duration-Based Session Stickiness (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-duration), -// and Application-Controlled Session Stickiness (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-application) +// Configuration (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-config-update.html), +// Duration-Based Session Stickiness (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-duration), +// and Application-Controlled Session Stickiness (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-application) // in the Classic Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2899,14 +2899,20 @@ func (s AddTagsOutput) GoString() string { return s.String() } -// This data type is reserved. +// Information about additional load balancer attributes. type AdditionalAttribute struct { _ struct{} `type:"structure"` - // This parameter is reserved. + // The name of the attribute. + // + // The following attribute is supported. + // + // * elb.http.desyncmitigationmode - Determines how the load balancer handles + // requests that might pose a security risk to your application. The possible + // values are monitor, defensive, and strictest. The default is defensive. Key *string `type:"string"` - // This parameter is reserved. + // This value of the attribute. Value *string `type:"string"` } @@ -3509,7 +3515,7 @@ type CreateLoadBalancerInput struct { // The listeners. // - // For more information, see Listeners for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html) + // For more information, see Listeners for Your Classic Load Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html) // in the Classic Load Balancers Guide. // // Listeners is a required field @@ -3529,7 +3535,7 @@ type CreateLoadBalancerInput struct { // By default, Elastic Load Balancing creates an Internet-facing load balancer // with a DNS name that resolves to public IP addresses. For more information // about Internet-facing and Internal load balancers, see Load Balancer Scheme - // (http://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/how-elastic-load-balancing-works.html#load-balancer-scheme) + // (https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/how-elastic-load-balancing-works.html#load-balancer-scheme) // in the Elastic Load Balancing User Guide. // // Specify internal to create a load balancer with a DNS name that resolves @@ -3546,7 +3552,7 @@ type CreateLoadBalancerInput struct { // A list of tags to assign to the load balancer. // // For more information about tagging your load balancer, see Tag Your Classic - // Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/add-remove-tags.html) + // Load Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/add-remove-tags.html) // in the Classic Load Balancers Guide. Tags []*Tag `min:"1" type:"list"` } @@ -5166,7 +5172,7 @@ func (s *Limit) SetName(v string) *Limit { // Information about a listener. // // For information about the protocols and the ports supported by Elastic Load -// Balancing, see Listeners for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html) +// Balancing, see Listeners for Your Classic Load Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html) // in the Classic Load Balancers Guide. type Listener struct { _ struct{} `type:"structure"` @@ -5179,8 +5185,9 @@ type Listener struct { // The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or // SSL. // - // If the front-end protocol is HTTP, HTTPS, TCP, or SSL, InstanceProtocol must - // be at the same protocol. + // If the front-end protocol is TCP or SSL, the back-end protocol must be TCP + // or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol + // must be HTTP or HTTPS. // // If there is another listener with the same InstancePort whose InstanceProtocol // is secure, (HTTPS or SSL), the listener's InstanceProtocol must also be secure. @@ -5308,17 +5315,17 @@ type LoadBalancerAttributes struct { // If enabled, the load balancer captures detailed information of all requests // and delivers the information to the Amazon S3 bucket that you specify. // - // For more information, see Enable Access Logs (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html) + // For more information, see Enable Access Logs (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html) // in the Classic Load Balancers Guide. AccessLog *AccessLog `type:"structure"` - // This parameter is reserved. + // Any additional attributes. AdditionalAttributes []*AdditionalAttribute `type:"list"` // If enabled, the load balancer allows existing requests to complete before // the load balancer shifts traffic away from a deregistered or unhealthy instance. // - // For more information, see Configure Connection Draining (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) + // For more information, see Configure Connection Draining (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) // in the Classic Load Balancers Guide. ConnectionDraining *ConnectionDraining `type:"structure"` @@ -5327,14 +5334,14 @@ type LoadBalancerAttributes struct { // // By default, Elastic Load Balancing maintains a 60-second idle connection // timeout for both front-end and back-end connections of your load balancer. - // For more information, see Configure Idle Connection Timeout (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) + // For more information, see Configure Idle Connection Timeout (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) // in the Classic Load Balancers Guide. ConnectionSettings *ConnectionSettings `type:"structure"` // If enabled, the load balancer routes the request traffic evenly across all // instances regardless of the Availability Zones. // - // For more information, see Configure Cross-Zone Load Balancing (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) + // For more information, see Configure Cross-Zone Load Balancing (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) // in the Classic Load Balancers Guide. CrossZoneLoadBalancing *CrossZoneLoadBalancing `type:"structure"` } @@ -5421,7 +5428,7 @@ type LoadBalancerDescription struct { // The DNS name of the load balancer. // - // For more information, see Configure a Custom Domain Name (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/using-domain-names-with-elb.html) + // For more information, see Configure a Custom Domain Name (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/using-domain-names-with-elb.html) // in the Classic Load Balancers Guide. CanonicalHostedZoneName *string `type:"string"` diff --git a/vendor/github.com/aws/aws-sdk-go/service/elb/doc.go b/vendor/github.com/aws/aws-sdk-go/service/elb/doc.go index 0b93ed4740be..5fa8e5154e58 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elb/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elb/doc.go @@ -15,7 +15,7 @@ // Elastic Load Balancing supports three types of load balancers: Application // Load Balancers, Network Load Balancers, and Classic Load Balancers. You can // select a load balancer based on your application needs. For more information, -// see the Elastic Load Balancing User Guide (http://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/). +// see the Elastic Load Balancing User Guide (https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/). // // This reference covers the 2012-06-01 API, which supports Classic Load Balancers. // The 2015-12-01 API supports Application Load Balancers and Network Load Balancers. diff --git a/vendor/github.com/aws/aws-sdk-go/service/elbv2/api.go b/vendor/github.com/aws/aws-sdk-go/service/elbv2/api.go index 2e2c18c04bd5..254ddb44f5d1 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elbv2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elbv2/api.go @@ -155,8 +155,8 @@ func (c *ELBV2) AddTagsRequest(input *AddTagsInput) (req *request.Request, outpu // AddTags API operation for Elastic Load Balancing. // // Adds the specified tags to the specified Elastic Load Balancing resource. -// You can tag your Application Load Balancers, Network Load Balancers, and -// your target groups. +// You can tag your Application Load Balancers, Network Load Balancers, target +// groups, listeners, and rules. // // Each tag consists of a key and an optional value. If a resource already has // a tag with the same key, AddTags updates its value. @@ -325,6 +325,12 @@ func (c *ELBV2) CreateListenerRequest(input *CreateListenerInput) (req *request. // across all listeners. If a target group is used by multiple actions for a // load balancer, it is counted as only one use. // +// * ErrCodeALPNPolicyNotSupportedException "ALPNPolicyNotFound" +// The specified ALPN policy is not supported. +// +// * ErrCodeTooManyTagsException "TooManyTags" +// You've reached the limit on the number of tags per load balancer. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateListener func (c *ELBV2) CreateListener(input *CreateListenerInput) (*CreateListenerOutput, error) { req, out := c.CreateListenerRequest(input) @@ -530,6 +536,7 @@ func (c *ELBV2) CreateRuleRequest(input *CreateRuleInput) (req *request.Request, // Creates a rule for the specified listener. The listener must be associated // with an Application Load Balancer. // +// Each rule consists of a priority, one or more actions, and one or more conditions. // Rules are evaluated in priority order, from the lowest value to the highest // value. When the conditions for a rule are met, its actions are performed. // If the conditions for no rules are met, the actions for the default rule @@ -593,6 +600,9 @@ func (c *ELBV2) CreateRuleRequest(input *CreateRuleInput) (req *request.Request, // across all listeners. If a target group is used by multiple actions for a // load balancer, it is counted as only one use. // +// * ErrCodeTooManyTagsException "TooManyTags" +// You've reached the limit on the number of tags per load balancer. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateRule func (c *ELBV2) CreateRule(input *CreateRuleInput) (*CreateRuleOutput, error) { req, out := c.CreateRuleRequest(input) @@ -697,6 +707,9 @@ func (c *ELBV2) CreateTargetGroupRequest(input *CreateTargetGroupInput) (req *re // * ErrCodeInvalidConfigurationRequestException "InvalidConfigurationRequest" // The requested configuration is not valid. // +// * ErrCodeTooManyTagsException "TooManyTags" +// You've reached the limit on the number of tags per load balancer. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateTargetGroup func (c *ELBV2) CreateTargetGroup(input *CreateTargetGroupInput) (*CreateTargetGroupOutput, error) { req, out := c.CreateTargetGroupRequest(input) @@ -944,6 +957,8 @@ func (c *ELBV2) DeleteRuleRequest(input *DeleteRuleInput) (req *request.Request, // // Deletes the specified rule. // +// You can't delete the default rule. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1901,9 +1916,9 @@ func (c *ELBV2) DescribeTagsRequest(input *DescribeTagsInput) (req *request.Requ // DescribeTags API operation for Elastic Load Balancing. // -// Describes the tags for the specified resources. You can describe the tags -// for one or more Application Load Balancers, Network Load Balancers, and target -// groups. +// Describes the tags for the specified Elastic Load Balancing resources. You +// can describe the tags for one or more Application Load Balancers, Network +// Load Balancers, target groups, listeners, or rules. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2378,6 +2393,9 @@ func (c *ELBV2) ModifyListenerRequest(input *ModifyListenerInput) (req *request. // across all listeners. If a target group is used by multiple actions for a // load balancer, it is counted as only one use. // +// * ErrCodeALPNPolicyNotSupportedException "ALPNPolicyNotFound" +// The specified ALPN policy is not supported. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/ModifyListener func (c *ELBV2) ModifyListener(input *ModifyListenerInput) (*ModifyListenerOutput, error) { req, out := c.ModifyListenerRequest(input) @@ -3013,7 +3031,9 @@ func (c *ELBV2) RemoveTagsRequest(input *RemoveTagsInput) (req *request.Request, // RemoveTags API operation for Elastic Load Balancing. // -// Removes the specified tags from the specified Elastic Load Balancing resource. +// Removes the specified tags from the specified Elastic Load Balancing resources. +// You can remove the tags for one or more Application Load Balancers, Network +// Load Balancers, target groups, listeners, or rules. // // To list the current tags for your resources, use DescribeTags. // @@ -3426,6 +3446,9 @@ func (c *ELBV2) SetSubnetsWithContext(ctx aws.Context, input *SetSubnetsInput, o } // Information about an action. +// +// Each rule must include exactly one of the following types of actions: forward, +// fixed-response, or redirect, and it must be the last action to be performed. type Action struct { _ struct{} `type:"structure"` @@ -3449,9 +3472,7 @@ type Action struct { ForwardConfig *ForwardActionConfig `type:"structure"` // The order for the action. This value is required for rules with multiple - // actions. The action with the lowest value for order is performed first. The - // last action to be performed must be one of the following types of actions: - // a forward, fixed-response, or redirect. + // actions. The action with the lowest value for order is performed first. Order *int64 `min:"1" type:"integer"` // [Application Load Balancer] Information for creating a redirect action. Specify @@ -3647,7 +3668,7 @@ type AddTagsInput struct { // ResourceArns is a required field ResourceArns []*string `type:"list" required:"true"` - // The tags. Each resource can have a maximum of 10 tags. + // The tags. // // Tags is a required field Tags []*Tag `min:"1" type:"list" required:"true"` @@ -4036,6 +4057,9 @@ type AvailabilityZone struct { // a private IP address from the IPv4 range of the subnet. LoadBalancerAddresses []*LoadBalancerAddress `type:"list"` + // [Application Load Balancers on Outposts] The ID of the Outpost. + OutpostId *string `type:"string"` + // The ID of the subnet. You can specify one subnet per Availability Zone. SubnetId *string `type:"string"` @@ -4059,6 +4083,12 @@ func (s *AvailabilityZone) SetLoadBalancerAddresses(v []*LoadBalancerAddress) *A return s } +// SetOutpostId sets the OutpostId field's value. +func (s *AvailabilityZone) SetOutpostId(v string) *AvailabilityZone { + s.OutpostId = &v + return s +} + // SetSubnetId sets the SubnetId field's value. func (s *AvailabilityZone) SetSubnetId(v string) *AvailabilityZone { s.SubnetId = &v @@ -4143,6 +4173,23 @@ func (s *Cipher) SetPriority(v int64) *Cipher { type CreateListenerInput struct { _ struct{} `type:"structure"` + // [TLS listeners] The name of the Application-Layer Protocol Negotiation (ALPN) + // policy. You can specify one policy name. The following are the possible values: + // + // * HTTP1Only + // + // * HTTP2Only + // + // * HTTP2Optional + // + // * HTTP2Preferred + // + // * None + // + // For more information, see ALPN Policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#alpn-policies) + // in the Network Load Balancers Guide. + AlpnPolicy []*string `type:"list"` + // [HTTPS and TLS listeners] The default certificate for the listener. You must // provide exactly one certificate. Set CertificateArn to the certificate ARN // but do not set IsDefault. @@ -4150,25 +4197,7 @@ type CreateListenerInput struct { // To create a certificate list for the listener, use AddListenerCertificates. Certificates []*Certificate `type:"list"` - // The actions for the default rule. The rule must include one forward action - // or one or more fixed-response actions. - // - // If the action type is forward, you specify one or more target groups. The - // protocol of the target group must be HTTP or HTTPS for an Application Load - // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP - // for a Network Load Balancer. - // - // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate - // users through an identity provider that is OpenID Connect (OIDC) compliant. - // - // [HTTPS listeners] If the action type is authenticate-cognito, you authenticate - // users through the user pools supported by Amazon Cognito. - // - // [Application Load Balancer] If the action type is redirect, you redirect - // specified client requests from one URL to another. - // - // [Application Load Balancer] If the action type is fixed-response, you drop - // specified client requests and return a custom HTTP response. + // The actions for the default rule. // // DefaultActions is a required field DefaultActions []*Action `type:"list" required:"true"` @@ -4190,10 +4219,34 @@ type CreateListenerInput struct { // Protocol is a required field Protocol *string `type:"string" required:"true" enum:"ProtocolEnum"` - // [HTTPS and TLS listeners] The security policy that defines which ciphers - // and protocols are supported. The default is the current predefined security - // policy. + // [HTTPS and TLS listeners] The security policy that defines which protocols + // and ciphers are supported. The following are the possible values: + // + // * ELBSecurityPolicy-2016-08 + // + // * ELBSecurityPolicy-TLS-1-0-2015-04 + // + // * ELBSecurityPolicy-TLS-1-1-2017-01 + // + // * ELBSecurityPolicy-TLS-1-2-2017-01 + // + // * ELBSecurityPolicy-TLS-1-2-Ext-2018-06 + // + // * ELBSecurityPolicy-FS-2018-06 + // + // * ELBSecurityPolicy-FS-1-1-2019-08 + // + // * ELBSecurityPolicy-FS-1-2-2019-08 + // + // * ELBSecurityPolicy-FS-1-2-Res-2019-08 + // + // For more information, see Security Policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) + // in the Application Load Balancers Guide and Security Policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies) + // in the Network Load Balancers Guide. SslPolicy *string `type:"string"` + + // The tags to assign to the listener. + Tags []*Tag `min:"1" type:"list"` } // String returns the string representation @@ -4224,6 +4277,9 @@ func (s *CreateListenerInput) Validate() error { if s.Protocol == nil { invalidParams.Add(request.NewErrParamRequired("Protocol")) } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } if s.DefaultActions != nil { for i, v := range s.DefaultActions { if v == nil { @@ -4234,6 +4290,16 @@ func (s *CreateListenerInput) Validate() error { } } } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -4241,6 +4307,12 @@ func (s *CreateListenerInput) Validate() error { return nil } +// SetAlpnPolicy sets the AlpnPolicy field's value. +func (s *CreateListenerInput) SetAlpnPolicy(v []*string) *CreateListenerInput { + s.AlpnPolicy = v + return s +} + // SetCertificates sets the Certificates field's value. func (s *CreateListenerInput) SetCertificates(v []*Certificate) *CreateListenerInput { s.Certificates = v @@ -4277,6 +4349,12 @@ func (s *CreateListenerInput) SetSslPolicy(v string) *CreateListenerInput { return s } +// SetTags sets the Tags field's value. +func (s *CreateListenerInput) SetTags(v []*Tag) *CreateListenerInput { + s.Tags = v + return s +} + type CreateListenerOutput struct { _ struct{} `type:"structure"` @@ -4303,6 +4381,10 @@ func (s *CreateListenerOutput) SetListeners(v []*Listener) *CreateListenerOutput type CreateLoadBalancerInput struct { _ struct{} `type:"structure"` + // [Application Load Balancers on Outposts] The ID of the customer-owned address + // pool (CoIP pool). + CustomerOwnedIpv4Pool *string `type:"string"` + // [Application Load Balancers] The type of IP addresses used by the subnets // for your load balancer. The possible values are ipv4 (for IPv4 addresses) // and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must @@ -4341,6 +4423,11 @@ type CreateLoadBalancerInput struct { // [Application Load Balancers] You must specify subnets from at least two Availability // Zones. You cannot specify Elastic IP addresses for your subnets. // + // [Application Load Balancers on Outposts] You must specify one Outpost subnet. + // + // [Application Load Balancers on Local Zones] You can specify subnets from + // one or more Local Zones. + // // [Network Load Balancers] You can specify subnets from one or more Availability // Zones. You can specify one Elastic IP address per subnet if you need static // IP addresses for your internet-facing load balancer. For internal load balancers, @@ -4354,11 +4441,16 @@ type CreateLoadBalancerInput struct { // [Application Load Balancers] You must specify subnets from at least two Availability // Zones. // + // [Application Load Balancers on Outposts] You must specify one Outpost subnet. + // + // [Application Load Balancers on Local Zones] You can specify subnets from + // one or more Local Zones. + // // [Network Load Balancers] You can specify subnets from one or more Availability // Zones. Subnets []*string `type:"list"` - // One or more tags to assign to the load balancer. + // The tags to assign to the load balancer. Tags []*Tag `min:"1" type:"list"` // The type of load balancer. The default is application. @@ -4401,6 +4493,12 @@ func (s *CreateLoadBalancerInput) Validate() error { return nil } +// SetCustomerOwnedIpv4Pool sets the CustomerOwnedIpv4Pool field's value. +func (s *CreateLoadBalancerInput) SetCustomerOwnedIpv4Pool(v string) *CreateLoadBalancerInput { + s.CustomerOwnedIpv4Pool = &v + return s +} + // SetIpAddressType sets the IpAddressType field's value. func (s *CreateLoadBalancerInput) SetIpAddressType(v string) *CreateLoadBalancerInput { s.IpAddressType = &v @@ -4475,33 +4573,12 @@ func (s *CreateLoadBalancerOutput) SetLoadBalancers(v []*LoadBalancer) *CreateLo type CreateRuleInput struct { _ struct{} `type:"structure"` - // The actions. Each rule must include exactly one of the following types of - // actions: forward, fixed-response, or redirect, and it must be the last action - // to be performed. - // - // If the action type is forward, you specify one or more target groups. The - // protocol of the target group must be HTTP or HTTPS for an Application Load - // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP - // for a Network Load Balancer. - // - // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate - // users through an identity provider that is OpenID Connect (OIDC) compliant. - // - // [HTTPS listeners] If the action type is authenticate-cognito, you authenticate - // users through the user pools supported by Amazon Cognito. - // - // [Application Load Balancer] If the action type is redirect, you redirect - // specified client requests from one URL to another. - // - // [Application Load Balancer] If the action type is fixed-response, you drop - // specified client requests and return a custom HTTP response. + // The actions. // // Actions is a required field Actions []*Action `type:"list" required:"true"` - // The conditions. Each rule can include zero or one of the following conditions: - // http-request-method, host-header, path-pattern, and source-ip, and zero or - // more of the following conditions: http-header and query-string. + // The conditions. // // Conditions is a required field Conditions []*RuleCondition `type:"list" required:"true"` @@ -4515,6 +4592,9 @@ type CreateRuleInput struct { // // Priority is a required field Priority *int64 `min:"1" type:"integer" required:"true"` + + // The tags to assign to the rule. + Tags []*Tag `min:"1" type:"list"` } // String returns the string representation @@ -4545,6 +4625,9 @@ func (s *CreateRuleInput) Validate() error { if s.Priority != nil && *s.Priority < 1 { invalidParams.Add(request.NewErrParamMinValue("Priority", 1)) } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } if s.Actions != nil { for i, v := range s.Actions { if v == nil { @@ -4555,6 +4638,16 @@ func (s *CreateRuleInput) Validate() error { } } } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -4586,6 +4679,12 @@ func (s *CreateRuleInput) SetPriority(v int64) *CreateRuleInput { return s } +// SetTags sets the Tags field's value. +func (s *CreateRuleInput) SetTags(v []*Tag) *CreateRuleInput { + s.Tags = v + return s +} + type CreateRuleOutput struct { _ struct{} `type:"structure"` @@ -4624,8 +4723,12 @@ type CreateTargetGroupInput struct { // lambda, the default is 35 seconds. HealthCheckIntervalSeconds *int64 `min:"5" type:"integer"` - // [HTTP/HTTPS health checks] The ping path that is the destination on the targets - // for health checks. The default is /. + // [HTTP/HTTPS health checks] The destination for health checks on the targets. + // + // [HTTP1 or HTTP2 protocol version] The ping path. The default is /. + // + // [GRPC protocol version] The path of a custom health check method with the + // format /package.service/method. The default is /AWS.ALB/healthcheck. HealthCheckPath *string `min:"1" type:"string"` // The port the load balancer uses when performing health checks on targets. @@ -4654,8 +4757,8 @@ type CreateTargetGroupInput struct { // the default is 3. If the target type is lambda, the default is 5. HealthyThresholdCount *int64 `min:"2" type:"integer"` - // [HTTP/HTTPS health checks] The HTTP codes to use when checking for a successful - // response from a target. + // [HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for + // a successful response from a target. Matcher *Matcher `type:"structure"` // The name of the target group. @@ -4679,13 +4782,20 @@ type CreateTargetGroupInput struct { // function, this parameter does not apply. Protocol *string `type:"string" enum:"ProtocolEnum"` + // [HTTP/HTTPS protocol] The protocol version. Specify GRPC to send requests + // to targets using gRPC. Specify HTTP2 to send requests to targets using HTTP/2. + // The default is HTTP1, which sends requests to targets using HTTP/1.1. + ProtocolVersion *string `type:"string"` + + // The tags to assign to the target group. + Tags []*Tag `min:"1" type:"list"` + // The type of target that you must specify when registering targets with this // target group. You can't specify targets for a target group using more than // one target type. // // * instance - Targets are specified by instance ID. This is the default - // value. If the target group protocol is UDP or TCP_UDP, the target type - // must be instance. + // value. // // * ip - Targets are specified by IP address. You can specify IP addresses // from the subnets of the virtual private cloud (VPC) for the target group, @@ -4739,12 +4849,20 @@ func (s *CreateTargetGroupInput) Validate() error { if s.Port != nil && *s.Port < 1 { invalidParams.Add(request.NewErrParamMinValue("Port", 1)) } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } if s.UnhealthyThresholdCount != nil && *s.UnhealthyThresholdCount < 2 { invalidParams.Add(request.NewErrParamMinValue("UnhealthyThresholdCount", 2)) } - if s.Matcher != nil { - if err := s.Matcher.Validate(); err != nil { - invalidParams.AddNested("Matcher", err.(request.ErrInvalidParams)) + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } } } @@ -4820,6 +4938,18 @@ func (s *CreateTargetGroupInput) SetProtocol(v string) *CreateTargetGroupInput { return s } +// SetProtocolVersion sets the ProtocolVersion field's value. +func (s *CreateTargetGroupInput) SetProtocolVersion(v string) *CreateTargetGroupInput { + s.ProtocolVersion = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateTargetGroupInput) SetTags(v []*Tag) *CreateTargetGroupInput { + s.Tags = v + return s +} + // SetTargetType sets the TargetType field's value. func (s *CreateTargetGroupInput) SetTargetType(v string) *CreateTargetGroupInput { s.TargetType = &v @@ -5733,7 +5863,7 @@ type DescribeSSLPoliciesOutput struct { // Otherwise, this is null. NextMarker *string `type:"string"` - // Information about the policies. + // Information about the security policies. SslPolicies []*SslPolicy `type:"list"` } @@ -5762,7 +5892,8 @@ func (s *DescribeSSLPoliciesOutput) SetSslPolicies(v []*SslPolicy) *DescribeSSLP type DescribeTagsInput struct { _ struct{} `type:"structure"` - // The Amazon Resource Names (ARN) of the resources. + // The Amazon Resource Names (ARN) of the resources. You can specify up to 20 + // resources in a single call. // // ResourceArns is a required field ResourceArns []*string `type:"list" required:"true"` @@ -6338,6 +6469,10 @@ func (s *Limit) SetName(v string) *Limit { type Listener struct { _ struct{} `type:"structure"` + // [TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) + // policy. + AlpnPolicy []*string `type:"list"` + // [HTTPS or TLS listener] The default certificate for the listener. Certificates []*Certificate `type:"list"` @@ -6356,8 +6491,8 @@ type Listener struct { // The protocol for connections from clients to the load balancer. Protocol *string `type:"string" enum:"ProtocolEnum"` - // [HTTPS or TLS listener] The security policy that defines which ciphers and - // protocols are supported. The default is the current predefined security policy. + // [HTTPS or TLS listener] The security policy that defines which protocols + // and ciphers are supported. SslPolicy *string `type:"string"` } @@ -6371,6 +6506,12 @@ func (s Listener) GoString() string { return s.String() } +// SetAlpnPolicy sets the AlpnPolicy field's value. +func (s *Listener) SetAlpnPolicy(v []*string) *Listener { + s.AlpnPolicy = v + return s +} + // SetCertificates sets the Certificates field's value. func (s *Listener) SetCertificates(v []*Certificate) *Listener { s.Certificates = v @@ -6417,7 +6558,7 @@ func (s *Listener) SetSslPolicy(v string) *Listener { type LoadBalancer struct { _ struct{} `type:"structure"` - // The Availability Zones for the load balancer. + // The subnets for the load balancer. AvailabilityZones []*AvailabilityZone `type:"list"` // The ID of the Amazon Route 53 hosted zone associated with the load balancer. @@ -6426,6 +6567,10 @@ type LoadBalancer struct { // The date and time the load balancer was created. CreatedTime *time.Time `type:"timestamp"` + // [Application Load Balancers on Outposts] The ID of the customer-owned address + // pool. + CustomerOwnedIpv4Pool *string `type:"string"` + // The public DNS name of the load balancer. DNSName *string `type:"string"` @@ -6492,6 +6637,12 @@ func (s *LoadBalancer) SetCreatedTime(v time.Time) *LoadBalancer { return s } +// SetCustomerOwnedIpv4Pool sets the CustomerOwnedIpv4Pool field's value. +func (s *LoadBalancer) SetCustomerOwnedIpv4Pool(v string) *LoadBalancer { + s.CustomerOwnedIpv4Pool = &v + return s +} + // SetDNSName sets the DNSName field's value. func (s *LoadBalancer) SetDNSName(v string) *LoadBalancer { s.DNSName = &v @@ -6617,12 +6768,18 @@ type LoadBalancerAttribute struct { // * idle_timeout.timeout_seconds - The idle timeout value, in seconds. The // valid range is 1-4000 seconds. The default is 60 seconds. // + // * routing.http.desync_mitigation_mode - Determines how the load balancer + // handles requests that might pose a security risk to your application. + // The possible values are monitor, defensive, and strictest. The default + // is defensive. + // // * routing.http.drop_invalid_header_fields.enabled - Indicates whether // HTTP headers with invalid header fields are removed by the load balancer // (true) or routed to targets (false). The default is false. // // * routing.http2.enabled - Indicates whether HTTP/2 is enabled. The value - // is true or false. The default is true. + // is true or false. The default is true. Elastic Load Balancing requires + // that message header names contain only alphanumeric characters and hyphens. // // The following attributes are supported by only Network Load Balancers: // @@ -6691,20 +6848,23 @@ func (s *LoadBalancerState) SetReason(v string) *LoadBalancerState { return s } -// Information to use when checking for a successful response from a target. +// The codes to use when checking for a successful response from a target. If +// the protocol version is gRPC, these are gRPC codes. Otherwise, these are +// HTTP codes. type Matcher struct { _ struct{} `type:"structure"` - // The HTTP codes. - // + // You can specify values between 0 and 99. You can specify multiple values + // (for example, "0,1") or a range of values (for example, "0-5"). The default + // value is 12. + GrpcCode *string `type:"string"` + // For Application Load Balancers, you can specify values between 200 and 499, // and the default value is 200. You can specify multiple values (for example, // "200,202") or a range of values (for example, "200-299"). // - // For Network Load Balancers, this is 200–399. - // - // HttpCode is a required field - HttpCode *string `type:"string" required:"true"` + // For Network Load Balancers, this is "200–399". + HttpCode *string `type:"string"` } // String returns the string representation @@ -6717,17 +6877,10 @@ func (s Matcher) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *Matcher) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "Matcher"} - if s.HttpCode == nil { - invalidParams.Add(request.NewErrParamRequired("HttpCode")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetGrpcCode sets the GrpcCode field's value. +func (s *Matcher) SetGrpcCode(v string) *Matcher { + s.GrpcCode = &v + return s } // SetHttpCode sets the HttpCode field's value. @@ -6739,6 +6892,23 @@ func (s *Matcher) SetHttpCode(v string) *Matcher { type ModifyListenerInput struct { _ struct{} `type:"structure"` + // [TLS listeners] The name of the Application-Layer Protocol Negotiation (ALPN) + // policy. You can specify one policy name. The following are the possible values: + // + // * HTTP1Only + // + // * HTTP2Only + // + // * HTTP2Optional + // + // * HTTP2Preferred + // + // * None + // + // For more information, see ALPN Policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#alpn-policies) + // in the Network Load Balancers Guide. + AlpnPolicy []*string `type:"list"` + // [HTTPS and TLS listeners] The default certificate for the listener. You must // provide exactly one certificate. Set CertificateArn to the certificate ARN // but do not set IsDefault. @@ -6746,25 +6916,7 @@ type ModifyListenerInput struct { // To create a certificate list, use AddListenerCertificates. Certificates []*Certificate `type:"list"` - // The actions for the default rule. The rule must include one forward action - // or one or more fixed-response actions. - // - // If the action type is forward, you specify one or more target groups. The - // protocol of the target group must be HTTP or HTTPS for an Application Load - // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP - // for a Network Load Balancer. - // - // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate - // users through an identity provider that is OpenID Connect (OIDC) compliant. - // - // [HTTPS listeners] If the action type is authenticate-cognito, you authenticate - // users through the user pools supported by Amazon Cognito. - // - // [Application Load Balancer] If the action type is redirect, you redirect - // specified client requests from one URL to another. - // - // [Application Load Balancer] If the action type is fixed-response, you drop - // specified client requests and return a custom HTTP response. + // The actions for the default rule. DefaultActions []*Action `type:"list"` // The Amazon Resource Name (ARN) of the listener. @@ -6781,8 +6933,29 @@ type ModifyListenerInput struct { Protocol *string `type:"string" enum:"ProtocolEnum"` // [HTTPS and TLS listeners] The security policy that defines which protocols - // and ciphers are supported. For more information, see Security Policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) - // in the Application Load Balancers Guide. + // and ciphers are supported. The following are the possible values: + // + // * ELBSecurityPolicy-2016-08 + // + // * ELBSecurityPolicy-TLS-1-0-2015-04 + // + // * ELBSecurityPolicy-TLS-1-1-2017-01 + // + // * ELBSecurityPolicy-TLS-1-2-2017-01 + // + // * ELBSecurityPolicy-TLS-1-2-Ext-2018-06 + // + // * ELBSecurityPolicy-FS-2018-06 + // + // * ELBSecurityPolicy-FS-1-1-2019-08 + // + // * ELBSecurityPolicy-FS-1-2-2019-08 + // + // * ELBSecurityPolicy-FS-1-2-Res-2019-08 + // + // For more information, see Security Policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) + // in the Application Load Balancers Guide and Security Policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies) + // in the Network Load Balancers Guide. SslPolicy *string `type:"string"` } @@ -6822,6 +6995,12 @@ func (s *ModifyListenerInput) Validate() error { return nil } +// SetAlpnPolicy sets the AlpnPolicy field's value. +func (s *ModifyListenerInput) SetAlpnPolicy(v []*string) *ModifyListenerInput { + s.AlpnPolicy = v + return s +} + // SetCertificates sets the Certificates field's value. func (s *ModifyListenerInput) SetCertificates(v []*Certificate) *ModifyListenerInput { s.Certificates = v @@ -6959,31 +7138,10 @@ func (s *ModifyLoadBalancerAttributesOutput) SetAttributes(v []*LoadBalancerAttr type ModifyRuleInput struct { _ struct{} `type:"structure"` - // The actions. Each rule must include exactly one of the following types of - // actions: forward, fixed-response, or redirect, and it must be the last action - // to be performed. - // - // If the action type is forward, you specify one or more target groups. The - // protocol of the target group must be HTTP or HTTPS for an Application Load - // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP - // for a Network Load Balancer. - // - // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate - // users through an identity provider that is OpenID Connect (OIDC) compliant. - // - // [HTTPS listeners] If the action type is authenticate-cognito, you authenticate - // users through the user pools supported by Amazon Cognito. - // - // [Application Load Balancer] If the action type is redirect, you redirect - // specified client requests from one URL to another. - // - // [Application Load Balancer] If the action type is fixed-response, you drop - // specified client requests and return a custom HTTP response. + // The actions. Actions []*Action `type:"list"` - // The conditions. Each rule can include zero or one of the following conditions: - // http-request-method, host-header, path-pattern, and source-ip, and zero or - // more of the following conditions: http-header and query-string. + // The conditions. Conditions []*RuleCondition `type:"list"` // The Amazon Resource Name (ARN) of the rule. @@ -7148,14 +7306,18 @@ type ModifyTargetGroupInput struct { HealthCheckEnabled *bool `type:"boolean"` // The approximate amount of time, in seconds, between health checks of an individual - // target. For Application Load Balancers, the range is 5 to 300 seconds. For - // Network Load Balancers, the supported values are 10 or 30 seconds. + // target. For HTTP and HTTPS health checks, the range is 5 to 300 seconds. + // For TPC health checks, the supported values are 10 or 30 seconds. // // With Network Load Balancers, you can't modify this setting. HealthCheckIntervalSeconds *int64 `min:"5" type:"integer"` - // [HTTP/HTTPS health checks] The ping path that is the destination for the - // health check request. + // [HTTP/HTTPS health checks] The destination for health checks on the targets. + // + // [HTTP1 or HTTP2 protocol version] The ping path. The default is /. + // + // [GRPC protocol version] The path of a custom health check method with the + // format /package.service/method. The default is /AWS.ALB/healthcheck. HealthCheckPath *string `min:"1" type:"string"` // The port the load balancer uses when performing health checks on targets. @@ -7179,8 +7341,8 @@ type ModifyTargetGroupInput struct { // an unhealthy target healthy. HealthyThresholdCount *int64 `min:"2" type:"integer"` - // [HTTP/HTTPS health checks] The HTTP codes to use when checking for a successful - // response from a target. + // [HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for + // a successful response from a target. // // With Network Load Balancers, you can't modify this setting. Matcher *Matcher `type:"structure"` @@ -7191,8 +7353,8 @@ type ModifyTargetGroupInput struct { TargetGroupArn *string `type:"string" required:"true"` // The number of consecutive health check failures required before considering - // the target unhealthy. For Network Load Balancers, this value must be the - // same as the healthy threshold count. + // the target unhealthy. For target groups with a protocol of TCP or TLS, this + // value must be the same as the healthy threshold count. UnhealthyThresholdCount *int64 `min:"2" type:"integer"` } @@ -7227,11 +7389,6 @@ func (s *ModifyTargetGroupInput) Validate() error { if s.UnhealthyThresholdCount != nil && *s.UnhealthyThresholdCount < 2 { invalidParams.Add(request.NewErrParamMinValue("UnhealthyThresholdCount", 2)) } - if s.Matcher != nil { - if err := s.Matcher.Validate(); err != nil { - invalidParams.AddNested("Matcher", err.(request.ErrInvalidParams)) - } - } if invalidParams.Len() > 0 { return invalidParams @@ -7551,10 +7708,6 @@ type RegisterTargetsInput struct { // The targets. // - // To register a target by instance ID, specify the instance ID. To register - // a target by IP address, specify the IP address. To register a Lambda function, - // specify the ARN of the Lambda function. - // // Targets is a required field Targets []*TargetDescription `type:"list" required:"true"` } @@ -7819,6 +7972,11 @@ func (s *Rule) SetRuleArn(v string) *Rule { } // Information about a condition for a rule. +// +// Each rule can optionally include up to one of each of the following conditions: +// http-request-method, host-header, path-pattern, and source-ip. Each rule +// can also optionally include one or more of each of the following conditions: +// http-header and query-string. type RuleCondition struct { _ struct{} `type:"structure"` @@ -7855,13 +8013,14 @@ type RuleCondition struct { // Information for a source IP condition. Specify only when Field is source-ip. SourceIpConfig *SourceIpConditionConfig `type:"structure"` - // The condition value. You can use Values if the rule contains only host-header - // and path-pattern conditions. Otherwise, you can use HostHeaderConfig for - // host-header conditions and PathPatternConfig for path-pattern conditions. + // The condition value. Specify only when Field is host-header or path-pattern. + // Alternatively, to specify multiple host names or multiple path patterns, + // use HostHeaderConfig or PathPatternConfig. // - // If Field is host-header, you can specify a single host name (for example, - // my.example.com). A host name is case insensitive, can be up to 128 characters - // in length, and can contain any of the following characters. + // If Field is host-header and you are not using HostHeaderConfig, you can specify + // a single host name (for example, my.example.com) in Values. A host name is + // case insensitive, can be up to 128 characters in length, and can contain + // any of the following characters. // // * A-Z, a-z, 0-9 // @@ -7871,9 +8030,10 @@ type RuleCondition struct { // // * ? (matches exactly 1 character) // - // If Field is path-pattern, you can specify a single path pattern (for example, - // /img/*). A path pattern is case-sensitive, can be up to 128 characters in - // length, and can contain any of the following characters. + // If Field is path-pattern and you are not using PathPatternConfig, you can + // specify a single path pattern (for example, /img/*) in Values. A path pattern + // is case-sensitive, can be up to 128 characters in length, and can contain + // any of the following characters. // // * A-Z, a-z, 0-9 // @@ -8285,7 +8445,7 @@ func (s *SetSubnetsInput) SetSubnets(v []*string) *SetSubnetsInput { type SetSubnetsOutput struct { _ struct{} `type:"structure"` - // Information about the subnet and Availability Zone. + // Information about the subnets. AvailabilityZones []*AvailabilityZone `type:"list"` } @@ -8598,7 +8758,7 @@ type TargetGroup struct { // target. HealthCheckIntervalSeconds *int64 `min:"5" type:"integer"` - // The destination for the health check request. + // The destination for health checks on the targets. HealthCheckPath *string `min:"1" type:"string"` // The port to use to connect with the target. @@ -8619,7 +8779,8 @@ type TargetGroup struct { // to this target group. LoadBalancerArns []*string `type:"list"` - // The HTTP codes to use when checking for a successful response from a target. + // The HTTP or gRPC codes to use when checking for a successful response from + // a target. Matcher *Matcher `type:"structure"` // The port on which the targets are listening. Not used if the target is a @@ -8629,6 +8790,10 @@ type TargetGroup struct { // The protocol to use for routing traffic to the targets. Protocol *string `type:"string" enum:"ProtocolEnum"` + // [HTTP/HTTPS protocol] The protocol version. The possible values are GRPC, + // HTTP1, and HTTP2. + ProtocolVersion *string `type:"string"` + // The Amazon Resource Name (ARN) of the target group. TargetGroupArn *string `type:"string"` @@ -8724,6 +8889,12 @@ func (s *TargetGroup) SetProtocol(v string) *TargetGroup { return s } +// SetProtocolVersion sets the ProtocolVersion field's value. +func (s *TargetGroup) SetProtocolVersion(v string) *TargetGroup { + s.ProtocolVersion = &v + return s +} + // SetTargetGroupArn sets the TargetGroupArn field's value. func (s *TargetGroup) SetTargetGroupArn(v string) *TargetGroup { s.TargetGroupArn = &v @@ -8760,8 +8931,8 @@ type TargetGroupAttribute struct { // The name of the attribute. // - // The following attribute is supported by both Application Load Balancers and - // Network Load Balancers: + // The following attributes are supported by both Application Load Balancers + // and Network Load Balancers: // // * deregistration_delay.timeout_seconds - The amount of time, in seconds, // for Elastic Load Balancing to wait before changing the state of a deregistering @@ -8769,24 +8940,25 @@ type TargetGroupAttribute struct { // value is 300 seconds. If the target is a Lambda function, this attribute // is not supported. // - // The following attributes are supported by Application Load Balancers if the - // target is not a Lambda function: + // * stickiness.enabled - Indicates whether sticky sessions are enabled. + // The value is true or false. The default is false. + // + // * stickiness.type - The type of sticky sessions. The possible values are + // lb_cookie for Application Load Balancers or source_ip for Network Load + // Balancers. + // + // The following attributes are supported only if the load balancer is an Application + // Load Balancer and the target is an instance or an IP address: // // * load_balancing.algorithm.type - The load balancing algorithm determines // how the load balancer selects targets when routing requests. The value // is round_robin or least_outstanding_requests. The default is round_robin. // // * slow_start.duration_seconds - The time period, in seconds, during which - // a newly registered target receives a linearly increasing share of the - // traffic to the target group. After this time period ends, the target receives - // its full share of traffic. The range is 30-900 seconds (15 minutes). Slow - // start mode is disabled by default. - // - // * stickiness.enabled - Indicates whether sticky sessions are enabled. - // The value is true or false. The default is false. - // - // * stickiness.type - The type of sticky sessions. The possible value is - // lb_cookie. + // a newly registered target receives an increasing share of the traffic + // to the target group. After this time period ends, the target receives + // its full share of traffic. The range is 30-900 seconds (15 minutes). The + // default is 0 seconds (disabled). // // * stickiness.lb_cookie.duration_seconds - The time period, in seconds, // during which requests from a client should be routed to the same target. @@ -8794,14 +8966,15 @@ type TargetGroupAttribute struct { // considered stale. The range is 1 second to 1 week (604800 seconds). The // default value is 1 day (86400 seconds). // - // The following attribute is supported only if the target is a Lambda function. + // The following attribute is supported only if the load balancer is an Application + // Load Balancer and the target is a Lambda function: // // * lambda.multi_value_headers.enabled - Indicates whether the request and - // response headers exchanged between the load balancer and the Lambda function - // include arrays of values or strings. The value is true or false. The default - // is false. If the value is false and the request contains a duplicate header - // field name or query parameter key, the load balancer uses the last value - // sent by the client. + // response headers that are exchanged between the load balancer and the + // Lambda function include arrays of values or strings. The value is true + // or false. The default is false. If the value is false and the request + // contains a duplicate header field name or query parameter key, the load + // balancer uses the last value sent by the client. // // The following attribute is supported only by Network Load Balancers: // @@ -9060,6 +9233,17 @@ const ( ActionTypeEnumFixedResponse = "fixed-response" ) +// ActionTypeEnum_Values returns all elements of the ActionTypeEnum enum +func ActionTypeEnum_Values() []string { + return []string{ + ActionTypeEnumForward, + ActionTypeEnumAuthenticateOidc, + ActionTypeEnumAuthenticateCognito, + ActionTypeEnumRedirect, + ActionTypeEnumFixedResponse, + } +} + const ( // AuthenticateCognitoActionConditionalBehaviorEnumDeny is a AuthenticateCognitoActionConditionalBehaviorEnum enum value AuthenticateCognitoActionConditionalBehaviorEnumDeny = "deny" @@ -9071,6 +9255,15 @@ const ( AuthenticateCognitoActionConditionalBehaviorEnumAuthenticate = "authenticate" ) +// AuthenticateCognitoActionConditionalBehaviorEnum_Values returns all elements of the AuthenticateCognitoActionConditionalBehaviorEnum enum +func AuthenticateCognitoActionConditionalBehaviorEnum_Values() []string { + return []string{ + AuthenticateCognitoActionConditionalBehaviorEnumDeny, + AuthenticateCognitoActionConditionalBehaviorEnumAllow, + AuthenticateCognitoActionConditionalBehaviorEnumAuthenticate, + } +} + const ( // AuthenticateOidcActionConditionalBehaviorEnumDeny is a AuthenticateOidcActionConditionalBehaviorEnum enum value AuthenticateOidcActionConditionalBehaviorEnumDeny = "deny" @@ -9082,6 +9275,15 @@ const ( AuthenticateOidcActionConditionalBehaviorEnumAuthenticate = "authenticate" ) +// AuthenticateOidcActionConditionalBehaviorEnum_Values returns all elements of the AuthenticateOidcActionConditionalBehaviorEnum enum +func AuthenticateOidcActionConditionalBehaviorEnum_Values() []string { + return []string{ + AuthenticateOidcActionConditionalBehaviorEnumDeny, + AuthenticateOidcActionConditionalBehaviorEnumAllow, + AuthenticateOidcActionConditionalBehaviorEnumAuthenticate, + } +} + const ( // IpAddressTypeIpv4 is a IpAddressType enum value IpAddressTypeIpv4 = "ipv4" @@ -9090,6 +9292,14 @@ const ( IpAddressTypeDualstack = "dualstack" ) +// IpAddressType_Values returns all elements of the IpAddressType enum +func IpAddressType_Values() []string { + return []string{ + IpAddressTypeIpv4, + IpAddressTypeDualstack, + } +} + const ( // LoadBalancerSchemeEnumInternetFacing is a LoadBalancerSchemeEnum enum value LoadBalancerSchemeEnumInternetFacing = "internet-facing" @@ -9098,6 +9308,14 @@ const ( LoadBalancerSchemeEnumInternal = "internal" ) +// LoadBalancerSchemeEnum_Values returns all elements of the LoadBalancerSchemeEnum enum +func LoadBalancerSchemeEnum_Values() []string { + return []string{ + LoadBalancerSchemeEnumInternetFacing, + LoadBalancerSchemeEnumInternal, + } +} + const ( // LoadBalancerStateEnumActive is a LoadBalancerStateEnum enum value LoadBalancerStateEnumActive = "active" @@ -9112,6 +9330,16 @@ const ( LoadBalancerStateEnumFailed = "failed" ) +// LoadBalancerStateEnum_Values returns all elements of the LoadBalancerStateEnum enum +func LoadBalancerStateEnum_Values() []string { + return []string{ + LoadBalancerStateEnumActive, + LoadBalancerStateEnumProvisioning, + LoadBalancerStateEnumActiveImpaired, + LoadBalancerStateEnumFailed, + } +} + const ( // LoadBalancerTypeEnumApplication is a LoadBalancerTypeEnum enum value LoadBalancerTypeEnumApplication = "application" @@ -9120,6 +9348,14 @@ const ( LoadBalancerTypeEnumNetwork = "network" ) +// LoadBalancerTypeEnum_Values returns all elements of the LoadBalancerTypeEnum enum +func LoadBalancerTypeEnum_Values() []string { + return []string{ + LoadBalancerTypeEnumApplication, + LoadBalancerTypeEnumNetwork, + } +} + const ( // ProtocolEnumHttp is a ProtocolEnum enum value ProtocolEnumHttp = "HTTP" @@ -9140,6 +9376,18 @@ const ( ProtocolEnumTcpUdp = "TCP_UDP" ) +// ProtocolEnum_Values returns all elements of the ProtocolEnum enum +func ProtocolEnum_Values() []string { + return []string{ + ProtocolEnumHttp, + ProtocolEnumHttps, + ProtocolEnumTcp, + ProtocolEnumTls, + ProtocolEnumUdp, + ProtocolEnumTcpUdp, + } +} + const ( // RedirectActionStatusCodeEnumHttp301 is a RedirectActionStatusCodeEnum enum value RedirectActionStatusCodeEnumHttp301 = "HTTP_301" @@ -9148,6 +9396,14 @@ const ( RedirectActionStatusCodeEnumHttp302 = "HTTP_302" ) +// RedirectActionStatusCodeEnum_Values returns all elements of the RedirectActionStatusCodeEnum enum +func RedirectActionStatusCodeEnum_Values() []string { + return []string{ + RedirectActionStatusCodeEnumHttp301, + RedirectActionStatusCodeEnumHttp302, + } +} + const ( // TargetHealthReasonEnumElbRegistrationInProgress is a TargetHealthReasonEnum enum value TargetHealthReasonEnumElbRegistrationInProgress = "Elb.RegistrationInProgress" @@ -9186,6 +9442,24 @@ const ( TargetHealthReasonEnumElbInternalError = "Elb.InternalError" ) +// TargetHealthReasonEnum_Values returns all elements of the TargetHealthReasonEnum enum +func TargetHealthReasonEnum_Values() []string { + return []string{ + TargetHealthReasonEnumElbRegistrationInProgress, + TargetHealthReasonEnumElbInitialHealthChecking, + TargetHealthReasonEnumTargetResponseCodeMismatch, + TargetHealthReasonEnumTargetTimeout, + TargetHealthReasonEnumTargetFailedHealthChecks, + TargetHealthReasonEnumTargetNotRegistered, + TargetHealthReasonEnumTargetNotInUse, + TargetHealthReasonEnumTargetDeregistrationInProgress, + TargetHealthReasonEnumTargetInvalidState, + TargetHealthReasonEnumTargetIpUnusable, + TargetHealthReasonEnumTargetHealthCheckDisabled, + TargetHealthReasonEnumElbInternalError, + } +} + const ( // TargetHealthStateEnumInitial is a TargetHealthStateEnum enum value TargetHealthStateEnumInitial = "initial" @@ -9206,6 +9480,18 @@ const ( TargetHealthStateEnumUnavailable = "unavailable" ) +// TargetHealthStateEnum_Values returns all elements of the TargetHealthStateEnum enum +func TargetHealthStateEnum_Values() []string { + return []string{ + TargetHealthStateEnumInitial, + TargetHealthStateEnumHealthy, + TargetHealthStateEnumUnhealthy, + TargetHealthStateEnumUnused, + TargetHealthStateEnumDraining, + TargetHealthStateEnumUnavailable, + } +} + const ( // TargetTypeEnumInstance is a TargetTypeEnum enum value TargetTypeEnumInstance = "instance" @@ -9216,3 +9502,12 @@ const ( // TargetTypeEnumLambda is a TargetTypeEnum enum value TargetTypeEnumLambda = "lambda" ) + +// TargetTypeEnum_Values returns all elements of the TargetTypeEnum enum +func TargetTypeEnum_Values() []string { + return []string{ + TargetTypeEnumInstance, + TargetTypeEnumIp, + TargetTypeEnumLambda, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/elbv2/errors.go b/vendor/github.com/aws/aws-sdk-go/service/elbv2/errors.go index fa10830ff9c2..3a9ab86f1b90 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elbv2/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elbv2/errors.go @@ -4,6 +4,12 @@ package elbv2 const ( + // ErrCodeALPNPolicyNotSupportedException for service response error code + // "ALPNPolicyNotFound". + // + // The specified ALPN policy is not supported. + ErrCodeALPNPolicyNotSupportedException = "ALPNPolicyNotFound" + // ErrCodeAllocationIdNotFoundException for service response error code // "AllocationIdNotFound". // diff --git a/vendor/github.com/aws/aws-sdk-go/service/kms/api.go b/vendor/github.com/aws/aws-sdk-go/service/kms/api.go index caa94ee95a63..8e2aae8e5d63 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/kms/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/kms/api.go @@ -179,7 +179,9 @@ func (c *KMS) ConnectCustomKeyStoreRequest(input *ConnectCustomKeyStoreInput) (r // at least one active HSM. To get the number of active HSMs in a cluster, use // the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) // operation. To add HSMs to the cluster, use the CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) -// operation. +// operation. Also, the kmsuser crypto user (https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser) +// (CU) must not be logged into the cluster. This prevents AWS KMS from using +// this account to log in. // // The connection process can take an extended amount of time to complete; up // to 20 minutes. This operation starts the connection process, but it does @@ -192,8 +194,7 @@ func (c *KMS) ConnectCustomKeyStoreRequest(input *ConnectCustomKeyStoreInput) (r // During the connection process, AWS KMS finds the AWS CloudHSM cluster that // is associated with the custom key store, creates the connection infrastructure, // connects to the cluster, logs into the AWS CloudHSM client as the kmsuser -// crypto user (https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser) -// (CU), and rotates its password. +// CU, and rotates its password. // // The ConnectCustomKeyStore operation might fail for various reasons. To find // the reason, use the DescribeCustomKeyStores operation and see the ConnectionErrorCode @@ -349,9 +350,9 @@ func (c *KMS) CreateAliasRequest(input *CreateAliasInput) (req *request.Request, // CreateAlias API operation for AWS Key Management Service. // // Creates a display name for a customer managed customer master key (CMK). -// You can use an alias to identify a CMK in cryptographic operations, such -// as Encrypt and GenerateDataKey. You can change the CMK associated with the -// alias at any time. +// You can use an alias to identify a CMK in cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations), +// such as Encrypt and GenerateDataKey. You can change the CMK associated with +// the alias at any time. // // Aliases are easier to remember than key IDs. They can also help to simplify // your applications. For example, if you use an alias in your code, you can @@ -398,11 +399,12 @@ func (c *KMS) CreateAliasRequest(input *CreateAliasInput) (req *request.Request, // a new alias with the desired name. // // * You can use an alias name or alias ARN to identify a CMK in AWS KMS -// cryptographic operations and in the DescribeKey operation. However, you -// cannot use alias names or alias ARNs in API operations that manage CMKs, -// such as DisableKey or GetKeyPolicy. For information about the valid CMK -// identifiers for each AWS KMS API operation, see the descriptions of the -// KeyId parameter in the API operation documentation. +// cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) +// and in the DescribeKey operation. However, you cannot use alias names +// or alias ARNs in API operations that manage CMKs, such as DisableKey or +// GetKeyPolicy. For information about the valid CMK identifiers for each +// AWS KMS API operation, see the descriptions of the KeyId parameter in +// the API operation documentation. // // Because an alias is not a property of a CMK, you can delete and change the // aliases of a CMK without affecting the CMK. Also, aliases do not appear in @@ -441,8 +443,8 @@ func (c *KMS) CreateAliasRequest(input *CreateAliasInput) (req *request.Request, // can be retried. // // * LimitExceededException -// The request was rejected because a limit was exceeded. For more information, -// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// The request was rejected because a quota was exceeded. For more information, +// see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // // * InvalidStateException @@ -692,8 +694,8 @@ func (c *KMS) CreateGrantRequest(input *CreateGrantInput) (req *request.Request, // principal to use the CMK when the conditions specified in the grant are met. // When setting permissions, grants are an alternative to key policies. // -// To create a grant that allows a cryptographic operation only when the request -// includes a particular encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context), +// To create a grant that allows a cryptographic operation (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) +// only when the request includes a particular encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context), // use the Constraints parameter. For details, see GrantConstraints. // // You can create grants on symmetric and asymmetric CMKs. However, if the grant @@ -763,8 +765,8 @@ func (c *KMS) CreateGrantRequest(input *CreateGrantInput) (req *request.Request, // The request was rejected because the specified grant token is not valid. // // * LimitExceededException -// The request was rejected because a limit was exceeded. For more information, -// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// The request was rejected because a quota was exceeded. For more information, +// see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // // * InvalidStateException @@ -851,7 +853,8 @@ func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, out // KMS unencrypted. To use the CMK, you must call AWS KMS. You can use a // symmetric CMK to encrypt and decrypt small amounts of data, but they are // typically used to generate data keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#data-keys) -// or data key pairs. For details, see GenerateDataKey and GenerateDataKeyPair. +// and data keys pairs (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#data-key-pairs). +// For details, see GenerateDataKey and GenerateDataKeyPair. // // * Asymmetric CMKs can contain an RSA key pair or an Elliptic Curve (ECC) // key pair. The private key in an asymmetric CMK never leaves AWS KMS unencrypted. @@ -932,8 +935,8 @@ func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, out // can be retried. // // * LimitExceededException -// The request was rejected because a limit was exceeded. For more information, -// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// The request was rejected because a quota was exceeded. For more information, +// see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // // * TagException @@ -1355,12 +1358,12 @@ func (c *KMS) DeleteCustomKeyStoreRequest(input *DeleteCustomKeyStoreInput) (req // The custom key store that you delete cannot contain any AWS KMS customer // master keys (CMKs) (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys). // Before deleting the key store, verify that you will never need to use any -// of the CMKs in the key store for any cryptographic operations. Then, use -// ScheduleKeyDeletion to delete the AWS KMS customer master keys (CMKs) from -// the key store. When the scheduled waiting period expires, the ScheduleKeyDeletion -// operation deletes the CMKs. Then it makes a best effort to delete the key -// material from the associated cluster. However, you might need to manually -// delete the orphaned key material (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key) +// of the CMKs in the key store for any cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations). +// Then, use ScheduleKeyDeletion to delete the AWS KMS customer master keys +// (CMKs) from the key store. When the scheduled waiting period expires, the +// ScheduleKeyDeletion operation deletes the CMKs. Then it makes a best effort +// to delete the key material from the associated cluster. However, you might +// need to manually delete the orphaned key material (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key) // from the cluster and its backups. // // After all CMKs are deleted from AWS KMS, use DisconnectCustomKeyStore to @@ -1842,8 +1845,8 @@ func (c *KMS) DisableKeyRequest(input *DisableKeyInput) (req *request.Request, o // DisableKey API operation for AWS Key Management Service. // // Sets the state of a customer master key (CMK) to disabled, thereby preventing -// its use for cryptographic operations. You cannot perform this operation on -// a CMK in a different AWS account. +// its use for cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations). +// You cannot perform this operation on a CMK in a different AWS account. // // For more information about how key state affects the use of a CMK, see How // Key State Affects the Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) @@ -2077,8 +2080,9 @@ func (c *KMS) DisconnectCustomKeyStoreRequest(input *DisconnectCustomKeyStoreInp // // While a custom key store is disconnected, all attempts to create customer // master keys (CMKs) in the custom key store or to use existing CMKs in cryptographic -// operations will fail. This action can prevent users from storing and accessing -// sensitive data. +// operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) +// will fail. This action can prevent users from storing and accessing sensitive +// data. // // To find the connection state of a custom key store, use the DescribeCustomKeyStores // operation. To reconnect a custom key store, use the ConnectCustomKeyStore @@ -2193,8 +2197,8 @@ func (c *KMS) EnableKeyRequest(input *EnableKeyInput) (req *request.Request, out // EnableKey API operation for AWS Key Management Service. // // Sets the key state of a customer master key (CMK) to enabled. This allows -// you to use the CMK for cryptographic operations. You cannot perform this -// operation on a CMK in a different AWS account. +// you to use the CMK for cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations). +// You cannot perform this operation on a CMK in a different AWS account. // // The CMK that you use for this operation must be in a compatible key state. // For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) @@ -2225,8 +2229,8 @@ func (c *KMS) EnableKeyRequest(input *EnableKeyInput) (req *request.Request, out // can be retried. // // * LimitExceededException -// The request was rejected because a limit was exceeded. For more information, -// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// The request was rejected because a quota was exceeded. For more information, +// see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // // * InvalidStateException @@ -2427,11 +2431,12 @@ func (c *KMS) EncryptRequest(input *EncryptInput) (req *request.Request, output // identifier or database password, or other sensitive information. // // * You can use the Encrypt operation to move encrypted data from one AWS -// region to another. In the first region, generate a data key and use the -// plaintext key to encrypt the data. Then, in the new region, call the Encrypt -// method on same plaintext data key. Now, you can safely move the encrypted -// data and encrypted data key to the new region, and decrypt in the new -// region when necessary. +// Region to another. For example, in Region A, generate a data key and use +// the plaintext key to encrypt your data. Then, in Region A, use the Encrypt +// operation to encrypt the plaintext data key under a CMK in Region B. Now, +// you can move the encrypted data and the encrypted data key to Region B. +// When necessary, you can decrypt the encrypted data key and the encrypted +// data entirely within in Region B. // // You don't need to use the Encrypt operation to encrypt a data key. The GenerateDataKey // and GenerateDataKeyPair operations return a plaintext data key and an encrypted @@ -2601,26 +2606,20 @@ func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request. // GenerateDataKey API operation for AWS Key Management Service. // -// Generates a unique symmetric data key. This operation returns a plaintext -// copy of the data key and a copy that is encrypted under a customer master -// key (CMK) that you specify. You can use the plaintext key to encrypt your -// data outside of AWS KMS and store the encrypted data key with the encrypted -// data. +// Generates a unique symmetric data key for client-side encryption. This operation +// returns a plaintext copy of the data key and a copy that is encrypted under +// a customer master key (CMK) that you specify. You can use the plaintext key +// to encrypt your data outside of AWS KMS and store the encrypted data key +// with the encrypted data. // // GenerateDataKey returns a unique data key for each request. The bytes in -// the key are not related to the caller or CMK that is used to encrypt the -// data key. +// the plaintext key are not related to the caller or the CMK. // // To generate a data key, specify the symmetric CMK that will be used to encrypt -// the data key. You cannot use an asymmetric CMK to generate data keys. -// -// You must also specify the length of the data key. Use either the KeySpec -// or NumberOfBytes parameters (but not both). For 128-bit and 256-bit data -// keys, use the KeySpec parameter. -// -// If the operation succeeds, the plaintext copy of the data key is in the Plaintext -// field of the response, and the encrypted copy of the data key in the CiphertextBlob -// field. +// the data key. You cannot use an asymmetric CMK to generate data keys. To +// get the type of your CMK, use the DescribeKey operation. You must also specify +// the length of the data key. Use either the KeySpec or NumberOfBytes parameters +// (but not both). For 128-bit and 256-bit data keys, use the KeySpec parameter. // // To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. // To generate an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext @@ -2637,24 +2636,32 @@ func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request. // For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // +// How to use your data key +// // We recommend that you use the following pattern to encrypt data locally in -// your application: +// your application. You can write your own code or use a client-side encryption +// library, such as the AWS Encryption SDK (https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/), +// the Amazon DynamoDB Encryption Client (https://docs.aws.amazon.com/dynamodb-encryption-client/latest/devguide/), +// or Amazon S3 client-side encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) +// to do these tasks for you. +// +// To encrypt data outside of AWS KMS: // -// Use the GenerateDataKey operation to get a data encryption key. +// Use the GenerateDataKey operation to get a data key. // -// Use the plaintext data key (returned in the Plaintext field of the response) -// to encrypt data locally, then erase the plaintext data key from memory. +// Use the plaintext data key (in the Plaintext field of the response) to encrypt +// your data outside of AWS KMS. Then erase the plaintext data key from memory. // -// Store the encrypted data key (returned in the CiphertextBlob field of the -// response) alongside the locally encrypted data. +// Store the encrypted data key (in the CiphertextBlob field of the response) +// with the encrypted data. // -// To decrypt data locally: +// To decrypt data outside of AWS KMS: // // Use the Decrypt operation to decrypt the encrypted data key. The operation // returns a plaintext copy of the data key. // -// Use the plaintext data key to decrypt data locally, then erase the plaintext -// data key from memory. +// Use the plaintext data key to decrypt data outside of AWS KMS, then erase +// the plaintext data key from memory. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2791,7 +2798,8 @@ func (c *KMS) GenerateDataKeyPairRequest(input *GenerateDataKeyPairInput) (req * // // To generate a data key pair, you must specify a symmetric customer master // key (CMK) to encrypt the private key in a data key pair. You cannot use an -// asymmetric CMK. To get the type of your CMK, use the DescribeKey operation. +// asymmetric CMK or a CMK in a custom key store. To get the type and origin +// of your CMK, use the DescribeKey operation. // // If you are using the data key pair to encrypt data, or for any operation // where you don't immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext @@ -2865,6 +2873,10 @@ func (c *KMS) GenerateDataKeyPairRequest(input *GenerateDataKeyPairInput) (req * // Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide . // +// * UnsupportedOperationException +// The request was rejected because a specified parameter is not supported or +// a specified resource is not valid for this operation. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyPair func (c *KMS) GenerateDataKeyPair(input *GenerateDataKeyPairInput) (*GenerateDataKeyPairOutput, error) { req, out := c.GenerateDataKeyPairRequest(input) @@ -2938,8 +2950,8 @@ func (c *KMS) GenerateDataKeyPairWithoutPlaintextRequest(input *GenerateDataKeyP // // To generate a data key pair, you must specify a symmetric customer master // key (CMK) to encrypt the private key in the data key pair. You cannot use -// an asymmetric CMK. To get the type of your CMK, use the KeySpec field in -// the DescribeKey response. +// an asymmetric CMK or a CMK in a custom key store. To get the type and origin +// of your CMK, use the KeySpec field in the DescribeKey response. // // You can use the public key that GenerateDataKeyPairWithoutPlaintext returns // to encrypt data or verify a signature outside of AWS KMS. Then, store the @@ -3015,6 +3027,10 @@ func (c *KMS) GenerateDataKeyPairWithoutPlaintextRequest(input *GenerateDataKeyP // Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide . // +// * UnsupportedOperationException +// The request was rejected because a specified parameter is not supported or +// a specified resource is not valid for this operation. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyPairWithoutPlaintext func (c *KMS) GenerateDataKeyPairWithoutPlaintext(input *GenerateDataKeyPairWithoutPlaintextInput) (*GenerateDataKeyPairWithoutPlaintextOutput, error) { req, out := c.GenerateDataKeyPairWithoutPlaintextRequest(input) @@ -3107,15 +3123,11 @@ func (c *KMS) GenerateDataKeyWithoutPlaintextRequest(input *GenerateDataKeyWitho // // To generate a data key, you must specify the symmetric customer master key // (CMK) that is used to encrypt the data key. You cannot use an asymmetric -// CMK to generate a data key. To get the type of your CMK, use the KeySpec -// field in the DescribeKey response. You must also specify the length of the -// data key using either the KeySpec or NumberOfBytes field (but not both). -// For common key lengths (128-bit and 256-bit symmetric keys), use the KeySpec -// parameter. +// CMK to generate a data key. To get the type of your CMK, use the DescribeKey +// operation. // -// If the operation succeeds, you will find the plaintext copy of the data key -// in the Plaintext field of the response, and the encrypted copy of the data -// key in the CiphertextBlob field. +// If the operation succeeds, you will find the encrypted copy of the data key +// in the CiphertextBlob field. // // You can use the optional encryption context to add additional security to // the encryption operation. If you specify an EncryptionContext, you must specify @@ -4079,7 +4091,7 @@ func (c *KMS) ListAliasesRequest(input *ListAliasesInput) (req *request.Request, // The response might also include aliases that have no TargetKeyId field. These // are predefined aliases that AWS has created but has not yet associated with // a CMK. Aliases that AWS creates in your account, including predefined aliases, -// do not count against your AWS KMS aliases limit (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit). +// do not count against your AWS KMS aliases quota (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4238,6 +4250,12 @@ func (c *KMS) ListGrantsRequest(input *ListGrantsInput) (req *request.Request, o // To perform this operation on a CMK in a different AWS account, specify the // key ARN in the value of the KeyId parameter. // +// The GranteePrincipal field in the ListGrants response usually contains the +// user or role designated as the grantee principal in the grant. However, when +// the grantee principal in the grant is an AWS service, the GranteePrincipal +// field contains the service principal (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services), +// which might represent several different grantee principals. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -4934,8 +4952,8 @@ func (c *KMS) PutKeyPolicyRequest(input *PutKeyPolicyInput) (req *request.Reques // can be retried. // // * LimitExceededException -// The request was rejected because a limit was exceeded. For more information, -// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// The request was rejected because a quota was exceeded. For more information, +// see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // // * InvalidStateException @@ -5017,13 +5035,15 @@ func (c *KMS) ReEncryptRequest(input *ReEncryptInput) (req *request.Request, out // is encrypted, such as when you manually rotate (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-manually) // a CMK or change the CMK that protects a ciphertext. You can also use it to // reencrypt ciphertext under the same CMK, such as to change the encryption -// context of a ciphertext. +// context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) +// of a ciphertext. // // The ReEncrypt operation can decrypt ciphertext that was encrypted by using // an AWS KMS CMK in an AWS KMS operation, such as Encrypt or GenerateDataKey. // It can also decrypt ciphertext that was encrypted by using the public key -// of an asymmetric CMK outside of AWS KMS. However, it cannot decrypt ciphertext -// produced by other libraries, such as the AWS Encryption SDK (https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/) +// of an asymmetric CMK (https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#asymmetric-cmks) +// outside of AWS KMS. However, it cannot decrypt ciphertext produced by other +// libraries, such as the AWS Encryption SDK (https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/) // or Amazon S3 client-side encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html). // These libraries return a ciphertext format that is incompatible with AWS // KMS. @@ -5058,17 +5078,16 @@ func (c *KMS) ReEncryptRequest(input *ReEncryptInput) (req *request.Request, out // // Unlike other AWS KMS API operations, ReEncrypt callers must have two permissions: // -// * kms:EncryptFrom permission on the source CMK -// -// * kms:EncryptTo permission on the destination CMK +// * kms:ReEncryptFrom permission on the source CMK // -// To permit reencryption from +// * kms:ReEncryptTo permission on the destination CMK // -// or to a CMK, include the "kms:ReEncrypt*" permission in your key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html). +// To permit reencryption from or to a CMK, include the "kms:ReEncrypt*" permission +// in your key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html). // This permission is automatically included in the key policy when you use // the console to create a CMK. But you must include it manually when you create -// a CMK programmatically or when you use the PutKeyPolicy operation set a key -// policy. +// a CMK programmatically or when you use the PutKeyPolicy operation to set +// a key policy. // // The CMK that you use for this operation must be in a compatible key state. // For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) @@ -5770,8 +5789,8 @@ func (c *KMS) TagResourceRequest(input *TagResourceInput) (req *request.Request, // in the AWS Key Management Service Developer Guide . // // * LimitExceededException -// The request was rejected because a limit was exceeded. For more information, -// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// The request was rejected because a quota was exceeded. For more information, +// see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // // * TagException @@ -5996,6 +6015,11 @@ func (c *KMS) UpdateAliasRequest(input *UpdateAliasInput) (req *request.Request, // The request was rejected because an internal exception occurred. The request // can be retried. // +// * LimitExceededException +// The request was rejected because a quota was exceeded. For more information, +// see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// in the AWS Key Management Service Developer Guide. +// // * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. @@ -6534,8 +6558,8 @@ func (s *AliasListEntry) SetTargetKeyId(v string) *AliasListEntry { // The request was rejected because it attempted to create a resource that already // exists. type AlreadyExistsException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -6552,17 +6576,17 @@ func (s AlreadyExistsException) GoString() string { func newErrorAlreadyExistsException(v protocol.ResponseMetadata) error { return &AlreadyExistsException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s AlreadyExistsException) Code() string { +func (s *AlreadyExistsException) Code() string { return "AlreadyExistsException" } // Message returns the exception's message. -func (s AlreadyExistsException) Message() string { +func (s *AlreadyExistsException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6570,22 +6594,22 @@ func (s AlreadyExistsException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s AlreadyExistsException) OrigErr() error { +func (s *AlreadyExistsException) OrigErr() error { return nil } -func (s AlreadyExistsException) Error() string { +func (s *AlreadyExistsException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s AlreadyExistsException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *AlreadyExistsException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s AlreadyExistsException) RequestID() string { - return s.respMetadata.RequestID +func (s *AlreadyExistsException) RequestID() string { + return s.RespMetadata.RequestID } type CancelKeyDeletionInput struct { @@ -6643,7 +6667,8 @@ func (s *CancelKeyDeletionInput) SetKeyId(v string) *CancelKeyDeletionInput { type CancelKeyDeletionOutput struct { _ struct{} `type:"structure"` - // The unique identifier of the master key for which deletion is canceled. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK whose deletion is canceled. KeyId *string `min:"1" type:"string"` } @@ -6672,8 +6697,8 @@ func (s *CancelKeyDeletionOutput) SetKeyId(v string) *CancelKeyDeletionOutput { // view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) // operation. type CloudHsmClusterInUseException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -6690,17 +6715,17 @@ func (s CloudHsmClusterInUseException) GoString() string { func newErrorCloudHsmClusterInUseException(v protocol.ResponseMetadata) error { return &CloudHsmClusterInUseException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s CloudHsmClusterInUseException) Code() string { +func (s *CloudHsmClusterInUseException) Code() string { return "CloudHsmClusterInUseException" } // Message returns the exception's message. -func (s CloudHsmClusterInUseException) Message() string { +func (s *CloudHsmClusterInUseException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6708,22 +6733,22 @@ func (s CloudHsmClusterInUseException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s CloudHsmClusterInUseException) OrigErr() error { +func (s *CloudHsmClusterInUseException) OrigErr() error { return nil } -func (s CloudHsmClusterInUseException) Error() string { +func (s *CloudHsmClusterInUseException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s CloudHsmClusterInUseException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *CloudHsmClusterInUseException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s CloudHsmClusterInUseException) RequestID() string { - return s.respMetadata.RequestID +func (s *CloudHsmClusterInUseException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the associated AWS CloudHSM cluster did @@ -6757,8 +6782,8 @@ func (s CloudHsmClusterInUseException) RequestID() string { // see Configure a Default Security Group (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) // in the AWS CloudHSM User Guide . type CloudHsmClusterInvalidConfigurationException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -6775,17 +6800,17 @@ func (s CloudHsmClusterInvalidConfigurationException) GoString() string { func newErrorCloudHsmClusterInvalidConfigurationException(v protocol.ResponseMetadata) error { return &CloudHsmClusterInvalidConfigurationException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s CloudHsmClusterInvalidConfigurationException) Code() string { +func (s *CloudHsmClusterInvalidConfigurationException) Code() string { return "CloudHsmClusterInvalidConfigurationException" } // Message returns the exception's message. -func (s CloudHsmClusterInvalidConfigurationException) Message() string { +func (s *CloudHsmClusterInvalidConfigurationException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6793,22 +6818,22 @@ func (s CloudHsmClusterInvalidConfigurationException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s CloudHsmClusterInvalidConfigurationException) OrigErr() error { +func (s *CloudHsmClusterInvalidConfigurationException) OrigErr() error { return nil } -func (s CloudHsmClusterInvalidConfigurationException) Error() string { +func (s *CloudHsmClusterInvalidConfigurationException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s CloudHsmClusterInvalidConfigurationException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *CloudHsmClusterInvalidConfigurationException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s CloudHsmClusterInvalidConfigurationException) RequestID() string { - return s.respMetadata.RequestID +func (s *CloudHsmClusterInvalidConfigurationException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the AWS CloudHSM cluster that is associated @@ -6817,8 +6842,8 @@ func (s CloudHsmClusterInvalidConfigurationException) RequestID() string { // (https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) // in the AWS CloudHSM User Guide. type CloudHsmClusterNotActiveException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -6835,17 +6860,17 @@ func (s CloudHsmClusterNotActiveException) GoString() string { func newErrorCloudHsmClusterNotActiveException(v protocol.ResponseMetadata) error { return &CloudHsmClusterNotActiveException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s CloudHsmClusterNotActiveException) Code() string { +func (s *CloudHsmClusterNotActiveException) Code() string { return "CloudHsmClusterNotActiveException" } // Message returns the exception's message. -func (s CloudHsmClusterNotActiveException) Message() string { +func (s *CloudHsmClusterNotActiveException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6853,30 +6878,30 @@ func (s CloudHsmClusterNotActiveException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s CloudHsmClusterNotActiveException) OrigErr() error { +func (s *CloudHsmClusterNotActiveException) OrigErr() error { return nil } -func (s CloudHsmClusterNotActiveException) Error() string { +func (s *CloudHsmClusterNotActiveException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s CloudHsmClusterNotActiveException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *CloudHsmClusterNotActiveException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s CloudHsmClusterNotActiveException) RequestID() string { - return s.respMetadata.RequestID +func (s *CloudHsmClusterNotActiveException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because AWS KMS cannot find the AWS CloudHSM cluster // with the specified cluster ID. Retry the request with a different cluster // ID. type CloudHsmClusterNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -6893,17 +6918,17 @@ func (s CloudHsmClusterNotFoundException) GoString() string { func newErrorCloudHsmClusterNotFoundException(v protocol.ResponseMetadata) error { return &CloudHsmClusterNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s CloudHsmClusterNotFoundException) Code() string { +func (s *CloudHsmClusterNotFoundException) Code() string { return "CloudHsmClusterNotFoundException" } // Message returns the exception's message. -func (s CloudHsmClusterNotFoundException) Message() string { +func (s *CloudHsmClusterNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6911,22 +6936,22 @@ func (s CloudHsmClusterNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s CloudHsmClusterNotFoundException) OrigErr() error { +func (s *CloudHsmClusterNotFoundException) OrigErr() error { return nil } -func (s CloudHsmClusterNotFoundException) Error() string { +func (s *CloudHsmClusterNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s CloudHsmClusterNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *CloudHsmClusterNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s CloudHsmClusterNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *CloudHsmClusterNotFoundException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the specified AWS CloudHSM cluster has a @@ -6942,8 +6967,8 @@ func (s CloudHsmClusterNotFoundException) RequestID() string { // view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) // operation. type CloudHsmClusterNotRelatedException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -6960,17 +6985,17 @@ func (s CloudHsmClusterNotRelatedException) GoString() string { func newErrorCloudHsmClusterNotRelatedException(v protocol.ResponseMetadata) error { return &CloudHsmClusterNotRelatedException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s CloudHsmClusterNotRelatedException) Code() string { +func (s *CloudHsmClusterNotRelatedException) Code() string { return "CloudHsmClusterNotRelatedException" } // Message returns the exception's message. -func (s CloudHsmClusterNotRelatedException) Message() string { +func (s *CloudHsmClusterNotRelatedException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -6978,22 +7003,22 @@ func (s CloudHsmClusterNotRelatedException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s CloudHsmClusterNotRelatedException) OrigErr() error { +func (s *CloudHsmClusterNotRelatedException) OrigErr() error { return nil } -func (s CloudHsmClusterNotRelatedException) Error() string { +func (s *CloudHsmClusterNotRelatedException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s CloudHsmClusterNotRelatedException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *CloudHsmClusterNotRelatedException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s CloudHsmClusterNotRelatedException) RequestID() string { - return s.respMetadata.RequestID +func (s *CloudHsmClusterNotRelatedException) RequestID() string { + return s.RespMetadata.RequestID } type ConnectCustomKeyStoreInput struct { @@ -7150,11 +7175,13 @@ type CreateCustomKeyStoreInput struct { // in the specified AWS CloudHSM cluster. AWS KMS logs into the cluster as this // user to manage key material on your behalf. // + // The password must be a string of 7 to 32 characters. Its value is case sensitive. + // // This parameter tells AWS KMS the kmsuser account password; it does not change // the password in the AWS CloudHSM cluster. // // KeyStorePassword is a required field - KeyStorePassword *string `min:"1" type:"string" required:"true" sensitive:"true"` + KeyStorePassword *string `min:"7" type:"string" required:"true" sensitive:"true"` // Enter the content of the trust anchor certificate for the cluster. This is // the content of the customerCA.crt file that you created when you initialized @@ -7192,8 +7219,8 @@ func (s *CreateCustomKeyStoreInput) Validate() error { if s.KeyStorePassword == nil { invalidParams.Add(request.NewErrParamRequired("KeyStorePassword")) } - if s.KeyStorePassword != nil && len(*s.KeyStorePassword) < 1 { - invalidParams.Add(request.NewErrParamMinLen("KeyStorePassword", 1)) + if s.KeyStorePassword != nil && len(*s.KeyStorePassword) < 7 { + invalidParams.Add(request.NewErrParamMinLen("KeyStorePassword", 7)) } if s.TrustAnchorCertificate == nil { invalidParams.Add(request.NewErrParamRequired("TrustAnchorCertificate")) @@ -7258,9 +7285,10 @@ func (s *CreateCustomKeyStoreOutput) SetCustomKeyStoreId(v string) *CreateCustom type CreateGrantInput struct { _ struct{} `type:"structure"` - // Allows a cryptographic operation only when the encryption context matches - // or includes the encryption context specified in this structure. For more - // information about encryption context, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) + // Allows a cryptographic operation (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) + // only when the encryption context matches or includes the encryption context + // specified in this structure. For more information about encryption context, + // see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) // in the AWS Key Management Service Developer Guide . Constraints *GrantConstraints `type:"structure"` @@ -7489,19 +7517,26 @@ type CreateKeyInput struct { // of AWS KMS with the isolation and control of a single-tenant key store. CustomKeyStoreId *string `min:"1" type:"string"` - // Specifies the type of CMK to create. The CustomerMasterKeySpec determines - // whether the CMK contains a symmetric key or an asymmetric key pair. It also - // determines the encryption algorithms or signing algorithms that the CMK supports. - // You can't change the CustomerMasterKeySpec after the CMK is created. To further - // restrict the algorithms that can be used with the CMK, use its key policy - // or IAM policy. + // Specifies the type of CMK to create. The default value, SYMMETRIC_DEFAULT, + // creates a CMK with a 256-bit symmetric key for encryption and decryption. + // For help choosing a key spec for your CMK, see How to Choose Your CMK Configuration + // (https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) + // in the AWS Key Management Service Developer Guide. // - // For help with choosing a key spec for your CMK, see Selecting a Customer - // Master Key Spec (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html#cmk-key-spec) + // The CustomerMasterKeySpec determines whether the CMK contains a symmetric + // key or an asymmetric key pair. It also determines the encryption algorithms + // or signing algorithms that the CMK supports. You can't change the CustomerMasterKeySpec + // after the CMK is created. To further restrict the algorithms that can be + // used with the CMK, use a condition key in its key policy or IAM policy. For + // more information, see kms:EncryptionAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm) + // or kms:Signing Algorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm) // in the AWS Key Management Service Developer Guide. // - // The default value, SYMMETRIC_DEFAULT, creates a CMK with a 256-bit symmetric - // key. + // AWS services that are integrated with AWS KMS (http://aws.amazon.com/kms/features/#AWS_Service_Integration) + // use symmetric CMKs to protect your data. These services do not support asymmetric + // CMKs. For help determining whether a CMK is symmetric or asymmetric, see + // Identifying Symmetric and Asymmetric CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) + // in the AWS Key Management Service Developer Guide. // // AWS KMS supports the following key specs for CMKs: // @@ -7522,9 +7557,10 @@ type CreateKeyInput struct { // a task. Description *string `type:"string"` - // Determines the cryptographic operations for which you can use the CMK. The - // default value is ENCRYPT_DECRYPT. This parameter is required only for asymmetric - // CMKs. You can't change the KeyUsage value after the CMK is created. + // Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) + // for which you can use the CMK. The default value is ENCRYPT_DECRYPT. This + // parameter is required only for asymmetric CMKs. You can't change the KeyUsage + // value after the CMK is created. // // Select only one valid value. // @@ -7578,7 +7614,7 @@ type CreateKeyInput struct { // to the CMK. For more information, see Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) // in the AWS Key Management Service Developer Guide. // - // The key policy size limit is 32 kilobytes (32768 bytes). + // The key policy size quota is 32 kilobytes (32768 bytes). Policy *string `min:"1" type:"string"` // One or more tags. Each tag consists of a tag key and a tag value. Both the @@ -7706,8 +7742,8 @@ func (s *CreateKeyOutput) SetKeyMetadata(v *KeyMetadata) *CreateKeyOutput { // use the ScheduleKeyDeletion operation to delete the CMKs. After they are // deleted, you can delete the custom key store. type CustomKeyStoreHasCMKsException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -7724,17 +7760,17 @@ func (s CustomKeyStoreHasCMKsException) GoString() string { func newErrorCustomKeyStoreHasCMKsException(v protocol.ResponseMetadata) error { return &CustomKeyStoreHasCMKsException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s CustomKeyStoreHasCMKsException) Code() string { +func (s *CustomKeyStoreHasCMKsException) Code() string { return "CustomKeyStoreHasCMKsException" } // Message returns the exception's message. -func (s CustomKeyStoreHasCMKsException) Message() string { +func (s *CustomKeyStoreHasCMKsException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7742,22 +7778,22 @@ func (s CustomKeyStoreHasCMKsException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s CustomKeyStoreHasCMKsException) OrigErr() error { +func (s *CustomKeyStoreHasCMKsException) OrigErr() error { return nil } -func (s CustomKeyStoreHasCMKsException) Error() string { +func (s *CustomKeyStoreHasCMKsException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s CustomKeyStoreHasCMKsException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *CustomKeyStoreHasCMKsException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s CustomKeyStoreHasCMKsException) RequestID() string { - return s.respMetadata.RequestID +func (s *CustomKeyStoreHasCMKsException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because of the ConnectionState of the custom key @@ -7778,8 +7814,8 @@ func (s CustomKeyStoreHasCMKsException) RequestID() string { // with a ConnectionState of DISCONNECTING or FAILED. This operation is valid // for all other ConnectionState values. type CustomKeyStoreInvalidStateException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -7796,17 +7832,17 @@ func (s CustomKeyStoreInvalidStateException) GoString() string { func newErrorCustomKeyStoreInvalidStateException(v protocol.ResponseMetadata) error { return &CustomKeyStoreInvalidStateException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s CustomKeyStoreInvalidStateException) Code() string { +func (s *CustomKeyStoreInvalidStateException) Code() string { return "CustomKeyStoreInvalidStateException" } // Message returns the exception's message. -func (s CustomKeyStoreInvalidStateException) Message() string { +func (s *CustomKeyStoreInvalidStateException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7814,30 +7850,30 @@ func (s CustomKeyStoreInvalidStateException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s CustomKeyStoreInvalidStateException) OrigErr() error { +func (s *CustomKeyStoreInvalidStateException) OrigErr() error { return nil } -func (s CustomKeyStoreInvalidStateException) Error() string { +func (s *CustomKeyStoreInvalidStateException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s CustomKeyStoreInvalidStateException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *CustomKeyStoreInvalidStateException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s CustomKeyStoreInvalidStateException) RequestID() string { - return s.respMetadata.RequestID +func (s *CustomKeyStoreInvalidStateException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the specified custom key store name is already // assigned to another custom key store in the account. Try again with a custom // key store name that is unique in the account. type CustomKeyStoreNameInUseException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -7854,17 +7890,17 @@ func (s CustomKeyStoreNameInUseException) GoString() string { func newErrorCustomKeyStoreNameInUseException(v protocol.ResponseMetadata) error { return &CustomKeyStoreNameInUseException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s CustomKeyStoreNameInUseException) Code() string { +func (s *CustomKeyStoreNameInUseException) Code() string { return "CustomKeyStoreNameInUseException" } // Message returns the exception's message. -func (s CustomKeyStoreNameInUseException) Message() string { +func (s *CustomKeyStoreNameInUseException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7872,29 +7908,29 @@ func (s CustomKeyStoreNameInUseException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s CustomKeyStoreNameInUseException) OrigErr() error { +func (s *CustomKeyStoreNameInUseException) OrigErr() error { return nil } -func (s CustomKeyStoreNameInUseException) Error() string { +func (s *CustomKeyStoreNameInUseException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s CustomKeyStoreNameInUseException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *CustomKeyStoreNameInUseException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s CustomKeyStoreNameInUseException) RequestID() string { - return s.respMetadata.RequestID +func (s *CustomKeyStoreNameInUseException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because AWS KMS cannot find a custom key store with // the specified key store name or ID. type CustomKeyStoreNotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -7911,17 +7947,17 @@ func (s CustomKeyStoreNotFoundException) GoString() string { func newErrorCustomKeyStoreNotFoundException(v protocol.ResponseMetadata) error { return &CustomKeyStoreNotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s CustomKeyStoreNotFoundException) Code() string { +func (s *CustomKeyStoreNotFoundException) Code() string { return "CustomKeyStoreNotFoundException" } // Message returns the exception's message. -func (s CustomKeyStoreNotFoundException) Message() string { +func (s *CustomKeyStoreNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -7929,22 +7965,22 @@ func (s CustomKeyStoreNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s CustomKeyStoreNotFoundException) OrigErr() error { +func (s *CustomKeyStoreNotFoundException) OrigErr() error { return nil } -func (s CustomKeyStoreNotFoundException) Error() string { +func (s *CustomKeyStoreNotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s CustomKeyStoreNotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *CustomKeyStoreNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s CustomKeyStoreNotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *CustomKeyStoreNotFoundException) RequestID() string { + return s.RespMetadata.RequestID } // Contains information about each custom key store in the custom key store @@ -7956,7 +7992,12 @@ type CustomKeyStoresListEntry struct { // the custom key store. CloudHsmClusterId *string `min:"19" type:"string"` - // Describes the connection error. Valid values are: + // Describes the connection error. This field appears in the response only when + // the ConnectionState is FAILED. For help resolving these errors, see How to + // Fix a Connection Failure (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed) + // in AWS Key Management Service Developer Guide. + // + // Valid values are: // // * CLUSTER_NOT_FOUND - AWS KMS cannot find the AWS CloudHSM cluster with // the specified cluster ID. @@ -7970,20 +8011,43 @@ type CustomKeyStoresListEntry struct { // the custom key store before trying to connect again. // // * INVALID_CREDENTIALS - AWS KMS does not have the correct password for - // the kmsuser crypto user in the AWS CloudHSM cluster. + // the kmsuser crypto user in the AWS CloudHSM cluster. Before you can connect + // your custom key store to its AWS CloudHSM cluster, you must change the + // kmsuser account password and update the key store password value for the + // custom key store. // // * NETWORK_ERRORS - Network errors are preventing AWS KMS from connecting // to the custom key store. // + // * SUBNET_NOT_FOUND - A subnet in the AWS CloudHSM cluster configuration + // was deleted. If AWS KMS cannot find all of the subnets in the cluster + // configuration, attempts to connect the custom key store to the AWS CloudHSM + // cluster fail. To fix this error, create a cluster from a recent backup + // and associate it with your custom key store. (This process creates a new + // cluster configuration with a VPC and private subnets.) For details, see + // How to Fix a Connection Failure (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed) + // in the AWS Key Management Service Developer Guide. + // // * USER_LOCKED_OUT - The kmsuser CU account is locked out of the associated // AWS CloudHSM cluster due to too many failed password attempts. Before // you can connect your custom key store to its AWS CloudHSM cluster, you - // must change the kmsuser account password and update the password value - // for the custom key store. - // - // For help with connection failures, see Troubleshooting Custom Key Stores - // (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) - // in the AWS Key Management Service Developer Guide. + // must change the kmsuser account password and update the key store password + // value for the custom key store. + // + // * USER_LOGGED_IN - The kmsuser CU account is logged into the the associated + // AWS CloudHSM cluster. This prevents AWS KMS from rotating the kmsuser + // account password and logging into the cluster. Before you can connect + // your custom key store to its AWS CloudHSM cluster, you must log the kmsuser + // CU out of the cluster. If you changed the kmsuser password to log into + // the cluster, you must also and update the key store password value for + // the custom key store. For help, see How to Log Out and Reconnect (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#login-kmsuser-2) + // in the AWS Key Management Service Developer Guide. + // + // * USER_NOT_FOUND - AWS KMS cannot find a kmsuser CU account in the associated + // AWS CloudHSM cluster. Before you can connect your custom key store to + // its AWS CloudHSM cluster, you must create a kmsuser CU account in the + // cluster, and then update the key store password value for the custom key + // store. ConnectionErrorCode *string `type:"string" enum:"ConnectionErrorCodeType"` // Indicates whether the custom key store is connected to its AWS CloudHSM cluster. @@ -7998,8 +8062,9 @@ type CustomKeyStoresListEntry struct { // one active HSM. // // A value of FAILED indicates that an attempt to connect was unsuccessful. - // For help resolving a connection failure, see Troubleshooting a Custom Key - // Store (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) + // The ConnectionErrorCode field in the response indicates the cause of the + // failure. For help resolving a connection failure, see Troubleshooting a Custom + // Key Store (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) // in the AWS Key Management Service Developer Guide. ConnectionState *string `type:"string" enum:"ConnectionStateType"` @@ -8090,9 +8155,9 @@ type DecryptInput struct { EncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` // Specifies the encryption context to use when decrypting the data. An encryption - // context is valid only for cryptographic operations with a symmetric CMK. - // The standard asymmetric encryption algorithms that AWS KMS uses do not support - // an encryption context. + // context is valid only for cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) + // with a symmetric CMK. The standard asymmetric encryption algorithms that + // AWS KMS uses do not support an encryption context. // // An encryption context is a collection of non-secret key-value pairs that // represents additional authenticated data. When you use an encryption context @@ -8205,7 +8270,8 @@ type DecryptOutput struct { // The encryption algorithm that was used to decrypt the ciphertext. EncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` - // The ARN of the customer master key that was used to perform the decryption. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK that was used to decrypt the ciphertext. KeyId *string `min:"1" type:"string"` // Decrypted plaintext data. When you use the HTTP API or the AWS CLI, the value @@ -8424,8 +8490,8 @@ func (s DeleteImportedKeyMaterialOutput) GoString() string { // The system timed out while trying to fulfill the request. The request can // be retried. type DependencyTimeoutException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -8442,17 +8508,17 @@ func (s DependencyTimeoutException) GoString() string { func newErrorDependencyTimeoutException(v protocol.ResponseMetadata) error { return &DependencyTimeoutException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s DependencyTimeoutException) Code() string { +func (s *DependencyTimeoutException) Code() string { return "DependencyTimeoutException" } // Message returns the exception's message. -func (s DependencyTimeoutException) Message() string { +func (s *DependencyTimeoutException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -8460,22 +8526,22 @@ func (s DependencyTimeoutException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s DependencyTimeoutException) OrigErr() error { +func (s *DependencyTimeoutException) OrigErr() error { return nil } -func (s DependencyTimeoutException) Error() string { +func (s *DependencyTimeoutException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s DependencyTimeoutException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *DependencyTimeoutException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s DependencyTimeoutException) RequestID() string { - return s.respMetadata.RequestID +func (s *DependencyTimeoutException) RequestID() string { + return s.RespMetadata.RequestID } type DescribeCustomKeyStoresInput struct { @@ -8843,8 +8909,8 @@ func (s DisableKeyRotationOutput) GoString() string { // The request was rejected because the specified CMK is not enabled. type DisabledException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -8861,17 +8927,17 @@ func (s DisabledException) GoString() string { func newErrorDisabledException(v protocol.ResponseMetadata) error { return &DisabledException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s DisabledException) Code() string { +func (s *DisabledException) Code() string { return "DisabledException" } // Message returns the exception's message. -func (s DisabledException) Message() string { +func (s *DisabledException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -8879,22 +8945,22 @@ func (s DisabledException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s DisabledException) OrigErr() error { +func (s *DisabledException) OrigErr() error { return nil } -func (s DisabledException) Error() string { +func (s *DisabledException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s DisabledException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *DisabledException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s DisabledException) RequestID() string { - return s.respMetadata.RequestID +func (s *DisabledException) RequestID() string { + return s.RespMetadata.RequestID } type DisconnectCustomKeyStoreInput struct { @@ -9097,9 +9163,9 @@ type EncryptInput struct { EncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` // Specifies the encryption context that will be used to encrypt the data. An - // encryption context is valid only for cryptographic operations with a symmetric - // CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not - // support an encryption context. + // encryption context is valid only for cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) + // with a symmetric CMK. The standard asymmetric encryption algorithms that + // AWS KMS uses do not support an encryption context. // // An encryption context is a collection of non-secret key-value pairs that // represents additional authenticated data. When you use an encryption context @@ -9221,7 +9287,8 @@ type EncryptOutput struct { // The encryption algorithm that was used to encrypt the plaintext. EncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` - // The ID of the key used during encryption. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK that was used to encrypt the plaintext. KeyId *string `min:"1" type:"string"` } @@ -9257,8 +9324,8 @@ func (s *EncryptOutput) SetKeyId(v string) *EncryptOutput { // GetParametersForImport to get a new import token and public key, use the // new public key to encrypt the key material, and then try the request again. type ExpiredImportTokenException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -9275,17 +9342,17 @@ func (s ExpiredImportTokenException) GoString() string { func newErrorExpiredImportTokenException(v protocol.ResponseMetadata) error { return &ExpiredImportTokenException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s ExpiredImportTokenException) Code() string { +func (s *ExpiredImportTokenException) Code() string { return "ExpiredImportTokenException" } // Message returns the exception's message. -func (s ExpiredImportTokenException) Message() string { +func (s *ExpiredImportTokenException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -9293,22 +9360,22 @@ func (s ExpiredImportTokenException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s ExpiredImportTokenException) OrigErr() error { +func (s *ExpiredImportTokenException) OrigErr() error { return nil } -func (s ExpiredImportTokenException) Error() string { +func (s *ExpiredImportTokenException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s ExpiredImportTokenException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *ExpiredImportTokenException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s ExpiredImportTokenException) RequestID() string { - return s.respMetadata.RequestID +func (s *ExpiredImportTokenException) RequestID() string { + return s.RespMetadata.RequestID } type GenerateDataKeyInput struct { @@ -9439,7 +9506,8 @@ type GenerateDataKeyOutput struct { // CiphertextBlob is automatically base64 encoded/decoded by the SDK. CiphertextBlob []byte `min:"1" type:"blob"` - // The identifier of the CMK that encrypted the data key. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK that encrypted the data key. KeyId *string `min:"1" type:"string"` // The plaintext data key. When you use the HTTP API or the AWS CLI, the value @@ -9502,7 +9570,8 @@ type GenerateDataKeyPairInput struct { GrantTokens []*string `type:"list"` // Specifies the symmetric CMK that encrypts the private key in the data key - // pair. You cannot specify an asymmetric CMKs. + // pair. You cannot specify an asymmetric CMK or a CMK in a custom key store. + // To get the type and origin of your CMK, use the DescribeKey operation. // // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, // or alias ARN. When using an alias name, prefix it with "alias/". To specify @@ -9591,7 +9660,8 @@ func (s *GenerateDataKeyPairInput) SetKeyPairSpec(v string) *GenerateDataKeyPair type GenerateDataKeyPairOutput struct { _ struct{} `type:"structure"` - // The identifier of the CMK that encrypted the private key. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK that encrypted the private key. KeyId *string `min:"1" type:"string"` // The type of data key pair that was generated. @@ -9678,7 +9748,9 @@ type GenerateDataKeyPairWithoutPlaintextInput struct { GrantTokens []*string `type:"list"` // Specifies the CMK that encrypts the private key in the data key pair. You - // must specify a symmetric CMK. You cannot use an asymmetric CMK. + // must specify a symmetric CMK. You cannot use an asymmetric CMK or a CMK in + // a custom key store. To get the type and origin of your CMK, use the DescribeKey + // operation. // // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, // or alias ARN. When using an alias name, prefix it with "alias/". @@ -9766,24 +9838,8 @@ func (s *GenerateDataKeyPairWithoutPlaintextInput) SetKeyPairSpec(v string) *Gen type GenerateDataKeyPairWithoutPlaintextOutput struct { _ struct{} `type:"structure"` - // Specifies the CMK that encrypted the private key in the data key pair. You - // must specify a symmetric CMK. You cannot use an asymmetric CMK. - // - // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, - // or alias ARN. When using an alias name, prefix it with "alias/". - // - // For example: - // - // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab - // - // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab - // - // * Alias name: alias/ExampleAlias - // - // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias - // - // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To - // get the alias name and alias ARN, use ListAliases. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK that encrypted the private key. KeyId *string `min:"1" type:"string"` // The type of data key pair that was generated. @@ -9959,7 +10015,8 @@ type GenerateDataKeyWithoutPlaintextOutput struct { // CiphertextBlob is automatically base64 encoded/decoded by the SDK. CiphertextBlob []byte `min:"1" type:"blob"` - // The identifier of the CMK that encrypted the data key. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK that encrypted the data key. KeyId *string `min:"1" type:"string"` } @@ -10320,8 +10377,9 @@ type GetParametersForImportOutput struct { // ImportToken is automatically base64 encoded/decoded by the SDK. ImportToken []byte `min:"1" type:"blob"` - // The identifier of the CMK to use in a subsequent ImportKeyMaterial request. - // This is the same CMK specified in the GetParametersForImport request. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK to use in a subsequent ImportKeyMaterial request. This is the + // same CMK specified in the GetParametersForImport request. KeyId *string `min:"1" type:"string"` // The time at which the import token and public key are no longer valid. After @@ -10456,7 +10514,8 @@ type GetPublicKeyOutput struct { // is ENCRYPT_DECRYPT. EncryptionAlgorithms []*string `type:"list"` - // The identifier of the asymmetric CMK from which the public key was downloaded. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the asymmetric CMK from which the public key was downloaded. KeyId *string `min:"1" type:"string"` // The permitted use of the public key. Valid values are ENCRYPT_DECRYPT or @@ -10468,9 +10527,10 @@ type GetPublicKeyOutput struct { // The exported public key. // - // This value is returned as a binary Distinguished Encoding Rules (https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf) - // (DER)-encoded object. To decode it, use an ASN.1 parsing tool, such as OpenSSL - // asn1parse (https://www.openssl.org/docs/man1.0.2/man1/asn1parse.html). + // The value is a DER-encoded X.509 public key, also known as SubjectPublicKeyInfo + // (SPKI), as defined in RFC 5280 (https://tools.ietf.org/html/rfc5280). When + // you use the HTTP API or the AWS CLI, the value is Base64-encoded. Otherwise, + // it is not Base64-encoded. // // PublicKey is automatically base64 encoded/decoded by the SDK. PublicKey []byte `min:"1" type:"blob"` @@ -10528,24 +10588,16 @@ func (s *GetPublicKeyOutput) SetSigningAlgorithms(v []*string) *GetPublicKeyOutp return s } -// Use this structure to allow cryptographic operations in the grant only when -// the operation request includes the specified encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context). -// -// AWS KMS applies the grant constraints only when the grant allows a cryptographic -// operation that accepts an encryption context as input, such as the following. -// -// * Encrypt -// -// * Decrypt -// -// * GenerateDataKey -// -// * GenerateDataKeyWithoutPlaintext +// Use this structure to allow cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) +// in the grant only when the operation request includes the specified encryption +// context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context). // -// * ReEncrypt -// -// AWS KMS does not apply the grant constraints to other operations, such as -// DescribeKey or ScheduleKeyDeletion. +// AWS KMS applies the grant constraints only to cryptographic operations that +// support an encryption context, that is, all cryptographic operations with +// a symmetric CMK (https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#symmetric-cmks). +// Grant constraints are not applied to operations that do not support an encryption +// context, such as cryptographic operations with asymmetric CMKs and management +// operations, such as DescribeKey or ScheduleKeyDeletion. // // In a cryptographic operation, the encryption context in the decryption operation // must be an exact, case-sensitive match for the keys and values in the encryption @@ -10563,16 +10615,16 @@ type GrantConstraints struct { _ struct{} `type:"structure"` // A list of key-value pairs that must match the encryption context in the cryptographic - // operation request. The grant allows the operation only when the encryption - // context in the request is the same as the encryption context specified in - // this constraint. + // operation (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) + // request. The grant allows the operation only when the encryption context + // in the request is the same as the encryption context specified in this constraint. EncryptionContextEquals map[string]*string `type:"map"` // A list of key-value pairs that must be included in the encryption context - // of the cryptographic operation request. The grant allows the cryptographic - // operation only when the encryption context in the request includes the key-value - // pairs specified in this constraint, although it can include additional key-value - // pairs. + // of the cryptographic operation (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) + // request. The grant allows the cryptographic operation only when the encryption + // context in the request includes the key-value pairs specified in this constraint, + // although it can include additional key-value pairs. EncryptionContextSubset map[string]*string `type:"map"` } @@ -10598,7 +10650,7 @@ func (s *GrantConstraints) SetEncryptionContextSubset(v map[string]*string) *Gra return s } -// Contains information about an entry in a list of grants. +// Contains information about a grant. type GrantListEntry struct { _ struct{} `type:"structure"` @@ -10612,7 +10664,13 @@ type GrantListEntry struct { // The unique identifier for the grant. GrantId *string `min:"1" type:"string"` - // The principal that receives the grant's permissions. + // The identity that gets the permissions in the grant. + // + // The GranteePrincipal field in the ListGrants response usually contains the + // user or role designated as the grantee principal in the grant. However, when + // the grantee principal in the grant is an AWS service, the GranteePrincipal + // field contains the service principal (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services), + // which might represent several different grantee principals. GranteePrincipal *string `min:"1" type:"string"` // The AWS account under which the grant was issued. @@ -10834,8 +10892,8 @@ func (s ImportKeyMaterialOutput) GoString() string { // The KeyId in a Decrypt request and the SourceKeyId in a ReEncrypt request // must identify the same CMK that was used to encrypt the ciphertext. type IncorrectKeyException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -10852,17 +10910,17 @@ func (s IncorrectKeyException) GoString() string { func newErrorIncorrectKeyException(v protocol.ResponseMetadata) error { return &IncorrectKeyException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s IncorrectKeyException) Code() string { +func (s *IncorrectKeyException) Code() string { return "IncorrectKeyException" } // Message returns the exception's message. -func (s IncorrectKeyException) Message() string { +func (s *IncorrectKeyException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -10870,30 +10928,30 @@ func (s IncorrectKeyException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s IncorrectKeyException) OrigErr() error { +func (s *IncorrectKeyException) OrigErr() error { return nil } -func (s IncorrectKeyException) Error() string { +func (s *IncorrectKeyException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s IncorrectKeyException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *IncorrectKeyException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s IncorrectKeyException) RequestID() string { - return s.respMetadata.RequestID +func (s *IncorrectKeyException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the key material in the request is, expired, // invalid, or is not the same key material that was previously imported into // this customer master key (CMK). type IncorrectKeyMaterialException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -10910,17 +10968,17 @@ func (s IncorrectKeyMaterialException) GoString() string { func newErrorIncorrectKeyMaterialException(v protocol.ResponseMetadata) error { return &IncorrectKeyMaterialException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s IncorrectKeyMaterialException) Code() string { +func (s *IncorrectKeyMaterialException) Code() string { return "IncorrectKeyMaterialException" } // Message returns the exception's message. -func (s IncorrectKeyMaterialException) Message() string { +func (s *IncorrectKeyMaterialException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -10928,22 +10986,22 @@ func (s IncorrectKeyMaterialException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s IncorrectKeyMaterialException) OrigErr() error { +func (s *IncorrectKeyMaterialException) OrigErr() error { return nil } -func (s IncorrectKeyMaterialException) Error() string { +func (s *IncorrectKeyMaterialException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s IncorrectKeyMaterialException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *IncorrectKeyMaterialException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s IncorrectKeyMaterialException) RequestID() string { - return s.respMetadata.RequestID +func (s *IncorrectKeyMaterialException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the trust anchor certificate in the request @@ -10953,8 +11011,8 @@ func (s IncorrectKeyMaterialException) RequestID() string { // you create the trust anchor certificate and save it in the customerCA.crt // file. type IncorrectTrustAnchorException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -10971,17 +11029,17 @@ func (s IncorrectTrustAnchorException) GoString() string { func newErrorIncorrectTrustAnchorException(v protocol.ResponseMetadata) error { return &IncorrectTrustAnchorException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s IncorrectTrustAnchorException) Code() string { +func (s *IncorrectTrustAnchorException) Code() string { return "IncorrectTrustAnchorException" } // Message returns the exception's message. -func (s IncorrectTrustAnchorException) Message() string { +func (s *IncorrectTrustAnchorException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -10989,29 +11047,29 @@ func (s IncorrectTrustAnchorException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s IncorrectTrustAnchorException) OrigErr() error { +func (s *IncorrectTrustAnchorException) OrigErr() error { return nil } -func (s IncorrectTrustAnchorException) Error() string { +func (s *IncorrectTrustAnchorException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s IncorrectTrustAnchorException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *IncorrectTrustAnchorException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s IncorrectTrustAnchorException) RequestID() string { - return s.respMetadata.RequestID +func (s *IncorrectTrustAnchorException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because an internal exception occurred. The request // can be retried. type InternalException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11028,17 +11086,17 @@ func (s InternalException) GoString() string { func newErrorInternalException(v protocol.ResponseMetadata) error { return &InternalException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InternalException) Code() string { +func (s *InternalException) Code() string { return "KMSInternalException" } // Message returns the exception's message. -func (s InternalException) Message() string { +func (s *InternalException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11046,28 +11104,28 @@ func (s InternalException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InternalException) OrigErr() error { +func (s *InternalException) OrigErr() error { return nil } -func (s InternalException) Error() string { +func (s *InternalException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InternalException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InternalException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InternalException) RequestID() string { - return s.respMetadata.RequestID +func (s *InternalException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the specified alias name is not valid. type InvalidAliasNameException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11084,17 +11142,17 @@ func (s InvalidAliasNameException) GoString() string { func newErrorInvalidAliasNameException(v protocol.ResponseMetadata) error { return &InvalidAliasNameException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidAliasNameException) Code() string { +func (s *InvalidAliasNameException) Code() string { return "InvalidAliasNameException" } // Message returns the exception's message. -func (s InvalidAliasNameException) Message() string { +func (s *InvalidAliasNameException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11102,29 +11160,29 @@ func (s InvalidAliasNameException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidAliasNameException) OrigErr() error { +func (s *InvalidAliasNameException) OrigErr() error { return nil } -func (s InvalidAliasNameException) Error() string { +func (s *InvalidAliasNameException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidAliasNameException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidAliasNameException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidAliasNameException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidAliasNameException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because a specified ARN, or an ARN in a key policy, // is not valid. type InvalidArnException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11141,17 +11199,17 @@ func (s InvalidArnException) GoString() string { func newErrorInvalidArnException(v protocol.ResponseMetadata) error { return &InvalidArnException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidArnException) Code() string { +func (s *InvalidArnException) Code() string { return "InvalidArnException" } // Message returns the exception's message. -func (s InvalidArnException) Message() string { +func (s *InvalidArnException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11159,22 +11217,22 @@ func (s InvalidArnException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidArnException) OrigErr() error { +func (s *InvalidArnException) OrigErr() error { return nil } -func (s InvalidArnException) Error() string { +func (s *InvalidArnException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidArnException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidArnException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidArnException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidArnException) RequestID() string { + return s.RespMetadata.RequestID } // From the Decrypt or ReEncrypt operation, the request was rejected because @@ -11185,8 +11243,8 @@ func (s InvalidArnException) RequestID() string { // From the ImportKeyMaterial operation, the request was rejected because AWS // KMS could not decrypt the encrypted (wrapped) key material. type InvalidCiphertextException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11203,17 +11261,17 @@ func (s InvalidCiphertextException) GoString() string { func newErrorInvalidCiphertextException(v protocol.ResponseMetadata) error { return &InvalidCiphertextException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidCiphertextException) Code() string { +func (s *InvalidCiphertextException) Code() string { return "InvalidCiphertextException" } // Message returns the exception's message. -func (s InvalidCiphertextException) Message() string { +func (s *InvalidCiphertextException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11221,28 +11279,28 @@ func (s InvalidCiphertextException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidCiphertextException) OrigErr() error { +func (s *InvalidCiphertextException) OrigErr() error { return nil } -func (s InvalidCiphertextException) Error() string { +func (s *InvalidCiphertextException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidCiphertextException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidCiphertextException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidCiphertextException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidCiphertextException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the specified GrantId is not valid. type InvalidGrantIdException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11259,17 +11317,17 @@ func (s InvalidGrantIdException) GoString() string { func newErrorInvalidGrantIdException(v protocol.ResponseMetadata) error { return &InvalidGrantIdException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidGrantIdException) Code() string { +func (s *InvalidGrantIdException) Code() string { return "InvalidGrantIdException" } // Message returns the exception's message. -func (s InvalidGrantIdException) Message() string { +func (s *InvalidGrantIdException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11277,28 +11335,28 @@ func (s InvalidGrantIdException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidGrantIdException) OrigErr() error { +func (s *InvalidGrantIdException) OrigErr() error { return nil } -func (s InvalidGrantIdException) Error() string { +func (s *InvalidGrantIdException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidGrantIdException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidGrantIdException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidGrantIdException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidGrantIdException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the specified grant token is not valid. type InvalidGrantTokenException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11315,17 +11373,17 @@ func (s InvalidGrantTokenException) GoString() string { func newErrorInvalidGrantTokenException(v protocol.ResponseMetadata) error { return &InvalidGrantTokenException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidGrantTokenException) Code() string { +func (s *InvalidGrantTokenException) Code() string { return "InvalidGrantTokenException" } // Message returns the exception's message. -func (s InvalidGrantTokenException) Message() string { +func (s *InvalidGrantTokenException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11333,29 +11391,29 @@ func (s InvalidGrantTokenException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidGrantTokenException) OrigErr() error { +func (s *InvalidGrantTokenException) OrigErr() error { return nil } -func (s InvalidGrantTokenException) Error() string { +func (s *InvalidGrantTokenException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidGrantTokenException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidGrantTokenException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidGrantTokenException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidGrantTokenException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the provided import token is invalid or // is associated with a different customer master key (CMK). type InvalidImportTokenException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11372,17 +11430,17 @@ func (s InvalidImportTokenException) GoString() string { func newErrorInvalidImportTokenException(v protocol.ResponseMetadata) error { return &InvalidImportTokenException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidImportTokenException) Code() string { +func (s *InvalidImportTokenException) Code() string { return "InvalidImportTokenException" } // Message returns the exception's message. -func (s InvalidImportTokenException) Message() string { +func (s *InvalidImportTokenException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11390,22 +11448,22 @@ func (s InvalidImportTokenException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidImportTokenException) OrigErr() error { +func (s *InvalidImportTokenException) OrigErr() error { return nil } -func (s InvalidImportTokenException) Error() string { +func (s *InvalidImportTokenException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidImportTokenException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidImportTokenException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidImportTokenException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidImportTokenException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected for one of the following reasons: @@ -11422,8 +11480,8 @@ func (s InvalidImportTokenException) RequestID() string { // To find the encryption or signing algorithms supported for a particular CMK, // use the DescribeKey operation. type InvalidKeyUsageException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11440,17 +11498,17 @@ func (s InvalidKeyUsageException) GoString() string { func newErrorInvalidKeyUsageException(v protocol.ResponseMetadata) error { return &InvalidKeyUsageException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidKeyUsageException) Code() string { +func (s *InvalidKeyUsageException) Code() string { return "InvalidKeyUsageException" } // Message returns the exception's message. -func (s InvalidKeyUsageException) Message() string { +func (s *InvalidKeyUsageException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11458,29 +11516,29 @@ func (s InvalidKeyUsageException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidKeyUsageException) OrigErr() error { +func (s *InvalidKeyUsageException) OrigErr() error { return nil } -func (s InvalidKeyUsageException) Error() string { +func (s *InvalidKeyUsageException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidKeyUsageException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidKeyUsageException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidKeyUsageException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidKeyUsageException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the marker that specifies where pagination // should next begin is not valid. type InvalidMarkerException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11497,17 +11555,17 @@ func (s InvalidMarkerException) GoString() string { func newErrorInvalidMarkerException(v protocol.ResponseMetadata) error { return &InvalidMarkerException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidMarkerException) Code() string { +func (s *InvalidMarkerException) Code() string { return "InvalidMarkerException" } // Message returns the exception's message. -func (s InvalidMarkerException) Message() string { +func (s *InvalidMarkerException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11515,22 +11573,22 @@ func (s InvalidMarkerException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidMarkerException) OrigErr() error { +func (s *InvalidMarkerException) OrigErr() error { return nil } -func (s InvalidMarkerException) Error() string { +func (s *InvalidMarkerException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidMarkerException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidMarkerException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidMarkerException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidMarkerException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the state of the specified resource is not @@ -11540,8 +11598,8 @@ func (s InvalidMarkerException) RequestID() string { // Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide . type InvalidStateException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11558,17 +11616,17 @@ func (s InvalidStateException) GoString() string { func newErrorInvalidStateException(v protocol.ResponseMetadata) error { return &InvalidStateException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s InvalidStateException) Code() string { +func (s *InvalidStateException) Code() string { return "KMSInvalidStateException" } // Message returns the exception's message. -func (s InvalidStateException) Message() string { +func (s *InvalidStateException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11576,30 +11634,30 @@ func (s InvalidStateException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s InvalidStateException) OrigErr() error { +func (s *InvalidStateException) OrigErr() error { return nil } -func (s InvalidStateException) Error() string { +func (s *InvalidStateException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s InvalidStateException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *InvalidStateException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s InvalidStateException) RequestID() string { - return s.respMetadata.RequestID +func (s *InvalidStateException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the signature verification failed. Signature // verification fails when it cannot confirm that signature was produced by // signing the specified message with the specified CMK and signing algorithm. type KMSInvalidSignatureException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11616,17 +11674,17 @@ func (s KMSInvalidSignatureException) GoString() string { func newErrorKMSInvalidSignatureException(v protocol.ResponseMetadata) error { return &KMSInvalidSignatureException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s KMSInvalidSignatureException) Code() string { +func (s *KMSInvalidSignatureException) Code() string { return "KMSInvalidSignatureException" } // Message returns the exception's message. -func (s KMSInvalidSignatureException) Message() string { +func (s *KMSInvalidSignatureException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11634,22 +11692,22 @@ func (s KMSInvalidSignatureException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s KMSInvalidSignatureException) OrigErr() error { +func (s *KMSInvalidSignatureException) OrigErr() error { return nil } -func (s KMSInvalidSignatureException) Error() string { +func (s *KMSInvalidSignatureException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s KMSInvalidSignatureException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *KMSInvalidSignatureException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s KMSInvalidSignatureException) RequestID() string { - return s.respMetadata.RequestID +func (s *KMSInvalidSignatureException) RequestID() string { + return s.RespMetadata.RequestID } // Contains information about each entry in the key list. @@ -11729,8 +11787,8 @@ type KeyMetadata struct { // is true, otherwise it is false. Enabled *bool `type:"boolean"` - // A list of encryption algorithms that the CMK supports. You cannot use the - // CMK with other encryption algorithms within AWS KMS. + // The encryption algorithms that the CMK supports. You cannot use the CMK with + // other encryption algorithms within AWS KMS. // // This field appears only when the KeyUsage of the CMK is ENCRYPT_DECRYPT. EncryptionAlgorithms []*string `type:"list"` @@ -11750,14 +11808,15 @@ type KeyMetadata struct { // in the AWS Key Management Service Developer Guide. KeyManager *string `type:"string" enum:"KeyManagerType"` - // The state of the CMK. + // The current status of the CMK. // - // For more information about how key state affects the use of a CMK, see How - // Key State Affects the Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) + // For more information about how key state affects the use of a CMK, see Key + // state: Effect on your CMK (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. KeyState *string `type:"string" enum:"KeyState"` - // The cryptographic operations for which you can use the CMK. + // The cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) + // for which you can use the CMK. KeyUsage *string `type:"string" enum:"KeyUsageType"` // The source of the CMK's key material. When this value is AWS_KMS, AWS KMS @@ -11767,8 +11826,8 @@ type KeyMetadata struct { // in the AWS CloudHSM cluster associated with a custom key store. Origin *string `type:"string" enum:"OriginType"` - // A list of signing algorithms that the CMK supports. You cannot use the CMK - // with other signing algorithms within AWS KMS. + // The signing algorithms that the CMK supports. You cannot use the CMK with + // other signing algorithms within AWS KMS. // // This field appears only when the KeyUsage of the CMK is SIGN_VERIFY. SigningAlgorithms []*string `type:"list"` @@ -11901,8 +11960,8 @@ func (s *KeyMetadata) SetValidTo(v time.Time) *KeyMetadata { // The request was rejected because the specified CMK was not available. You // can retry the request. type KeyUnavailableException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11919,17 +11978,17 @@ func (s KeyUnavailableException) GoString() string { func newErrorKeyUnavailableException(v protocol.ResponseMetadata) error { return &KeyUnavailableException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s KeyUnavailableException) Code() string { +func (s *KeyUnavailableException) Code() string { return "KeyUnavailableException" } // Message returns the exception's message. -func (s KeyUnavailableException) Message() string { +func (s *KeyUnavailableException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11937,30 +11996,30 @@ func (s KeyUnavailableException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s KeyUnavailableException) OrigErr() error { +func (s *KeyUnavailableException) OrigErr() error { return nil } -func (s KeyUnavailableException) Error() string { +func (s *KeyUnavailableException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s KeyUnavailableException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *KeyUnavailableException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s KeyUnavailableException) RequestID() string { - return s.respMetadata.RequestID +func (s *KeyUnavailableException) RequestID() string { + return s.RespMetadata.RequestID } -// The request was rejected because a limit was exceeded. For more information, -// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// The request was rejected because a quota was exceeded. For more information, +// see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. type LimitExceededException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -11977,17 +12036,17 @@ func (s LimitExceededException) GoString() string { func newErrorLimitExceededException(v protocol.ResponseMetadata) error { return &LimitExceededException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s LimitExceededException) Code() string { +func (s *LimitExceededException) Code() string { return "LimitExceededException" } // Message returns the exception's message. -func (s LimitExceededException) Message() string { +func (s *LimitExceededException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11995,22 +12054,22 @@ func (s LimitExceededException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s LimitExceededException) OrigErr() error { +func (s *LimitExceededException) OrigErr() error { return nil } -func (s LimitExceededException) Error() string { +func (s *LimitExceededException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s LimitExceededException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *LimitExceededException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s LimitExceededException) RequestID() string { - return s.respMetadata.RequestID +func (s *LimitExceededException) RequestID() string { + return s.RespMetadata.RequestID } type ListAliasesInput struct { @@ -12701,8 +12760,8 @@ func (s *ListRetirableGrantsInput) SetRetiringPrincipal(v string) *ListRetirable // The request was rejected because the specified policy is not syntactically // or semantically correct. type MalformedPolicyDocumentException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -12719,17 +12778,17 @@ func (s MalformedPolicyDocumentException) GoString() string { func newErrorMalformedPolicyDocumentException(v protocol.ResponseMetadata) error { return &MalformedPolicyDocumentException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s MalformedPolicyDocumentException) Code() string { +func (s *MalformedPolicyDocumentException) Code() string { return "MalformedPolicyDocumentException" } // Message returns the exception's message. -func (s MalformedPolicyDocumentException) Message() string { +func (s *MalformedPolicyDocumentException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -12737,29 +12796,29 @@ func (s MalformedPolicyDocumentException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s MalformedPolicyDocumentException) OrigErr() error { +func (s *MalformedPolicyDocumentException) OrigErr() error { return nil } -func (s MalformedPolicyDocumentException) Error() string { +func (s *MalformedPolicyDocumentException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s MalformedPolicyDocumentException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *MalformedPolicyDocumentException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s MalformedPolicyDocumentException) RequestID() string { - return s.respMetadata.RequestID +func (s *MalformedPolicyDocumentException) RequestID() string { + return s.RespMetadata.RequestID } // The request was rejected because the specified entity or resource could not // be found. type NotFoundException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -12776,17 +12835,17 @@ func (s NotFoundException) GoString() string { func newErrorNotFoundException(v protocol.ResponseMetadata) error { return &NotFoundException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s NotFoundException) Code() string { +func (s *NotFoundException) Code() string { return "NotFoundException" } // Message returns the exception's message. -func (s NotFoundException) Message() string { +func (s *NotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -12794,22 +12853,22 @@ func (s NotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s NotFoundException) OrigErr() error { +func (s *NotFoundException) OrigErr() error { return nil } -func (s NotFoundException) Error() string { +func (s *NotFoundException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s NotFoundException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *NotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s NotFoundException) RequestID() string { - return s.respMetadata.RequestID +func (s *NotFoundException) RequestID() string { + return s.RespMetadata.RequestID } type PutKeyPolicyInput struct { @@ -12864,7 +12923,9 @@ type PutKeyPolicyInput struct { // immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) // in the AWS Identity and Access Management User Guide. // - // The key policy size limit is 32 kilobytes (32768 bytes). + // The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, + // see Resource Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/resource-limits.html) + // in the AWS Key Management Service Developer Guide. // // Policy is a required field Policy *string `min:"1" type:"string" required:"true"` @@ -13164,7 +13225,8 @@ type ReEncryptOutput struct { // The encryption algorithm that was used to reencrypt the data. DestinationEncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` - // Unique identifier of the CMK used to reencrypt the data. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK that was used to reencrypt the data. KeyId *string `min:"1" type:"string"` // The encryption algorithm that was used to decrypt the ciphertext before it @@ -13450,8 +13512,8 @@ type ScheduleKeyDeletionOutput struct { // The date and time after which AWS KMS deletes the customer master key (CMK). DeletionDate *time.Time `type:"timestamp"` - // The unique identifier of the customer master key (CMK) for which deletion - // is scheduled. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the CMK whose deletion is scheduled. KeyId *string `min:"1" type:"string"` } @@ -13522,8 +13584,8 @@ type SignInput struct { Message []byte `min:"1" type:"blob" required:"true" sensitive:"true"` // Tells AWS KMS whether the value of the Message parameter is a message or - // message digest. To indicate a message, enter RAW. To indicate a message digest, - // enter DIGEST. + // message digest. The default value, RAW, indicates a message. To indicate + // a message digest, enter DIGEST. MessageType *string `type:"string" enum:"MessageType"` // Specifies the signing algorithm to use when signing the message. @@ -13603,12 +13665,24 @@ func (s *SignInput) SetSigningAlgorithm(v string) *SignInput { type SignOutput struct { _ struct{} `type:"structure"` - // The Amazon Resource Name (ARN) of the asymmetric CMK that was used to sign - // the message. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the asymmetric CMK that was used to sign the message. KeyId *string `min:"1" type:"string"` // The cryptographic signature that was generated for the message. // + // * When used with the supported RSA signing algorithms, the encoding of + // this value is defined by PKCS #1 in RFC 8017 (https://tools.ietf.org/html/rfc8017). + // + // * When used with the ECDSA_SHA_256, ECDSA_SHA_384, or ECDSA_SHA_512 signing + // algorithms, this value is a DER-encoded object as defined by ANS X9.62–2005 + // and RFC 3279 Section 2.2.3 (https://tools.ietf.org/html/rfc3279#section-2.2.3). + // This is the most commonly used signature format and is appropriate for + // most uses. + // + // When you use the HTTP API or the AWS CLI, the value is Base64-encoded. Otherwise, + // it is not Base64-encoded. + // // Signature is automatically base64 encoded/decoded by the SDK. Signature []byte `min:"1" type:"blob"` @@ -13707,8 +13781,8 @@ func (s *Tag) SetTagValue(v string) *Tag { // The request was rejected because one or more tags are not valid. type TagException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -13725,17 +13799,17 @@ func (s TagException) GoString() string { func newErrorTagException(v protocol.ResponseMetadata) error { return &TagException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s TagException) Code() string { +func (s *TagException) Code() string { return "TagException" } // Message returns the exception's message. -func (s TagException) Message() string { +func (s *TagException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -13743,22 +13817,22 @@ func (s TagException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s TagException) OrigErr() error { +func (s *TagException) OrigErr() error { return nil } -func (s TagException) Error() string { +func (s *TagException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s TagException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *TagException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s TagException) RequestID() string { - return s.respMetadata.RequestID +func (s *TagException) RequestID() string { + return s.RespMetadata.RequestID } type TagResourceInput struct { @@ -13853,8 +13927,8 @@ func (s TagResourceOutput) GoString() string { // The request was rejected because a specified parameter is not supported or // a specified resource is not valid for this operation. type UnsupportedOperationException struct { - _ struct{} `type:"structure"` - respMetadata protocol.ResponseMetadata + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } @@ -13871,17 +13945,17 @@ func (s UnsupportedOperationException) GoString() string { func newErrorUnsupportedOperationException(v protocol.ResponseMetadata) error { return &UnsupportedOperationException{ - respMetadata: v, + RespMetadata: v, } } // Code returns the exception type name. -func (s UnsupportedOperationException) Code() string { +func (s *UnsupportedOperationException) Code() string { return "UnsupportedOperationException" } // Message returns the exception's message. -func (s UnsupportedOperationException) Message() string { +func (s *UnsupportedOperationException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -13889,22 +13963,22 @@ func (s UnsupportedOperationException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s UnsupportedOperationException) OrigErr() error { +func (s *UnsupportedOperationException) OrigErr() error { return nil } -func (s UnsupportedOperationException) Error() string { +func (s *UnsupportedOperationException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s UnsupportedOperationException) StatusCode() int { - return s.respMetadata.StatusCode +func (s *UnsupportedOperationException) StatusCode() int { + return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s UnsupportedOperationException) RequestID() string { - return s.respMetadata.RequestID +func (s *UnsupportedOperationException) RequestID() string { + return s.RespMetadata.RequestID } type UntagResourceInput struct { @@ -14105,7 +14179,7 @@ type UpdateCustomKeyStoreInput struct { // This parameter tells AWS KMS the current password of the kmsuser crypto user // (CU). It does not set or change the password of any users in the AWS CloudHSM // cluster. - KeyStorePassword *string `min:"1" type:"string" sensitive:"true"` + KeyStorePassword *string `min:"7" type:"string" sensitive:"true"` // Changes the friendly name of the custom key store to the value that you specify. // The custom key store name must be unique in the AWS account. @@ -14134,8 +14208,8 @@ func (s *UpdateCustomKeyStoreInput) Validate() error { if s.CustomKeyStoreId != nil && len(*s.CustomKeyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("CustomKeyStoreId", 1)) } - if s.KeyStorePassword != nil && len(*s.KeyStorePassword) < 1 { - invalidParams.Add(request.NewErrParamMinLen("KeyStorePassword", 1)) + if s.KeyStorePassword != nil && len(*s.KeyStorePassword) < 7 { + invalidParams.Add(request.NewErrParamMinLen("KeyStorePassword", 7)) } if s.NewCustomKeyStoreName != nil && len(*s.NewCustomKeyStoreName) < 1 { invalidParams.Add(request.NewErrParamMinLen("NewCustomKeyStoreName", 1)) @@ -14297,12 +14371,13 @@ type VerifyInput struct { // KeyId is a required field KeyId *string `min:"1" type:"string" required:"true"` - // Specifies the message that was signed, or a hash digest of that message. - // Messages can be 0-4096 bytes. To verify a larger message, provide a hash - // digest of the message. + // Specifies the message that was signed. You can submit a raw message of up + // to 4096 bytes, or a hash digest of the message. If you submit a digest, use + // the MessageType parameter with a value of DIGEST. // - // If the digest of the message specified here is different from the message - // digest that was signed, the signature verification fails. + // If the message specified here is different from the message that was signed, + // the signature verification fails. A message and its hash digest are considered + // to be the same message. // // Message is automatically base64 encoded/decoded by the SDK. // @@ -14310,8 +14385,12 @@ type VerifyInput struct { Message []byte `min:"1" type:"blob" required:"true" sensitive:"true"` // Tells AWS KMS whether the value of the Message parameter is a message or - // message digest. To indicate a message, enter RAW. To indicate a message digest, - // enter DIGEST. + // message digest. The default value, RAW, indicates a message. To indicate + // a message digest, enter DIGEST. + // + // Use the DIGEST value only when the value of the Message parameter is a message + // digest. If you use the DIGEST value with a raw message, the security of the + // verification operation can be compromised. MessageType *string `type:"string" enum:"MessageType"` // The signature that the Sign operation generated. @@ -14408,8 +14487,8 @@ func (s *VerifyInput) SetSigningAlgorithm(v string) *VerifyInput { type VerifyOutput struct { _ struct{} `type:"structure"` - // The unique identifier for the asymmetric CMK that was used to verify the - // signature. + // The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN)) + // of the asymmetric CMK that was used to verify the signature. KeyId *string `min:"1" type:"string"` // A Boolean value that indicates whether the signature was verified. A value @@ -14461,6 +14540,15 @@ const ( AlgorithmSpecRsaesOaepSha256 = "RSAES_OAEP_SHA_256" ) +// AlgorithmSpec_Values returns all elements of the AlgorithmSpec enum +func AlgorithmSpec_Values() []string { + return []string{ + AlgorithmSpecRsaesPkcs1V15, + AlgorithmSpecRsaesOaepSha1, + AlgorithmSpecRsaesOaepSha256, + } +} + const ( // ConnectionErrorCodeTypeInvalidCredentials is a ConnectionErrorCodeType enum value ConnectionErrorCodeTypeInvalidCredentials = "INVALID_CREDENTIALS" @@ -14479,8 +14567,32 @@ const ( // ConnectionErrorCodeTypeUserLockedOut is a ConnectionErrorCodeType enum value ConnectionErrorCodeTypeUserLockedOut = "USER_LOCKED_OUT" + + // ConnectionErrorCodeTypeUserNotFound is a ConnectionErrorCodeType enum value + ConnectionErrorCodeTypeUserNotFound = "USER_NOT_FOUND" + + // ConnectionErrorCodeTypeUserLoggedIn is a ConnectionErrorCodeType enum value + ConnectionErrorCodeTypeUserLoggedIn = "USER_LOGGED_IN" + + // ConnectionErrorCodeTypeSubnetNotFound is a ConnectionErrorCodeType enum value + ConnectionErrorCodeTypeSubnetNotFound = "SUBNET_NOT_FOUND" ) +// ConnectionErrorCodeType_Values returns all elements of the ConnectionErrorCodeType enum +func ConnectionErrorCodeType_Values() []string { + return []string{ + ConnectionErrorCodeTypeInvalidCredentials, + ConnectionErrorCodeTypeClusterNotFound, + ConnectionErrorCodeTypeNetworkErrors, + ConnectionErrorCodeTypeInternalError, + ConnectionErrorCodeTypeInsufficientCloudhsmHsms, + ConnectionErrorCodeTypeUserLockedOut, + ConnectionErrorCodeTypeUserNotFound, + ConnectionErrorCodeTypeUserLoggedIn, + ConnectionErrorCodeTypeSubnetNotFound, + } +} + const ( // ConnectionStateTypeConnected is a ConnectionStateType enum value ConnectionStateTypeConnected = "CONNECTED" @@ -14498,6 +14610,17 @@ const ( ConnectionStateTypeDisconnecting = "DISCONNECTING" ) +// ConnectionStateType_Values returns all elements of the ConnectionStateType enum +func ConnectionStateType_Values() []string { + return []string{ + ConnectionStateTypeConnected, + ConnectionStateTypeConnecting, + ConnectionStateTypeFailed, + ConnectionStateTypeDisconnected, + ConnectionStateTypeDisconnecting, + } +} + const ( // CustomerMasterKeySpecRsa2048 is a CustomerMasterKeySpec enum value CustomerMasterKeySpecRsa2048 = "RSA_2048" @@ -14524,6 +14647,20 @@ const ( CustomerMasterKeySpecSymmetricDefault = "SYMMETRIC_DEFAULT" ) +// CustomerMasterKeySpec_Values returns all elements of the CustomerMasterKeySpec enum +func CustomerMasterKeySpec_Values() []string { + return []string{ + CustomerMasterKeySpecRsa2048, + CustomerMasterKeySpecRsa3072, + CustomerMasterKeySpecRsa4096, + CustomerMasterKeySpecEccNistP256, + CustomerMasterKeySpecEccNistP384, + CustomerMasterKeySpecEccNistP521, + CustomerMasterKeySpecEccSecgP256k1, + CustomerMasterKeySpecSymmetricDefault, + } +} + const ( // DataKeyPairSpecRsa2048 is a DataKeyPairSpec enum value DataKeyPairSpecRsa2048 = "RSA_2048" @@ -14547,6 +14684,19 @@ const ( DataKeyPairSpecEccSecgP256k1 = "ECC_SECG_P256K1" ) +// DataKeyPairSpec_Values returns all elements of the DataKeyPairSpec enum +func DataKeyPairSpec_Values() []string { + return []string{ + DataKeyPairSpecRsa2048, + DataKeyPairSpecRsa3072, + DataKeyPairSpecRsa4096, + DataKeyPairSpecEccNistP256, + DataKeyPairSpecEccNistP384, + DataKeyPairSpecEccNistP521, + DataKeyPairSpecEccSecgP256k1, + } +} + const ( // DataKeySpecAes256 is a DataKeySpec enum value DataKeySpecAes256 = "AES_256" @@ -14555,6 +14705,14 @@ const ( DataKeySpecAes128 = "AES_128" ) +// DataKeySpec_Values returns all elements of the DataKeySpec enum +func DataKeySpec_Values() []string { + return []string{ + DataKeySpecAes256, + DataKeySpecAes128, + } +} + const ( // EncryptionAlgorithmSpecSymmetricDefault is a EncryptionAlgorithmSpec enum value EncryptionAlgorithmSpecSymmetricDefault = "SYMMETRIC_DEFAULT" @@ -14566,6 +14724,15 @@ const ( EncryptionAlgorithmSpecRsaesOaepSha256 = "RSAES_OAEP_SHA_256" ) +// EncryptionAlgorithmSpec_Values returns all elements of the EncryptionAlgorithmSpec enum +func EncryptionAlgorithmSpec_Values() []string { + return []string{ + EncryptionAlgorithmSpecSymmetricDefault, + EncryptionAlgorithmSpecRsaesOaepSha1, + EncryptionAlgorithmSpecRsaesOaepSha256, + } +} + const ( // ExpirationModelTypeKeyMaterialExpires is a ExpirationModelType enum value ExpirationModelTypeKeyMaterialExpires = "KEY_MATERIAL_EXPIRES" @@ -14574,6 +14741,14 @@ const ( ExpirationModelTypeKeyMaterialDoesNotExpire = "KEY_MATERIAL_DOES_NOT_EXPIRE" ) +// ExpirationModelType_Values returns all elements of the ExpirationModelType enum +func ExpirationModelType_Values() []string { + return []string{ + ExpirationModelTypeKeyMaterialExpires, + ExpirationModelTypeKeyMaterialDoesNotExpire, + } +} + const ( // GrantOperationDecrypt is a GrantOperation enum value GrantOperationDecrypt = "Decrypt" @@ -14618,6 +14793,26 @@ const ( GrantOperationGenerateDataKeyPairWithoutPlaintext = "GenerateDataKeyPairWithoutPlaintext" ) +// GrantOperation_Values returns all elements of the GrantOperation enum +func GrantOperation_Values() []string { + return []string{ + GrantOperationDecrypt, + GrantOperationEncrypt, + GrantOperationGenerateDataKey, + GrantOperationGenerateDataKeyWithoutPlaintext, + GrantOperationReEncryptFrom, + GrantOperationReEncryptTo, + GrantOperationSign, + GrantOperationVerify, + GrantOperationGetPublicKey, + GrantOperationCreateGrant, + GrantOperationRetireGrant, + GrantOperationDescribeKey, + GrantOperationGenerateDataKeyPair, + GrantOperationGenerateDataKeyPairWithoutPlaintext, + } +} + const ( // KeyManagerTypeAws is a KeyManagerType enum value KeyManagerTypeAws = "AWS" @@ -14626,6 +14821,14 @@ const ( KeyManagerTypeCustomer = "CUSTOMER" ) +// KeyManagerType_Values returns all elements of the KeyManagerType enum +func KeyManagerType_Values() []string { + return []string{ + KeyManagerTypeAws, + KeyManagerTypeCustomer, + } +} + const ( // KeyStateEnabled is a KeyState enum value KeyStateEnabled = "Enabled" @@ -14643,6 +14846,17 @@ const ( KeyStateUnavailable = "Unavailable" ) +// KeyState_Values returns all elements of the KeyState enum +func KeyState_Values() []string { + return []string{ + KeyStateEnabled, + KeyStateDisabled, + KeyStatePendingDeletion, + KeyStatePendingImport, + KeyStateUnavailable, + } +} + const ( // KeyUsageTypeSignVerify is a KeyUsageType enum value KeyUsageTypeSignVerify = "SIGN_VERIFY" @@ -14651,6 +14865,14 @@ const ( KeyUsageTypeEncryptDecrypt = "ENCRYPT_DECRYPT" ) +// KeyUsageType_Values returns all elements of the KeyUsageType enum +func KeyUsageType_Values() []string { + return []string{ + KeyUsageTypeSignVerify, + KeyUsageTypeEncryptDecrypt, + } +} + const ( // MessageTypeRaw is a MessageType enum value MessageTypeRaw = "RAW" @@ -14659,6 +14881,14 @@ const ( MessageTypeDigest = "DIGEST" ) +// MessageType_Values returns all elements of the MessageType enum +func MessageType_Values() []string { + return []string{ + MessageTypeRaw, + MessageTypeDigest, + } +} + const ( // OriginTypeAwsKms is a OriginType enum value OriginTypeAwsKms = "AWS_KMS" @@ -14670,6 +14900,15 @@ const ( OriginTypeAwsCloudhsm = "AWS_CLOUDHSM" ) +// OriginType_Values returns all elements of the OriginType enum +func OriginType_Values() []string { + return []string{ + OriginTypeAwsKms, + OriginTypeExternal, + OriginTypeAwsCloudhsm, + } +} + const ( // SigningAlgorithmSpecRsassaPssSha256 is a SigningAlgorithmSpec enum value SigningAlgorithmSpecRsassaPssSha256 = "RSASSA_PSS_SHA_256" @@ -14699,7 +14938,29 @@ const ( SigningAlgorithmSpecEcdsaSha512 = "ECDSA_SHA_512" ) +// SigningAlgorithmSpec_Values returns all elements of the SigningAlgorithmSpec enum +func SigningAlgorithmSpec_Values() []string { + return []string{ + SigningAlgorithmSpecRsassaPssSha256, + SigningAlgorithmSpecRsassaPssSha384, + SigningAlgorithmSpecRsassaPssSha512, + SigningAlgorithmSpecRsassaPkcs1V15Sha256, + SigningAlgorithmSpecRsassaPkcs1V15Sha384, + SigningAlgorithmSpecRsassaPkcs1V15Sha512, + SigningAlgorithmSpecEcdsaSha256, + SigningAlgorithmSpecEcdsaSha384, + SigningAlgorithmSpecEcdsaSha512, + } +} + const ( // WrappingKeySpecRsa2048 is a WrappingKeySpec enum value WrappingKeySpecRsa2048 = "RSA_2048" ) + +// WrappingKeySpec_Values returns all elements of the WrappingKeySpec enum +func WrappingKeySpec_Values() []string { + return []string{ + WrappingKeySpecRsa2048, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/kms/errors.go b/vendor/github.com/aws/aws-sdk-go/service/kms/errors.go index 7d2d6cd1349b..911bf576ebf7 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/kms/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/kms/errors.go @@ -297,8 +297,8 @@ const ( // ErrCodeLimitExceededException for service response error code // "LimitExceededException". // - // The request was rejected because a limit was exceeded. For more information, - // see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) + // The request was rejected because a quota was exceeded. For more information, + // see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. ErrCodeLimitExceededException = "LimitExceededException" diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go index 7f60d4aa1851..bfc4372f9fde 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go @@ -207,6 +207,10 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. // +// * ErrCodeExpiredTokenException "ExpiredTokenException" +// The web identity token that was passed is expired or is not valid. Get a +// new identity token from the identity provider and then retry the request. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRole func (c *STS) AssumeRole(input *AssumeRoleInput) (*AssumeRoleOutput, error) { req, out := c.AssumeRoleRequest(input) @@ -626,7 +630,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // * Using Web Identity Federation API Operations for Mobile Apps (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html) // and Federation Through a Web-based Identity Provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity). // -// * Web Identity Federation Playground (https://web-identity-federation-playground.s3.amazonaws.com/index.html). +// * Web Identity Federation Playground (https://aws.amazon.com/blogs/aws/the-aws-web-identity-federation-playground/). // Walk through the process of authenticating through Login with Amazon, // Facebook, or Google, getting temporary security credentials, and then // using those credentials to make a request to AWS. diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go b/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go index fcb720dcac6d..cb1debbaa45c 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go @@ -3,87 +3,11 @@ // Package sts provides the client and types for making API // requests to AWS Security Token Service. // -// The AWS Security Token Service (STS) is a web service that enables you to -// request temporary, limited-privilege credentials for AWS Identity and Access -// Management (IAM) users or for users that you authenticate (federated users). -// This guide provides descriptions of the STS API. For more detailed information -// about using this service, go to Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). -// -// For information about setting up signatures and authorization through the -// API, go to Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) -// in the AWS General Reference. For general information about the Query API, -// go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) -// in Using IAM. For information about using security tokens with other AWS -// products, go to AWS Services That Work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) -// in the IAM User Guide. -// -// If you're new to AWS and need additional technical information about a specific -// AWS product, you can find the product's technical documentation at http://aws.amazon.com/documentation/ -// (http://aws.amazon.com/documentation/). -// -// Endpoints -// -// By default, AWS Security Token Service (STS) is available as a global service, -// and all AWS STS requests go to a single endpoint at https://sts.amazonaws.com. -// Global requests map to the US East (N. Virginia) region. AWS recommends using -// Regional AWS STS endpoints instead of the global endpoint to reduce latency, -// build in redundancy, and increase session token validity. For more information, -// see Managing AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// Most AWS Regions are enabled for operations in all AWS services by default. -// Those Regions are automatically activated for use with AWS STS. Some Regions, -// such as Asia Pacific (Hong Kong), must be manually enabled. To learn more -// about enabling and disabling AWS Regions, see Managing AWS Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html) -// in the AWS General Reference. When you enable these AWS Regions, they are -// automatically activated for use with AWS STS. You cannot activate the STS -// endpoint for a Region that is disabled. Tokens that are valid in all AWS -// Regions are longer than tokens that are valid in Regions that are enabled -// by default. Changing this setting might affect existing systems where you -// temporarily store tokens. For more information, see Managing Global Endpoint -// Session Tokens (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#sts-regions-manage-tokens) -// in the IAM User Guide. -// -// After you activate a Region for use with AWS STS, you can direct AWS STS -// API calls to that Region. AWS STS recommends that you provide both the Region -// and endpoint when you make calls to a Regional endpoint. You can provide -// the Region alone for manually enabled Regions, such as Asia Pacific (Hong -// Kong). In this case, the calls are directed to the STS Regional endpoint. -// However, if you provide the Region alone for Regions enabled by default, -// the calls are directed to the global endpoint of https://sts.amazonaws.com. -// -// To view the list of AWS STS endpoints and whether they are active by default, -// see Writing Code to Use AWS STS Regions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#id_credentials_temp_enable-regions_writing_code) -// in the IAM User Guide. -// -// Recording API requests -// -// STS supports AWS CloudTrail, which is a service that records AWS calls for -// your AWS account and delivers log files to an Amazon S3 bucket. By using -// information collected by CloudTrail, you can determine what requests were -// successfully made to STS, who made the request, when it was made, and so -// on. -// -// If you activate AWS STS endpoints in Regions other than the default global -// endpoint, then you must also turn on CloudTrail logging in those Regions. -// This is necessary to record any AWS STS API calls that are made in those -// Regions. For more information, see Turning On CloudTrail in Additional Regions -// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_turn_on_ct.html) -// in the AWS CloudTrail User Guide. -// -// AWS Security Token Service (STS) is a global service with a single endpoint -// at https://sts.amazonaws.com. Calls to this endpoint are logged as calls -// to a global service. However, because this endpoint is physically located -// in the US East (N. Virginia) Region, your logs list us-east-1 as the event -// Region. CloudTrail does not write these logs to the US East (Ohio) Region -// unless you choose to include global service logs in that Region. CloudTrail -// writes calls to all Regional endpoints to their respective Regions. For example, -// calls to sts.us-east-2.amazonaws.com are published to the US East (Ohio) -// Region and calls to sts.eu-central-1.amazonaws.com are published to the EU -// (Frankfurt) Region. -// -// To learn more about CloudTrail, including how to turn it on and find your -// log files, see the AWS CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html). +// AWS Security Token Service (STS) enables you to request temporary, limited-privilege +// credentials for AWS Identity and Access Management (IAM) users or for users +// that you authenticate (federated users). This guide provides descriptions +// of the STS API. For more information about using this service, see Temporary +// Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). // // See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service. // diff --git a/vendor/github.com/checkpoint-restore/go-criu/v4/.travis.yml b/vendor/github.com/checkpoint-restore/go-criu/v4/.travis.yml index 9b5b025582cf..85e0cde3790a 100644 --- a/vendor/github.com/checkpoint-restore/go-criu/v4/.travis.yml +++ b/vendor/github.com/checkpoint-restore/go-criu/v4/.travis.yml @@ -1,5 +1,5 @@ language: go -sudo: required +dist: bionic os: - linux go: @@ -13,6 +13,7 @@ env: install: - sudo apt-get update - sudo apt-get install -y libprotobuf-dev libprotobuf-c0-dev protobuf-c-compiler protobuf-compiler python-protobuf libnl-3-dev libnet-dev libcap-dev + - make install.tools - go get github.com/checkpoint-restore/go-criu - git clone --single-branch -b ${CRIU_BRANCH} https://github.com/checkpoint-restore/criu.git - cd criu; make @@ -20,6 +21,8 @@ install: - cd .. script: # This builds the code without running the tests. - - make build phaul test/test test/phaul test/piggie + - make lint build phaul test/test test/phaul test/piggie # Run actual test as root as it uses CRIU. - sudo make test phaul-test + # This builds crit-go + - make -C crit-go/magic-gen lint build magicgen test diff --git a/vendor/github.com/checkpoint-restore/go-criu/v4/Makefile b/vendor/github.com/checkpoint-restore/go-criu/v4/Makefile index ee44ee448629..10356304b1f0 100644 --- a/vendor/github.com/checkpoint-restore/go-criu/v4/Makefile +++ b/vendor/github.com/checkpoint-restore/go-criu/v4/Makefile @@ -12,7 +12,7 @@ endif all: build test phaul phaul-test lint: - @golint . test phaul + @golint -set_exit_status . test phaul build: @$(GO) build -v diff --git a/vendor/github.com/checkpoint-restore/go-criu/v4/go.sum b/vendor/github.com/checkpoint-restore/go-criu/v4/go.sum index bf6db1068851..6124ed3e451b 100644 --- a/vendor/github.com/checkpoint-restore/go-criu/v4/go.sum +++ b/vendor/github.com/checkpoint-restore/go-criu/v4/go.sum @@ -1,20 +1,2 @@ github.com/golang/protobuf v1.3.5 h1:F768QJ1E9tib+q5Sc8MkdJi1RxLTbRcTf8LJV56aRls= github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.23.0 h1:4MY060fB1DLGMB/7MBTLnwQUY6+F09GEiz6SsrNqyzM= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= diff --git a/vendor/github.com/checkpoint-restore/go-criu/v4/main.go b/vendor/github.com/checkpoint-restore/go-criu/v4/main.go index d152bfc535ec..d0a6da47837b 100644 --- a/vendor/github.com/checkpoint-restore/go-criu/v4/main.go +++ b/vendor/github.com/checkpoint-restore/go-criu/v4/main.go @@ -14,13 +14,22 @@ import ( // Criu struct type Criu struct { - swrkCmd *exec.Cmd - swrkSk *os.File + swrkCmd *exec.Cmd + swrkSk *os.File + swrkPath string } // MakeCriu returns the Criu object required for most operations func MakeCriu() *Criu { - return &Criu{} + return &Criu{ + swrkPath: "criu", + } +} + +// SetCriuPath allows setting the path to the CRIU binary +// if it is in a non standard location +func (c *Criu) SetCriuPath(path string) { + c.swrkPath = path } // Prepare sets up everything for the RPC communication to CRIU @@ -36,7 +45,7 @@ func (c *Criu) Prepare() error { defer srv.Close() args := []string{"swrk", strconv.Itoa(fds[1])} - cmd := exec.Command("criu", args...) + cmd := exec.Command(c.swrkPath, args...) err = cmd.Start() if err != nil { diff --git a/vendor/github.com/docker/docker/AUTHORS b/vendor/github.com/docker/docker/AUTHORS index 851e81014b21..c5f725bc19d3 100644 --- a/vendor/github.com/docker/docker/AUTHORS +++ b/vendor/github.com/docker/docker/AUTHORS @@ -44,7 +44,7 @@ Ajey Charantimath ajneu Akash Gupta Akihiro Matsushima -Akihiro Suda +Akihiro Suda Akim Demaille Akira Koyasu Akshay Karle @@ -81,6 +81,7 @@ Alexandre Garnier Alexandre González Alexandre Jomin Alexandru Sfirlogea +Alexei Margasov Alexey Guskov Alexey Kotlyarov Alexey Shamrin @@ -153,6 +154,7 @@ Andy Wilson Anes Hasicic Anil Belur Anil Madhavapeddy +Ankit Jain Ankush Agarwal Anonmily Anran Qiao @@ -184,6 +186,7 @@ Asad Saeeduddin Asbjørn Enge averagehuman Avi Das +Avi Kivity Avi Miller Avi Vaid ayoshitake @@ -507,6 +510,7 @@ Dmitri Shuralyov Dmitry Demeshchuk Dmitry Gusev Dmitry Kononenko +Dmitry Sharshakov Dmitry Shyshkin Dmitry Smirnov Dmitry V. Krivenok @@ -656,6 +660,7 @@ Frederik Loeffert Frederik Nordahl Jul Sabroe Freek Kalter Frieder Bluemle +Fu JinLin Félix Baylac-Jacqué Félix Cantournet Gabe Rosenhouse @@ -688,6 +693,7 @@ Ghislain Bourgeois Giampaolo Mancini Gianluca Borello Gildas Cuisinier +Giovan Isa Musthofa gissehel Giuseppe Mazzotta Gleb Fotengauer-Malinovskiy @@ -898,6 +904,7 @@ Jimmy Cuadra Jimmy Puckett Jimmy Song Jinsoo Park +Jintao Zhang Jiri Appl Jiri Popelka Jiuyue Ma @@ -1079,6 +1086,7 @@ Kunal Kushwaha Kunal Tyagi Kyle Conroy Kyle Linden +Kyle Wuolle kyu Lachlan Coote Lai Jiangshan @@ -1255,6 +1263,7 @@ Maxim Kulkin Maxim Treskin Maxime Petazzoni Maximiliano Maccanti +Maxwell Meaglith Ma meejah Megan Kostick @@ -1519,6 +1528,7 @@ Quentin Brossard Quentin Perez Quentin Tayssier r0n22 +Radostin Stoyanov Rafal Jeczalik Rafe Colton Raghavendra K T @@ -1976,6 +1986,7 @@ xamyzhao Xian Chaobo Xianglin Gao Xianlu Bird +Xiao YongBiao XiaoBing Jiang Xiaodong Zhang Xiaoxi He diff --git a/vendor/github.com/docker/docker/NOTICE b/vendor/github.com/docker/docker/NOTICE index 0c74e15b057f..58b19b6d15b9 100644 --- a/vendor/github.com/docker/docker/NOTICE +++ b/vendor/github.com/docker/docker/NOTICE @@ -3,7 +3,7 @@ Copyright 2012-2017 Docker, Inc. This product includes software developed at Docker, Inc. (https://www.docker.com). -This product contains software (https://github.com/kr/pty) developed +This product contains software (https://github.com/creack/pty) developed by Keith Rarick, licensed under the MIT License. The following is courtesy of our legal counsel: diff --git a/vendor/github.com/docker/docker/api/swagger.yaml b/vendor/github.com/docker/docker/api/swagger.yaml index 78c576cef25e..70b09a0e3b73 100644 --- a/vendor/github.com/docker/docker/api/swagger.yaml +++ b/vendor/github.com/docker/docker/api/swagger.yaml @@ -26,13 +26,19 @@ info: x-logo: url: "https://docs.docker.com/images/logo-docker-main.png" description: | - The Engine API is an HTTP API served by Docker Engine. It is the API the Docker client uses to communicate with the Engine, so everything the Docker client can do can be done with the API. + The Engine API is an HTTP API served by Docker Engine. It is the API the + Docker client uses to communicate with the Engine, so everything the Docker + client can do can be done with the API. - Most of the client's commands map directly to API endpoints (e.g. `docker ps` is `GET /containers/json`). The notable exception is running containers, which consists of several API calls. + Most of the client's commands map directly to API endpoints (e.g. `docker ps` + is `GET /containers/json`). The notable exception is running containers, + which consists of several API calls. # Errors - The API uses standard HTTP status codes to indicate the success or failure of the API call. The body of the response will be JSON in the following format: + The API uses standard HTTP status codes to indicate the success or failure + of the API call. The body of the response will be JSON in the following + format: ``` { @@ -65,7 +71,11 @@ info: # Authentication - Authentication for registries is handled client side. The client has to send authentication details to various endpoints that need to communicate with registries, such as `POST /images/(name)/push`. These are sent as `X-Registry-Auth` header as a Base64 encoded (JSON) string with the following structure: + Authentication for registries is handled client side. The client has to send + authentication details to various endpoints that need to communicate with + registries, such as `POST /images/(name)/push`. These are sent as + `X-Registry-Auth` header as a [base64url encoded](https://tools.ietf.org/html/rfc4648#section-5) + (JSON) string with the following structure: ``` { @@ -76,9 +86,11 @@ info: } ``` - The `serveraddress` is a domain/IP without a protocol. Throughout this structure, double quotes are required. + The `serveraddress` is a domain/IP without a protocol. Throughout this + structure, double quotes are required. - If you have already got an identity token from the [`/auth` endpoint](#operation/SystemAuth), you can just pass this instead of credentials: + If you have already got an identity token from the [`/auth` endpoint](#operation/SystemAuth), + you can just pass this instead of credentials: ``` { @@ -104,7 +116,9 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. + See the [networking documentation](https://docs.docker.com/network/) + for more information. - name: "Volume" x-displayName: "Volumes" description: | @@ -112,34 +126,46 @@ tags: - name: "Exec" x-displayName: "Exec" description: | - Run new commands inside running containers. See the [command-line reference](https://docs.docker.com/engine/reference/commandline/exec/) for more information. + Run new commands inside running containers. Refer to the + [command-line reference](https://docs.docker.com/engine/reference/commandline/exec/) + for more information. + + To exec a command in a container, you first need to create an exec instance, + then start it. These two API endpoints are wrapped up in a single command-line + command, `docker exec`. - To exec a command in a container, you first need to create an exec instance, then start it. These two API endpoints are wrapped up in a single command-line command, `docker exec`. # Swarm things - name: "Swarm" x-displayName: "Swarm" description: | - Engines can be clustered together in a swarm. See [the swarm mode documentation](https://docs.docker.com/engine/swarm/) for more information. + Engines can be clustered together in a swarm. Refer to the + [swarm mode documentation](https://docs.docker.com/engine/swarm/) + for more information. - name: "Node" x-displayName: "Nodes" description: | - Nodes are instances of the Engine participating in a swarm. Swarm mode must be enabled for these endpoints to work. + Nodes are instances of the Engine participating in a swarm. Swarm mode + must be enabled for these endpoints to work. - name: "Service" x-displayName: "Services" description: | - Services are the definitions of tasks to run on a swarm. Swarm mode must be enabled for these endpoints to work. + Services are the definitions of tasks to run on a swarm. Swarm mode must + be enabled for these endpoints to work. - name: "Task" x-displayName: "Tasks" description: | - A task is a container running on a swarm. It is the atomic scheduling unit of swarm. Swarm mode must be enabled for these endpoints to work. + A task is a container running on a swarm. It is the atomic scheduling unit + of swarm. Swarm mode must be enabled for these endpoints to work. - name: "Secret" x-displayName: "Secrets" description: | - Secrets are sensitive data that can be used by services. Swarm mode must be enabled for these endpoints to work. + Secrets are sensitive data that can be used by services. Swarm mode must + be enabled for these endpoints to work. - name: "Config" x-displayName: "Configs" description: | - Configs are application configurations that can be used by services. Swarm mode must be enabled for these endpoints to work. + Configs are application configurations that can be used by services. Swarm + mode must be enabled for these endpoints to work. # System things - name: "Plugin" x-displayName: "Plugins" @@ -345,9 +371,11 @@ definitions: RestartPolicy: description: | - The behavior to apply when the container exits. The default is not to restart. + The behavior to apply when the container exits. The default is not to + restart. - An ever increasing delay (double the previous delay, starting at 100ms) is added before each restart to prevent flooding the server. + An ever increasing delay (double the previous delay, starting at 100ms) is + added before each restart to prevent flooding the server. type: "object" properties: Name: @@ -364,7 +392,8 @@ definitions: - "on-failure" MaximumRetryCount: type: "integer" - description: "If `on-failure` is used, the number of times to retry before giving up" + description: | + If `on-failure` is used, the number of times to retry before giving up. Resources: description: "A container's resources (cgroups config, ulimits, etc)" @@ -372,7 +401,9 @@ definitions: properties: # Applicable to all platforms CpuShares: - description: "An integer value representing this container's relative CPU weight versus other containers." + description: | + An integer value representing this container's relative CPU weight + versus other containers. type: "integer" Memory: description: "Memory limit in bytes." @@ -381,7 +412,11 @@ definitions: default: 0 # Applicable to UNIX platforms CgroupParent: - description: "Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist." + description: | + Path to `cgroups` under which the container's `cgroup` is created. If + the path is not absolute, the path is considered to be relative to the + `cgroups` path of the init process. Cgroups are created if they do not + already exist. type: "string" BlkioWeight: description: "Block IO weight (relative weight)." @@ -390,7 +425,11 @@ definitions: maximum: 1000 BlkioWeightDevice: description: | - Block IO weight (relative device weight) in the form `[{"Path": "device_path", "Weight": weight}]`. + Block IO weight (relative device weight) in the form: + + ``` + [{"Path": "device_path", "Weight": weight}] + ``` type: "array" items: type: "object" @@ -402,25 +441,41 @@ definitions: minimum: 0 BlkioDeviceReadBps: description: | - Limit read rate (bytes per second) from a device, in the form `[{"Path": "device_path", "Rate": rate}]`. + Limit read rate (bytes per second) from a device, in the form: + + ``` + [{"Path": "device_path", "Rate": rate}] + ``` type: "array" items: $ref: "#/definitions/ThrottleDevice" BlkioDeviceWriteBps: description: | - Limit write rate (bytes per second) to a device, in the form `[{"Path": "device_path", "Rate": rate}]`. + Limit write rate (bytes per second) to a device, in the form: + + ``` + [{"Path": "device_path", "Rate": rate}] + ``` type: "array" items: $ref: "#/definitions/ThrottleDevice" BlkioDeviceReadIOps: description: | - Limit read rate (IO per second) from a device, in the form `[{"Path": "device_path", "Rate": rate}]`. + Limit read rate (IO per second) from a device, in the form: + + ``` + [{"Path": "device_path", "Rate": rate}] + ``` type: "array" items: $ref: "#/definitions/ThrottleDevice" BlkioDeviceWriteIOps: description: | - Limit write rate (IO per second) to a device, in the form `[{"Path": "device_path", "Rate": rate}]`. + Limit write rate (IO per second) to a device, in the form: + + ``` + [{"Path": "device_path", "Rate": rate}] + ``` type: "array" items: $ref: "#/definitions/ThrottleDevice" @@ -429,23 +484,31 @@ definitions: type: "integer" format: "int64" CpuQuota: - description: "Microseconds of CPU time that the container can get in a CPU period." + description: | + Microseconds of CPU time that the container can get in a CPU period. type: "integer" format: "int64" CpuRealtimePeriod: - description: "The length of a CPU real-time period in microseconds. Set to 0 to allocate no time allocated to real-time tasks." + description: | + The length of a CPU real-time period in microseconds. Set to 0 to + allocate no time allocated to real-time tasks. type: "integer" format: "int64" CpuRealtimeRuntime: - description: "The length of a CPU real-time runtime in microseconds. Set to 0 to allocate no time allocated to real-time tasks." + description: | + The length of a CPU real-time runtime in microseconds. Set to 0 to + allocate no time allocated to real-time tasks. type: "integer" format: "int64" CpusetCpus: - description: "CPUs in which to allow execution (e.g., `0-3`, `0,1`)" + description: | + CPUs in which to allow execution (e.g., `0-3`, `0,1`). type: "string" example: "0-3" CpusetMems: - description: "Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems." + description: | + Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only + effective on NUMA systems. type: "string" Devices: description: "A list of devices to add to the container." @@ -459,14 +522,11 @@ definitions: type: "string" example: "c 13:* rwm" DeviceRequests: - description: "a list of requests for devices to be sent to device drivers" + description: | + A list of requests for devices to be sent to device drivers. type: "array" items: $ref: "#/definitions/DeviceRequest" - DiskQuota: - description: "Disk limit (in bytes)." - type: "integer" - format: "int64" KernelMemory: description: "Kernel memory limit in bytes." type: "integer" @@ -481,11 +541,15 @@ definitions: type: "integer" format: "int64" MemorySwap: - description: "Total memory limit (memory + swap). Set as `-1` to enable unlimited swap." + description: | + Total memory limit (memory + swap). Set as `-1` to enable unlimited + swap. type: "integer" format: "int64" MemorySwappiness: - description: "Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100." + description: | + Tune a container's memory swappiness behavior. Accepts an integer + between 0 and 100. type: "integer" format: "int64" minimum: 0 @@ -498,18 +562,26 @@ definitions: description: "Disable OOM Killer for the container." type: "boolean" Init: - description: "Run an init inside the container that forwards signals and reaps processes. This field is omitted if empty, and the default (as configured on the daemon) is used." + description: | + Run an init inside the container that forwards signals and reaps + processes. This field is omitted if empty, and the default (as + configured on the daemon) is used. type: "boolean" x-nullable: true PidsLimit: description: | - Tune a container's PIDs limit. Set `0` or `-1` for unlimited, or `null` to not change. + Tune a container's PIDs limit. Set `0` or `-1` for unlimited, or `null` + to not change. type: "integer" format: "int64" x-nullable: true Ulimits: description: | - A list of resource limits to set in the container. For example: `{"Name": "nofile", "Soft": 1024, "Hard": 2048}`" + A list of resource limits to set in the container. For example: + + ``` + {"Name": "nofile", "Soft": 1024, "Hard": 2048} + ``` type: "array" items: type: "object" @@ -528,14 +600,18 @@ definitions: description: | The number of usable CPUs (Windows only). - On Windows Server containers, the processor resource controls are mutually exclusive. The order of precedence is `CPUCount` first, then `CPUShares`, and `CPUPercent` last. + On Windows Server containers, the processor resource controls are + mutually exclusive. The order of precedence is `CPUCount` first, then + `CPUShares`, and `CPUPercent` last. type: "integer" format: "int64" CpuPercent: description: | The usable percentage of the available CPUs (Windows only). - On Windows Server containers, the processor resource controls are mutually exclusive. The order of precedence is `CPUCount` first, then `CPUShares`, and `CPUPercent` last. + On Windows Server containers, the processor resource controls are + mutually exclusive. The order of precedence is `CPUCount` first, then + `CPUShares`, and `CPUPercent` last. type: "integer" format: "int64" IOMaximumIOps: @@ -543,12 +619,16 @@ definitions: type: "integer" format: "int64" IOMaximumBandwidth: - description: "Maximum IO in bytes per second for the container system drive (Windows only)" + description: | + Maximum IO in bytes per second for the container system drive + (Windows only). type: "integer" format: "int64" ResourceObject: - description: "An object describing the resources which can be advertised by a node and requested by a task" + description: | + An object describing the resources which can be advertised by a node and + requested by a task. type: "object" properties: NanoCPUs: @@ -563,7 +643,9 @@ definitions: $ref: "#/definitions/GenericResources" GenericResources: - description: "User-defined resources can be either Integer resources (e.g, `SSD=3`) or String resources (e.g, `GPU=UUID1`)" + description: | + User-defined resources can be either Integer resources (e.g, `SSD=3`) or + String resources (e.g, `GPU=UUID1`). type: "array" items: type: "object" @@ -610,18 +692,92 @@ definitions: items: type: "string" Interval: - description: "The time to wait between checks in nanoseconds. It should be 0 or at least 1000000 (1 ms). 0 means inherit." + description: | + The time to wait between checks in nanoseconds. It should be 0 or at + least 1000000 (1 ms). 0 means inherit. type: "integer" Timeout: - description: "The time to wait before considering the check to have hung. It should be 0 or at least 1000000 (1 ms). 0 means inherit." + description: | + The time to wait before considering the check to have hung. It should + be 0 or at least 1000000 (1 ms). 0 means inherit. type: "integer" Retries: - description: "The number of consecutive failures needed to consider a container as unhealthy. 0 means inherit." + description: | + The number of consecutive failures needed to consider a container as + unhealthy. 0 means inherit. type: "integer" StartPeriod: - description: "Start period for the container to initialize before starting health-retries countdown in nanoseconds. It should be 0 or at least 1000000 (1 ms). 0 means inherit." + description: | + Start period for the container to initialize before starting + health-retries countdown in nanoseconds. It should be 0 or at least + 1000000 (1 ms). 0 means inherit. type: "integer" + Health: + description: | + Health stores information about the container's healthcheck results. + type: "object" + properties: + Status: + description: | + Status is one of `none`, `starting`, `healthy` or `unhealthy` + + - "none" Indicates there is no healthcheck + - "starting" Starting indicates that the container is not yet ready + - "healthy" Healthy indicates that the container is running correctly + - "unhealthy" Unhealthy indicates that the container has a problem + type: "string" + enum: + - "none" + - "starting" + - "healthy" + - "unhealthy" + example: "healthy" + FailingStreak: + description: "FailingStreak is the number of consecutive failures" + type: "integer" + example: 0 + Log: + type: "array" + description: | + Log contains the last few results (oldest first) + items: + x-nullable: true + $ref: "#/definitions/HealthcheckResult" + + HealthcheckResult: + description: | + HealthcheckResult stores information about a single run of a healthcheck probe + type: "object" + properties: + Start: + description: | + Date and time at which this check started in + [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. + type: "string" + format: "date-time" + example: "2020-01-04T10:44:24.496525531Z" + End: + description: | + Date and time at which this check ended in + [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. + type: "string" + format: "dateTime" + example: "2020-01-04T10:45:21.364524523Z" + ExitCode: + description: | + ExitCode meanings: + + - `0` healthy + - `1` unhealthy + - `2` reserved (considered unhealthy) + - other values: error running probe + type: "integer" + example: 0 + Output: + description: "Output from last check" + type: "string" + HostConfig: description: "Container configuration that depends on the host we are running on" allOf: @@ -632,12 +788,44 @@ definitions: Binds: type: "array" description: | - A list of volume bindings for this container. Each volume binding is a string in one of these forms: - - - `host-src:container-dest` to bind-mount a host path into the container. Both `host-src`, and `container-dest` must be an _absolute_ path. - - `host-src:container-dest:ro` to make the bind mount read-only inside the container. Both `host-src`, and `container-dest` must be an _absolute_ path. - - `volume-name:container-dest` to bind-mount a volume managed by a volume driver into the container. `container-dest` must be an _absolute_ path. - - `volume-name:container-dest:ro` to mount the volume read-only inside the container. `container-dest` must be an _absolute_ path. + A list of volume bindings for this container. Each volume binding + is a string in one of these forms: + + - `host-src:container-dest[:options]` to bind-mount a host path + into the container. Both `host-src`, and `container-dest` must + be an _absolute_ path. + - `volume-name:container-dest[:options]` to bind-mount a volume + managed by a volume driver into the container. `container-dest` + must be an _absolute_ path. + + `options` is an optional, comma-delimited list of: + + - `nocopy` disables automatic copying of data from the container + path to the volume. The `nocopy` flag only applies to named volumes. + - `[ro|rw]` mounts a volume read-only or read-write, respectively. + If omitted or set to `rw`, volumes are mounted read-write. + - `[z|Z]` applies SELinux labels to allow or deny multiple containers + to read and write to the same volume. + - `z`: a _shared_ content label is applied to the content. This + label indicates that multiple containers can share the volume + content, for both reading and writing. + - `Z`: a _private unshared_ label is applied to the content. + This label indicates that only the current container can use + a private volume. Labeling systems such as SELinux require + proper labels to be placed on volume content that is mounted + into a container. Without a label, the security system can + prevent a container's processes from using the content. By + default, the labels set by the host operating system are not + modified. + - `[[r]shared|[r]slave|[r]private]` specifies mount + [propagation behavior](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt). + This only applies to bind-mounted volumes, not internal volumes + or named volumes. Mount propagation requires the source mount + point (the location where the source directory is mounted in the + host operating system) to have the correct propagation properties. + For shared volumes, the source mount point must be set to `shared`. + For slave volumes, the mount must be set to either `shared` or + `slave`. items: type: "string" ContainerIDFile: @@ -665,25 +853,33 @@ definitions: type: "string" NetworkMode: type: "string" - description: "Network mode to use for this container. Supported standard values are: `bridge`, `host`, `none`, and `container:`. Any other value is taken - as a custom network's name to which this container should connect to." + description: | + Network mode to use for this container. Supported standard values + are: `bridge`, `host`, `none`, and `container:`. Any + other value is taken as a custom network's name to which this + container should connect to. PortBindings: $ref: "#/definitions/PortMap" RestartPolicy: $ref: "#/definitions/RestartPolicy" AutoRemove: type: "boolean" - description: "Automatically remove the container when the container's process exits. This has no effect if `RestartPolicy` is set." + description: | + Automatically remove the container when the container's process + exits. This has no effect if `RestartPolicy` is set. VolumeDriver: type: "string" description: "Driver that this container uses to mount volumes." VolumesFrom: type: "array" - description: "A list of volumes to inherit from another container, specified in the form `[:]`." + description: | + A list of volumes to inherit from another container, specified in + the form `[:]`. items: type: "string" Mounts: - description: "Specification for mounts to be added to the container." + description: | + Specification for mounts to be added to the container. type: "array" items: $ref: "#/definitions/Mount" @@ -692,19 +888,24 @@ definitions: Capabilities: type: "array" description: | - A list of kernel capabilities to be available for container (this overrides the default set). + A list of kernel capabilities to be available for container (this + overrides the default set). Conflicts with options 'CapAdd' and 'CapDrop'" items: type: "string" CapAdd: type: "array" - description: "A list of kernel capabilities to add to the container. Conflicts with option 'Capabilities'" + description: | + A list of kernel capabilities to add to the container. Conflicts + with option 'Capabilities'. items: type: "string" CapDrop: type: "array" - description: "A list of kernel capabilities to drop from the container. Conflicts with option 'Capabilities'" + description: | + A list of kernel capabilities to drop from the container. Conflicts + with option 'Capabilities'. items: type: "string" Dns: @@ -725,43 +926,49 @@ definitions: ExtraHosts: type: "array" description: | - A list of hostnames/IP mappings to add to the container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`. + A list of hostnames/IP mappings to add to the container's `/etc/hosts` + file. Specified in the form `["hostname:IP"]`. items: type: "string" GroupAdd: type: "array" - description: "A list of additional groups that the container process will run as." + description: | + A list of additional groups that the container process will run as. items: type: "string" IpcMode: type: "string" description: | - IPC sharing mode for the container. Possible values are: + IPC sharing mode for the container. Possible values are: - - `"none"`: own private IPC namespace, with /dev/shm not mounted - - `"private"`: own private IPC namespace - - `"shareable"`: own private IPC namespace, with a possibility to share it with other containers - - `"container:"`: join another (shareable) container's IPC namespace - - `"host"`: use the host system's IPC namespace + - `"none"`: own private IPC namespace, with /dev/shm not mounted + - `"private"`: own private IPC namespace + - `"shareable"`: own private IPC namespace, with a possibility to share it with other containers + - `"container:"`: join another (shareable) container's IPC namespace + - `"host"`: use the host system's IPC namespace - If not specified, daemon default is used, which can either be `"private"` - or `"shareable"`, depending on daemon version and configuration. + If not specified, daemon default is used, which can either be `"private"` + or `"shareable"`, depending on daemon version and configuration. Cgroup: type: "string" description: "Cgroup to use for the container." Links: type: "array" - description: "A list of links for the container in the form `container_name:alias`." + description: | + A list of links for the container in the form `container_name:alias`. items: type: "string" OomScoreAdj: type: "integer" - description: "An integer value containing the score given to the container in order to tune OOM killer preferences." + description: | + An integer value containing the score given to the container in + order to tune OOM killer preferences. example: 500 PidMode: type: "string" description: | - Set the PID (Process) Namespace mode for the container. It can be either: + Set the PID (Process) Namespace mode for the container. It can be + either: - `"container:"`: joins another container's PID namespace - `"host"`: use the host's PID namespace inside the container @@ -774,11 +981,13 @@ definitions: Allocates an ephemeral host port for all of a container's exposed ports. - Ports are de-allocated when the container stops and allocated when the container starts. - The allocated port might be changed when restarting the container. + Ports are de-allocated when the container stops and allocated when + the container starts. The allocated port might be changed when + restarting the container. - The port is selected from the ephemeral port range that depends on the kernel. - For example, on Linux the range is defined by `/proc/sys/net/ipv4/ip_local_port_range`. + The port is selected from the ephemeral port range that depends on + the kernel. For example, on Linux the range is defined by + `/proc/sys/net/ipv4/ip_local_port_range`. ReadonlyRootfs: type: "boolean" description: "Mount the container's root filesystem as read only." @@ -797,7 +1006,12 @@ definitions: Tmpfs: type: "object" description: | - A map of container directories which should be replaced by tmpfs mounts, and their corresponding mount options. For example: `{ "/run": "rw,noexec,nosuid,size=65536k" }`. + A map of container directories which should be replaced by tmpfs + mounts, and their corresponding mount options. For example: + + ``` + { "/run": "rw,noexec,nosuid,size=65536k" } + ``` additionalProperties: type: "string" UTSMode: @@ -805,15 +1019,23 @@ definitions: description: "UTS namespace to use for the container." UsernsMode: type: "string" - description: "Sets the usernamespace mode for the container when usernamespace remapping option is enabled." + description: | + Sets the usernamespace mode for the container when usernamespace + remapping option is enabled. ShmSize: type: "integer" - description: "Size of `/dev/shm` in bytes. If omitted, the system uses 64MB." + description: | + Size of `/dev/shm` in bytes. If omitted, the system uses 64MB. minimum: 0 Sysctls: type: "object" description: | - A list of kernel parameters (sysctls) to set in the container. For example: `{"net.ipv4.ip_forward": "1"}` + A list of kernel parameters (sysctls) to set in the container. + For example: + + ``` + {"net.ipv4.ip_forward": "1"} + ``` additionalProperties: type: "string" Runtime: @@ -822,7 +1044,8 @@ definitions: # Applicable to Windows ConsoleSize: type: "array" - description: "Initial console size, as an `[height, width]` array. (Windows only)" + description: | + Initial console size, as an `[height, width]` array. (Windows only) minItems: 2 maxItems: 2 items: @@ -830,19 +1053,24 @@ definitions: minimum: 0 Isolation: type: "string" - description: "Isolation technology of the container. (Windows only)" + description: | + Isolation technology of the container. (Windows only) enum: - "default" - "process" - "hyperv" MaskedPaths: type: "array" - description: "The list of paths to be masked inside the container (this overrides the default set of paths)" + description: | + The list of paths to be masked inside the container (this overrides + the default set of paths). items: type: "string" ReadonlyPaths: type: "array" - description: "The list of paths to be set as read-only inside the container (this overrides the default set of paths)" + description: | + The list of paths to be set as read-only inside the container + (this overrides the default set of paths). items: type: "string" @@ -883,7 +1111,8 @@ definitions: - {} default: {} Tty: - description: "Attach standard streams to a TTY, including `stdin` if it is not closed." + description: | + Attach standard streams to a TTY, including `stdin` if it is not closed. type: "boolean" default: false OpenStdin: @@ -896,12 +1125,15 @@ definitions: default: false Env: description: | - A list of environment variables to set inside the container in the form `["VAR=value", ...]`. A variable without `=` is removed from the environment, rather than to have an empty value. + A list of environment variables to set inside the container in the + form `["VAR=value", ...]`. A variable without `=` is removed from the + environment, rather than to have an empty value. type: "array" items: type: "string" Cmd: - description: "Command to run specified as a string or an array of strings." + description: | + Command to run specified as a string or an array of strings. type: "array" items: type: "string" @@ -911,10 +1143,13 @@ definitions: description: "Command is already escaped (Windows only)" type: "boolean" Image: - description: "The name of the image to use when creating the container" + description: | + The name of the image to use when creating the container/ type: "string" Volumes: - description: "An object mapping mount point paths inside the container to empty objects." + description: | + An object mapping mount point paths inside the container to empty + objects. type: "object" additionalProperties: type: "object" @@ -928,7 +1163,9 @@ definitions: description: | The entry point for the container as a string or an array of strings. - If the array consists of exactly one empty string (`[""]`) then the entry point is reset to system default (i.e., the entry point used by docker when there is no `ENTRYPOINT` instruction in the `Dockerfile`). + If the array consists of exactly one empty string (`[""]`) then the + entry point is reset to system default (i.e., the entry point used by + docker when there is no `ENTRYPOINT` instruction in the `Dockerfile`). type: "array" items: type: "string" @@ -939,7 +1176,8 @@ definitions: description: "MAC address of the container." type: "string" OnBuild: - description: "`ONBUILD` metadata that were defined in the image's `Dockerfile`." + description: | + `ONBUILD` metadata that were defined in the image's `Dockerfile`. type: "array" items: type: "string" @@ -949,7 +1187,8 @@ definitions: additionalProperties: type: "string" StopSignal: - description: "Signal to stop a container as a string or unsigned integer." + description: | + Signal to stop a container as a string or unsigned integer. type: "string" default: "SIGTERM" StopTimeout: @@ -957,11 +1196,48 @@ definitions: type: "integer" default: 10 Shell: - description: "Shell for when `RUN`, `CMD`, and `ENTRYPOINT` uses a shell." + description: | + Shell for when `RUN`, `CMD`, and `ENTRYPOINT` uses a shell. type: "array" items: type: "string" + NetworkingConfig: + description: | + NetworkingConfig represents the container's networking configuration for + each of its interfaces. + It is used for the networking configs specified in the `docker create` + and `docker network connect` commands. + type: "object" + properties: + EndpointsConfig: + description: | + A mapping of network name to endpoint configuration for that network. + type: "object" + additionalProperties: + $ref: "#/definitions/EndpointSettings" + example: + # putting an example here, instead of using the example values from + # /definitions/EndpointSettings, because containers/create currently + # does not support attaching to multiple networks, so the example request + # would be confusing if it showed that multiple networks can be contained + # in the EndpointsConfig. + # TODO remove once we support multiple networks on container create (see https://github.com/moby/moby/blob/07e6b843594e061f82baa5fa23c2ff7d536c2a05/daemon/create.go#L323) + EndpointsConfig: + isolated_nw: + IPAMConfig: + IPv4Address: "172.20.30.33" + IPv6Address: "2001:db8:abcd::3033" + LinkLocalIPs: + - "169.254.34.68" + - "fe80::3468" + Links: + - "container_1" + - "container_2" + Aliases: + - "server_x" + - "server_y" + NetworkSettings: description: "NetworkSettings exposes the network settings in the API" type: "object" @@ -1145,6 +1421,7 @@ definitions: type: "object" additionalProperties: type: "array" + x-nullable: true items: $ref: "#/definitions/PortBinding" example: @@ -1169,7 +1446,6 @@ definitions: PortBinding represents a binding between a host IP address and a host port. type: "object" - x-nullable: true properties: HostIp: description: "Host IP address that the container's port is mapped to." @@ -1404,13 +1680,16 @@ definitions: type: "string" Scope: type: "string" - description: "The level at which the volume exists. Either `global` for cluster-wide, or `local` for machine level." + description: | + The level at which the volume exists. Either `global` for cluster-wide, + or `local` for machine level. default: "local" x-nullable: false enum: ["local", "global"] Options: type: "object" - description: "The driver specific options used when creating the volume." + description: | + The driver specific options used when creating the volume. additionalProperties: type: "string" UsageData: @@ -1528,7 +1807,12 @@ definitions: type: "string" default: "default" Config: - description: "List of IPAM configuration options, specified as a map: `{\"Subnet\": , \"IPRange\": , \"Gateway\": , \"AuxAddress\": }`" + description: | + List of IPAM configuration options, specified as a map: + + ``` + {"Subnet": , "IPRange": , "Gateway": , "AuxAddress": } + ``` type: "array" items: type: "object" @@ -1590,12 +1874,24 @@ definitions: Shared: type: "boolean" Size: + description: | + Amount of disk space used by the build cache (in bytes). type: "integer" CreatedAt: - type: "integer" + description: | + Date and time at which the build cache was created in + [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. + type: "string" + format: "dateTime" + example: "2016-08-18T10:44:24.496525531Z" LastUsedAt: - type: "integer" + description: | + Date and time at which the build cache was last used in + [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. + type: "string" + format: "dateTime" x-nullable: true + example: "2017-08-09T07:09:37.632105588Z" UsageCount: type: "integer" @@ -1874,7 +2170,9 @@ definitions: x-nullable: false example: "tiborvass/sample-volume-plugin" Enabled: - description: "True if the plugin is running. False if the plugin is not running, only installed." + description: + True if the plugin is running. False if the plugin is not running, + only installed. type: "boolean" x-nullable: false example: true @@ -2076,13 +2374,16 @@ definitions: ObjectVersion: description: | - The version number of the object such as node, service, etc. This is needed to avoid conflicting writes. - The client must send the version number along with the modified specification when updating these objects. - This approach ensures safe concurrency and determinism in that the change on the object - may not be applied if the version number has changed from the last read. In other words, - if two update requests specify the same base version, only one of the requests can succeed. - As a result, two separate update requests that happen at the same time will not - unintentionally overwrite each other. + The version number of the object such as node, service, etc. This is needed + to avoid conflicting writes. The client must send the version number along + with the modified specification when updating these objects. + + This approach ensures safe concurrency and determinism in that the change + on the object may not be applied if the version number has changed from the + last read. In other words, if two update requests specify the same base + version, only one of the requests can succeed. As a result, two separate + update requests that happen at the same time will not unintentionally + overwrite each other. type: "object" properties: Index: @@ -2251,17 +2552,23 @@ definitions: Name: "vieux/sshfs:latest" TLSInfo: - description: "Information about the issuer of leaf TLS certificates and the trusted root CA certificate" + description: | + Information about the issuer of leaf TLS certificates and the trusted root + CA certificate. type: "object" properties: TrustRoot: - description: "The root CA certificate(s) that are used to validate leaf TLS certificates" + description: | + The root CA certificate(s) that are used to validate leaf TLS + certificates. type: "string" CertIssuerSubject: - description: "The base64-url-safe-encoded raw subject bytes of the issuer" + description: + The base64-url-safe-encoded raw subject bytes of the issuer. type: "string" CertIssuerPublicKey: - description: "The base64-url-safe-encoded raw public key bytes of the issuer" + description: | + The base64-url-safe-encoded raw public key bytes of the issuer. type: "string" example: TrustRoot: | @@ -2357,7 +2664,9 @@ definitions: x-nullable: true properties: TaskHistoryRetentionLimit: - description: "The number of historic tasks to keep per instance or node. If negative, never remove completed or failed tasks." + description: | + The number of historic tasks to keep per instance or node. If + negative, never remove completed or failed tasks. type: "integer" format: "int64" example: 10 @@ -2371,26 +2680,34 @@ definitions: format: "uint64" example: 10000 KeepOldSnapshots: - description: "The number of snapshots to keep beyond the current snapshot." + description: | + The number of snapshots to keep beyond the current snapshot. type: "integer" format: "uint64" LogEntriesForSlowFollowers: - description: "The number of log entries to keep around to sync up slow followers after a snapshot is created." + description: | + The number of log entries to keep around to sync up slow followers + after a snapshot is created. type: "integer" format: "uint64" example: 500 ElectionTick: description: | - The number of ticks that a follower will wait for a message from the leader before becoming a candidate and starting an election. `ElectionTick` must be greater than `HeartbeatTick`. + The number of ticks that a follower will wait for a message from + the leader before becoming a candidate and starting an election. + `ElectionTick` must be greater than `HeartbeatTick`. - A tick currently defaults to one second, so these translate directly to seconds currently, but this is NOT guaranteed. + A tick currently defaults to one second, so these translate + directly to seconds currently, but this is NOT guaranteed. type: "integer" example: 3 HeartbeatTick: description: | - The number of ticks between heartbeats. Every HeartbeatTick ticks, the leader will send a heartbeat to the followers. + The number of ticks between heartbeats. Every HeartbeatTick ticks, + the leader will send a heartbeat to the followers. - A tick currently defaults to one second, so these translate directly to seconds currently, but this is NOT guaranteed. + A tick currently defaults to one second, so these translate + directly to seconds currently, but this is NOT guaranteed. type: "integer" example: 1 Dispatcher: @@ -2399,7 +2716,8 @@ definitions: x-nullable: true properties: HeartbeatPeriod: - description: "The delay for an agent to send a heartbeat to the dispatcher." + description: | + The delay for an agent to send a heartbeat to the dispatcher. type: "integer" format: "int64" example: 5000000000 @@ -2414,36 +2732,53 @@ definitions: format: "int64" example: 7776000000000000 ExternalCAs: - description: "Configuration for forwarding signing requests to an external certificate authority." + description: | + Configuration for forwarding signing requests to an external + certificate authority. type: "array" items: type: "object" properties: Protocol: - description: "Protocol for communication with the external CA (currently only `cfssl` is supported)." + description: | + Protocol for communication with the external CA (currently + only `cfssl` is supported). type: "string" enum: - "cfssl" default: "cfssl" URL: - description: "URL where certificate signing requests should be sent." + description: | + URL where certificate signing requests should be sent. type: "string" Options: - description: "An object with key/value pairs that are interpreted as protocol-specific options for the external CA driver." + description: | + An object with key/value pairs that are interpreted as + protocol-specific options for the external CA driver. type: "object" additionalProperties: type: "string" CACert: - description: "The root CA certificate (in PEM format) this external CA uses to issue TLS certificates (assumed to be to the current swarm root CA certificate if not provided)." + description: | + The root CA certificate (in PEM format) this external CA uses + to issue TLS certificates (assumed to be to the current swarm + root CA certificate if not provided). type: "string" SigningCACert: - description: "The desired signing CA certificate for all swarm node TLS leaf certificates, in PEM format." + description: | + The desired signing CA certificate for all swarm node TLS leaf + certificates, in PEM format. type: "string" SigningCAKey: - description: "The desired signing CA key for all swarm node TLS leaf certificates, in PEM format." + description: | + The desired signing CA key for all swarm node TLS leaf certificates, + in PEM format. type: "string" ForceRotate: - description: "An integer whose purpose is to force swarm to generate a new signing CA certificate and key, if none have been specified in `SigningCACert` and `SigningCAKey`" + description: | + An integer whose purpose is to force swarm to generate a new + signing CA certificate and key, if none have been specified in + `SigningCACert` and `SigningCAKey` format: "uint64" type: "integer" EncryptionConfig: @@ -2451,7 +2786,9 @@ definitions: type: "object" properties: AutoLockManagers: - description: "If set, generate a key and use it to lock data stored on the managers." + description: | + If set, generate a key and use it to lock data stored on the + managers. type: "boolean" example: false TaskDefaults: @@ -2517,7 +2854,8 @@ definitions: TLSInfo: $ref: "#/definitions/TLSInfo" RootRotationInProgress: - description: "Whether there is currently a root CA rotation in progress for the swarm" + description: | + Whether there is currently a root CA rotation in progress for the swarm type: "boolean" example: false DataPathPort: @@ -2531,7 +2869,8 @@ definitions: example: 4789 DefaultAddrPool: description: | - Default Address Pool specifies default subnet pools for global scope networks. + Default Address Pool specifies default subnet pools for global scope + networks. type: "array" items: type: "string" @@ -2539,7 +2878,8 @@ definitions: example: ["10.10.0.0/16", "20.20.0.0/16"] SubnetSize: description: | - SubnetSize specifies the subnet size of the networks created from the default subnet pool + SubnetSize specifies the subnet size of the networks created from the + default subnet pool. type: "integer" format: "uint32" maximum: 29 @@ -2599,7 +2939,9 @@ definitions: PluginPrivilege: type: "array" items: - description: "Describes a permission accepted by the user upon installing the plugin." + description: | + Describes a permission accepted by the user upon installing the + plugin. type: "object" properties: Name: @@ -2641,10 +2983,13 @@ definitions: items: type: "string" Hostname: - description: "The hostname to use for the container, as a valid RFC 1123 hostname." + description: | + The hostname to use for the container, as a valid + [RFC 1123](https://tools.ietf.org/html/rfc1123) hostname. type: "string" Env: - description: "A list of environment variables in the form `VAR=value`." + description: | + A list of environment variables in the form `VAR=value`. type: "array" items: type: "string" @@ -2656,7 +3001,8 @@ definitions: type: "string" Groups: type: "array" - description: "A list of additional groups that the container process will run as." + description: | + A list of additional groups that the container process will run as. items: type: "string" Privileges: @@ -2672,37 +3018,43 @@ definitions: example: "0bt9dmxjvjiqermk6xrop3ekq" description: | Load credential spec from a Swarm Config with the given ID. - The specified config must also be present in the Configs field with the Runtime property set. + The specified config must also be present in the Configs + field with the Runtime property set.


- > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, and `CredentialSpec.Config` are mutually exclusive. + > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, + > and `CredentialSpec.Config` are mutually exclusive. File: type: "string" example: "spec.json" description: | - Load credential spec from this file. The file is read by the daemon, and must be present in the - `CredentialSpecs` subdirectory in the docker data directory, which defaults to - `C:\ProgramData\Docker\` on Windows. + Load credential spec from this file. The file is read by + the daemon, and must be present in the `CredentialSpecs` + subdirectory in the docker data directory, which defaults + to `C:\ProgramData\Docker\` on Windows. - For example, specifying `spec.json` loads `C:\ProgramData\Docker\CredentialSpecs\spec.json`. + For example, specifying `spec.json` loads + `C:\ProgramData\Docker\CredentialSpecs\spec.json`.


- > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, and `CredentialSpec.Config` are mutually exclusive. + > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, + > and `CredentialSpec.Config` are mutually exclusive. Registry: type: "string" description: | - Load credential spec from this value in the Windows registry. The specified registry value must be - located in: + Load credential spec from this value in the Windows + registry. The specified registry value must be located in: `HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Containers\CredentialSpecs`


- > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, and `CredentialSpec.Config` are mutually exclusive. + > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, + > and `CredentialSpec.Config` are mutually exclusive. SELinuxContext: type: "object" description: "SELinux labels of the container" @@ -2732,7 +3084,9 @@ definitions: description: "Mount the container's root filesystem as read only." type: "boolean" Mounts: - description: "Specification for mounts to be added to containers created as part of the service." + description: | + Specification for mounts to be added to containers created as part + of the service. type: "array" items: $ref: "#/definitions/Mount" @@ -2740,7 +3094,9 @@ definitions: description: "Signal to stop the container." type: "string" StopGracePeriod: - description: "Amount of time to wait for the container to terminate before forcefully killing it." + description: | + Amount of time to wait for the container to terminate before + forcefully killing it. type: "integer" format: "int64" HealthCheck: @@ -2757,7 +3113,9 @@ definitions: items: type: "string" DNSConfig: - description: "Specification for DNS related configurations in resolver configuration file (`resolv.conf`)." + description: | + Specification for DNS related configurations in resolver configuration + file (`resolv.conf`). type: "object" properties: Nameservers: @@ -2771,22 +3129,28 @@ definitions: items: type: "string" Options: - description: "A list of internal resolver variables to be modified (e.g., `debug`, `ndots:3`, etc.)." + description: | + A list of internal resolver variables to be modified (e.g., + `debug`, `ndots:3`, etc.). type: "array" items: type: "string" Secrets: - description: "Secrets contains references to zero or more secrets that will be exposed to the service." + description: | + Secrets contains references to zero or more secrets that will be + exposed to the service. type: "array" items: type: "object" properties: File: - description: "File represents a specific target that is backed by a file." + description: | + File represents a specific target that is backed by a file. type: "object" properties: Name: - description: "Name represents the final filename in the filesystem." + description: | + Name represents the final filename in the filesystem. type: "string" UID: description: "UID represents the file UID." @@ -2799,15 +3163,20 @@ definitions: type: "integer" format: "uint32" SecretID: - description: "SecretID represents the ID of the specific secret that we're referencing." + description: | + SecretID represents the ID of the specific secret that we're + referencing. type: "string" SecretName: description: | - SecretName is the name of the secret that this references, but this is just provided for - lookup/display purposes. The secret in the reference will be identified by its ID. + SecretName is the name of the secret that this references, + but this is just provided for lookup/display purposes. The + secret in the reference will be identified by its ID. type: "string" Configs: - description: "Configs contains references to zero or more configs that will be exposed to the service." + description: | + Configs contains references to zero or more configs that will be + exposed to the service. type: "array" items: type: "object" @@ -2822,7 +3191,8 @@ definitions: type: "object" properties: Name: - description: "Name represents the final filename in the filesystem." + description: | + Name represents the final filename in the filesystem. type: "string" UID: description: "UID represents the file UID." @@ -2836,29 +3206,39 @@ definitions: format: "uint32" Runtime: description: | - Runtime represents a target that is not mounted into the container but is used by the task + Runtime represents a target that is not mounted into the + container but is used by the task


- > **Note**: `Configs.File` and `Configs.Runtime` are mutually exclusive + > **Note**: `Configs.File` and `Configs.Runtime` are mutually + > exclusive type: "object" ConfigID: - description: "ConfigID represents the ID of the specific config that we're referencing." + description: | + ConfigID represents the ID of the specific config that we're + referencing. type: "string" ConfigName: description: | - ConfigName is the name of the config that this references, but this is just provided for - lookup/display purposes. The config in the reference will be identified by its ID. + ConfigName is the name of the config that this references, + but this is just provided for lookup/display purposes. The + config in the reference will be identified by its ID. type: "string" Isolation: type: "string" - description: "Isolation technology of the containers running the service. (Windows only)" + description: | + Isolation technology of the containers running the service. + (Windows only) enum: - "default" - "process" - "hyperv" Init: - description: "Run an init inside the container that forwards signals and reaps processes. This field is omitted if empty, and the default (as configured on the daemon) is used." + description: | + Run an init inside the container that forwards signals and reaps + processes. This field is omitted if empty, and the default (as + configured on the daemon) is used. type: "boolean" x-nullable: true Sysctls: @@ -2890,7 +3270,9 @@ definitions: description: "ID of the container represented by this task" type: "string" Resources: - description: "Resource requirements which apply to each individual container created as part of the service." + description: | + Resource requirements which apply to each individual container created + as part of the service. type: "object" properties: Limits: @@ -2900,7 +3282,9 @@ definitions: description: "Define resources reservation." $ref: "#/definitions/ResourceObject" RestartPolicy: - description: "Specification for the restart policy which applies to containers created as part of this service." + description: | + Specification for the restart policy which applies to containers + created as part of this service. type: "object" properties: Condition: @@ -2915,12 +3299,16 @@ definitions: type: "integer" format: "int64" MaxAttempts: - description: "Maximum attempts to restart a given container before giving up (default value is 0, which is ignored)." + description: | + Maximum attempts to restart a given container before giving up + (default value is 0, which is ignored). type: "integer" format: "int64" default: 0 Window: - description: "Windows is the time window used to evaluate the restart policy (default value is 0, which is unbounded)." + description: | + Windows is the time window used to evaluate the restart policy + (default value is 0, which is unbounded). type: "integer" format: "int64" default: 0 @@ -2928,7 +3316,27 @@ definitions: type: "object" properties: Constraints: - description: "An array of constraints." + description: | + An array of constraint expressions to limit the set of nodes where + a task can be scheduled. Constraint expressions can either use a + _match_ (`==`) or _exclude_ (`!=`) rule. Multiple constraints find + nodes that satisfy every expression (AND match). Constraints can + match node or Docker Engine labels as follows: + + node attribute | matches | example + ---------------------|--------------------------------|----------------------------------------------- + `node.id` | Node ID | `node.id==2ivku8v2gvtg4` + `node.hostname` | Node hostname | `node.hostname!=node-2` + `node.role` | Node role (`manager`/`worker`) | `node.role==manager` + `node.platform.os` | Node operating system | `node.platform.os==windows` + `node.platform.arch` | Node architecture | `node.platform.arch==x86_64` + `node.labels` | User-defined node labels | `node.labels.security==high` + `engine.labels` | Docker Engine's labels | `engine.labels.operatingsystem==ubuntu-14.04` + + `engine.labels` apply to Docker Engine labels like operating system, + drivers, etc. Swarm administrators add `node.labels` for operational + purposes by using the [`node update endpoint`](#operation/NodeUpdate). + type: "array" items: type: "string" @@ -2936,8 +3344,13 @@ definitions: - "node.hostname!=node3.corp.example.com" - "node.role!=manager" - "node.labels.type==production" + - "node.platform.os==linux" + - "node.platform.arch==x86_64" Preferences: - description: "Preferences provide a way to make the scheduler aware of factors such as topology. They are provided in order from highest to lowest precedence." + description: | + Preferences provide a way to make the scheduler aware of factors + such as topology. They are provided in order from highest to + lowest precedence. type: "array" items: type: "object" @@ -2946,7 +3359,8 @@ definitions: type: "object" properties: SpreadDescriptor: - description: "label descriptor, such as engine.labels.az" + description: | + label descriptor, such as `engine.labels.az`. type: "string" example: - Spread: @@ -2954,7 +3368,9 @@ definitions: - Spread: SpreadDescriptor: "node.labels.rack" MaxReplicas: - description: "Maximum number of replicas for per node (default value is 0, which is unlimited)" + description: | + Maximum number of replicas for per node (default value is 0, which + is unlimited) type: "integer" format: "int64" default: 0 @@ -2968,24 +3384,24 @@ definitions: items: $ref: "#/definitions/Platform" ForceUpdate: - description: "A counter that triggers an update even if no relevant parameters have been changed." + description: | + A counter that triggers an update even if no relevant parameters have + been changed. type: "integer" Runtime: - description: "Runtime is the type of runtime specified for the task executor." + description: | + Runtime is the type of runtime specified for the task executor. type: "string" Networks: + description: "Specifies which networks the service should attach to." type: "array" items: - type: "object" - properties: - Target: - type: "string" - Aliases: - type: "array" - items: - type: "string" + $ref: "#/definitions/NetworkAttachmentConfig" LogDriver: - description: "Specifies the log driver to use for tasks created from this spec. If not present, the default one for the swarm will be used, finally falling back to the engine default if not specified." + description: | + Specifies the log driver to use for tasks created from this spec. If + not present, the default one for the swarm will be used, finally + falling back to the engine default if not specified. type: "object" properties: Name: @@ -3168,7 +3584,9 @@ definitions: type: "object" properties: Parallelism: - description: "Maximum number of tasks to be updated in one iteration (0 means unlimited parallelism)." + description: | + Maximum number of tasks to be updated in one iteration (0 means + unlimited parallelism). type: "integer" format: "int64" Delay: @@ -3176,22 +3594,32 @@ definitions: type: "integer" format: "int64" FailureAction: - description: "Action to take if an updated task fails to run, or stops running during the update." + description: | + Action to take if an updated task fails to run, or stops running + during the update. type: "string" enum: - "continue" - "pause" - "rollback" Monitor: - description: "Amount of time to monitor each updated task for failures, in nanoseconds." + description: | + Amount of time to monitor each updated task for failures, in + nanoseconds. type: "integer" format: "int64" MaxFailureRatio: - description: "The fraction of tasks that may fail during an update before the failure action is invoked, specified as a floating point number between 0 and 1." + description: | + The fraction of tasks that may fail during an update before the + failure action is invoked, specified as a floating point number + between 0 and 1. type: "number" default: 0 Order: - description: "The order of operations when rolling out an updated task. Either the old task is shut down before the new task is started, or the new task is started before the old task is shut down." + description: | + The order of operations when rolling out an updated task. Either + the old task is shut down before the new task is started, or the + new task is started before the old task is shut down. type: "string" enum: - "stop-first" @@ -3201,45 +3629,52 @@ definitions: type: "object" properties: Parallelism: - description: "Maximum number of tasks to be rolled back in one iteration (0 means unlimited parallelism)." + description: | + Maximum number of tasks to be rolled back in one iteration (0 means + unlimited parallelism). type: "integer" format: "int64" Delay: - description: "Amount of time between rollback iterations, in nanoseconds." + description: | + Amount of time between rollback iterations, in nanoseconds. type: "integer" format: "int64" FailureAction: - description: "Action to take if an rolled back task fails to run, or stops running during the rollback." + description: | + Action to take if an rolled back task fails to run, or stops + running during the rollback. type: "string" enum: - "continue" - "pause" Monitor: - description: "Amount of time to monitor each rolled back task for failures, in nanoseconds." + description: | + Amount of time to monitor each rolled back task for failures, in + nanoseconds. type: "integer" format: "int64" MaxFailureRatio: - description: "The fraction of tasks that may fail during a rollback before the failure action is invoked, specified as a floating point number between 0 and 1." + description: | + The fraction of tasks that may fail during a rollback before the + failure action is invoked, specified as a floating point number + between 0 and 1. type: "number" default: 0 Order: - description: "The order of operations when rolling back a task. Either the old task is shut down before the new task is started, or the new task is started before the old task is shut down." + description: | + The order of operations when rolling back a task. Either the old + task is shut down before the new task is started, or the new task + is started before the old task is shut down. type: "string" enum: - "stop-first" - "start-first" Networks: - description: "Array of network names or IDs to attach the service to." + description: "Specifies which networks the service should attach to." type: "array" items: - type: "object" - properties: - Target: - type: "string" - Aliases: - type: "array" - items: - type: "string" + $ref: "#/definitions/NetworkAttachmentConfig" + EndpointSpec: $ref: "#/definitions/EndpointSpec" @@ -3266,7 +3701,7 @@ definitions:


- - "ingress" makes the target port accessible on on every node, + - "ingress" makes the target port accessible on every node, regardless of whether there is a task for the service running on that node or not. - "host" bypasses the routing mesh and publish the port directly on @@ -3284,15 +3719,17 @@ definitions: type: "object" properties: Mode: - description: "The mode of resolution to use for internal load balancing - between tasks." + description: | + The mode of resolution to use for internal load balancing between tasks. type: "string" enum: - "vip" - "dnsrr" default: "vip" Ports: - description: "List of exposed ports that this service is accessible on from the outside. Ports can only be provided if `vip` resolution mode is used." + description: | + List of exposed ports that this service is accessible on from the + outside. Ports can only be provided if `vip` resolution mode is used. type: "array" items: $ref: "#/definitions/EndpointPortConfig" @@ -3536,7 +3973,7 @@ definitions: com.example.some-other-label: "some-other-value" Data: description: | - Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-3.2)) + Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-5)) data to store as secret. This field is only used to _create_ a secret, and is not returned by @@ -3544,7 +3981,9 @@ definitions: type: "string" example: "" Driver: - description: "Name of the secrets driver used to fetch the secret's value from an external secret store" + description: | + Name of the secrets driver used to fetch the secret's value from an + external secret store. $ref: "#/definitions/Driver" Templating: description: | @@ -3586,7 +4025,7 @@ definitions: type: "string" Data: description: | - Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-3.2)) + Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-5)) config data. type: "string" Templating: @@ -3613,6 +4052,168 @@ definitions: Spec: $ref: "#/definitions/ConfigSpec" + ContainerState: + description: | + ContainerState stores container's running state. It's part of ContainerJSONBase + and will be returned by the "inspect" command. + type: "object" + properties: + Status: + description: | + String representation of the container state. Can be one of "created", + "running", "paused", "restarting", "removing", "exited", or "dead". + type: "string" + enum: ["created", "running", "paused", "restarting", "removing", "exited", "dead"] + example: "running" + Running: + description: | + Whether this container is running. + + Note that a running container can be _paused_. The `Running` and `Paused` + booleans are not mutually exclusive: + + When pausing a container (on Linux), the freezer cgroup is used to suspend + all processes in the container. Freezing the process requires the process to + be running. As a result, paused containers are both `Running` _and_ `Paused`. + + Use the `Status` field instead to determine if a container's state is "running". + type: "boolean" + example: true + Paused: + description: "Whether this container is paused." + type: "boolean" + example: false + Restarting: + description: "Whether this container is restarting." + type: "boolean" + example: false + OOMKilled: + description: | + Whether this container has been killed because it ran out of memory. + type: "boolean" + example: false + Dead: + type: "boolean" + example: false + Pid: + description: "The process ID of this container" + type: "integer" + example: 1234 + ExitCode: + description: "The last exit code of this container" + type: "integer" + example: 0 + Error: + type: "string" + StartedAt: + description: "The time when this container was last started." + type: "string" + example: "2020-01-06T09:06:59.461876391Z" + FinishedAt: + description: "The time when this container last exited." + type: "string" + example: "2020-01-06T09:07:59.461876391Z" + Health: + x-nullable: true + $ref: "#/definitions/Health" + + SystemVersion: + type: "object" + description: | + Response of Engine API: GET "/version" + properties: + Platform: + type: "object" + required: [Name] + properties: + Name: + type: "string" + Components: + type: "array" + description: | + Information about system components + items: + type: "object" + x-go-name: ComponentVersion + required: [Name, Version] + properties: + Name: + description: | + Name of the component + type: "string" + example: "Engine" + Version: + description: | + Version of the component + type: "string" + x-nullable: false + example: "19.03.12" + Details: + description: | + Key/value pairs of strings with additional information about the + component. These values are intended for informational purposes + only, and their content is not defined, and not part of the API + specification. + + These messages can be printed by the client as information to the user. + type: "object" + x-nullable: true + Version: + description: "The version of the daemon" + type: "string" + example: "19.03.12" + ApiVersion: + description: | + The default (and highest) API version that is supported by the daemon + type: "string" + example: "1.40" + MinAPIVersion: + description: | + The minimum API version that is supported by the daemon + type: "string" + example: "1.12" + GitCommit: + description: | + The Git commit of the source code that was used to build the daemon + type: "string" + example: "48a66213fe" + GoVersion: + description: | + The version Go used to compile the daemon, and the version of the Go + runtime in use. + type: "string" + example: "go1.13.14" + Os: + description: | + The operating system that the daemon is running on ("linux" or "windows") + type: "string" + example: "linux" + Arch: + description: | + The architecture that the daemon is running on + type: "string" + example: "amd64" + KernelVersion: + description: | + The kernel version (`uname -r`) that the daemon is running on. + + This field is omitted when empty. + type: "string" + example: "4.19.76-linuxkit" + Experimental: + description: | + Indicates if the daemon is started with experimental features enabled. + + This field is omitted when empty / false. + type: "boolean" + example: true + BuildTime: + description: | + The date and time that the daemon was compiled. + type: "string" + example: "2020-06-22T15:49:27.000000000+00:00" + + SystemInfo: type: "object" properties: @@ -3740,15 +4341,20 @@ definitions: type: "boolean" example: true CpuCfsPeriod: - description: "Indicates if CPU CFS(Completely Fair Scheduler) period is supported by the host." + description: | + Indicates if CPU CFS(Completely Fair Scheduler) period is supported by + the host. type: "boolean" example: true CpuCfsQuota: - description: "Indicates if CPU CFS(Completely Fair Scheduler) quota is supported by the host." + description: | + Indicates if CPU CFS(Completely Fair Scheduler) quota is supported by + the host. type: "boolean" example: true CPUShares: - description: "Indicates if CPU Shares limiting is supported by the host." + description: | + Indicates if CPU Shares limiting is supported by the host. type: "boolean" example: true CPUSet: @@ -3778,7 +4384,9 @@ definitions: type: "boolean" example: true Debug: - description: "Indicates if the daemon is running in debug-mode / with debug-level logging enabled." + description: | + Indicates if the daemon is running in debug-mode / with debug-level + logging enabled. type: "boolean" example: true NFd: @@ -3809,7 +4417,7 @@ definitions: description: | The driver to use for managing cgroups. type: "string" - enum: ["cgroupfs", "systemd"] + enum: ["cgroupfs", "systemd", "none"] default: "cgroupfs" example: "cgroupfs" NEventsListener: @@ -3859,7 +4467,7 @@ definitions: example: 4 MemTotal: description: | - Total amount of physical memory available on the host, in kilobytes (kB). + Total amount of physical memory available on the host, in bytes. type: "integer" format: "int64" example: 2095882240 @@ -4044,7 +4652,7 @@ definitions: SecurityOptions: description: | List of security features that are enabled on the daemon, such as - apparmor, seccomp, SELinux, and user-namespaces (userns). + apparmor, seccomp, SELinux, user-namespaces (userns), and rootless. Additional configuration options for each security feature may be present, and are included as a comma-separated list of key/value @@ -4057,6 +4665,7 @@ definitions: - "name=seccomp,profile=default" - "name=selinux" - "name=userns" + - "name=rootless" ProductLicense: description: | Reports a summary of the product license on the daemon. @@ -4410,37 +5019,69 @@ definitions: IP address and ports at which this node can be reached. type: "string" + NetworkAttachmentConfig: + description: | + Specifies how a service should be attached to a particular network. + type: "object" + properties: + Target: + description: | + The target network for attachment. Must be a network name or ID. + type: "string" + Aliases: + description: | + Discoverable alternate names for the service on this network. + type: "array" + items: + type: "string" + DriverOpts: + description: | + Driver attachment options for the network target. + type: "object" + additionalProperties: + type: "string" + paths: /containers/json: get: summary: "List containers" description: | - Returns a list of containers. For details on the format, see [the inspect endpoint](#operation/ContainerInspect). + Returns a list of containers. For details on the format, see the + [inspect endpoint](#operation/ContainerInspect). - Note that it uses a different, smaller representation of a container than inspecting a single container. For example, - the list of linked containers is not propagated . + Note that it uses a different, smaller representation of a container + than inspecting a single container. For example, the list of linked + containers is not propagated . operationId: "ContainerList" produces: - "application/json" parameters: - name: "all" in: "query" - description: "Return all containers. By default, only running containers are shown" + description: | + Return all containers. By default, only running containers are shown. type: "boolean" default: false - name: "limit" in: "query" - description: "Return this number of most recently created containers, including non-running ones." + description: | + Return this number of most recently created containers, including + non-running ones. type: "integer" - name: "size" in: "query" - description: "Return the size of container as fields `SizeRw` and `SizeRootFs`." + description: | + Return the size of container as fields `SizeRw` and `SizeRootFs`. type: "boolean" default: false - name: "filters" in: "query" description: | - Filters to process on the container list, encoded as JSON (a `map[string][]string`). For example, `{"status": ["paused"]}` will only return paused containers. Available filters: + Filters to process on the container list, encoded as JSON (a + `map[string][]string`). For example, `{"status": ["paused"]}` will + only return paused containers. + + Available filters: - `ancestor`=(`[:]`, ``, or ``) - `before`=(`` or ``) @@ -4611,9 +5252,11 @@ paths: parameters: - name: "name" in: "query" - description: "Assign the specified name to the container. Must match `/?[a-zA-Z0-9_-]+`." + description: | + Assign the specified name to the container. Must match + `/?[a-zA-Z0-9][a-zA-Z0-9_.-]+`. type: "string" - pattern: "/?[a-zA-Z0-9_-]+" + pattern: "^/?[a-zA-Z0-9][a-zA-Z0-9_.-]+$" - name: "body" in: "body" description: "Container to create" @@ -4625,14 +5268,7 @@ paths: HostConfig: $ref: "#/definitions/HostConfig" NetworkingConfig: - description: "This container's networking configuration." - type: "object" - properties: - EndpointsConfig: - description: "A mapping of network name to endpoint configuration for that network." - type: "object" - additionalProperties: - $ref: "#/definitions/EndpointSettings" + $ref: "#/definitions/NetworkingConfig" example: Hostname: "" Domainname: "" @@ -4694,6 +5330,14 @@ paths: - {} BlkioDeviceWriteIOps: - {} + DeviceRequests: + - Driver: "nvidia" + Count: -1 + DeviceIDs": ["0", "1", "GPU-fef8089b-4820-abfc-e83e-94318197576e"] + Capabilities: [["gpu", "nvidia", "compute"]] + Options: + property1: "string" + property2: "string" MemorySwappiness: 60 OomKillDisable: false OomScoreAdj: 500 @@ -4825,54 +5469,10 @@ paths: items: type: "string" State: - description: "The state of the container." - type: "object" - properties: - Status: - description: | - The status of the container. For example, `"running"` or `"exited"`. - type: "string" - enum: ["created", "running", "paused", "restarting", "removing", "exited", "dead"] - Running: - description: | - Whether this container is running. - - Note that a running container can be _paused_. The `Running` and `Paused` - booleans are not mutually exclusive: - - When pausing a container (on Linux), the cgroups freezer is used to suspend - all processes in the container. Freezing the process requires the process to - be running. As a result, paused containers are both `Running` _and_ `Paused`. - - Use the `Status` field instead to determine if a container's state is "running". - type: "boolean" - Paused: - description: "Whether this container is paused." - type: "boolean" - Restarting: - description: "Whether this container is restarting." - type: "boolean" - OOMKilled: - description: "Whether this container has been killed because it ran out of memory." - type: "boolean" - Dead: - type: "boolean" - Pid: - description: "The process ID of this container" - type: "integer" - ExitCode: - description: "The last exit code of this container" - type: "integer" - Error: - type: "string" - StartedAt: - description: "The time when this container was last started." - type: "string" - FinishedAt: - description: "The time when this container last exited." - type: "string" + x-nullable: true + $ref: "#/definitions/ContainerState" Image: - description: "The container's image" + description: "The container's image ID" type: "string" ResolvConfPath: type: "string" @@ -4891,6 +5491,8 @@ paths: type: "integer" Driver: type: "string" + Platform: + type: "string" MountLabel: type: "string" ProcessLabel: @@ -4908,7 +5510,9 @@ paths: GraphDriver: $ref: "#/definitions/GraphDriverData" SizeRw: - description: "The size of files that have been created or changed by this container." + description: | + The size of files that have been created or changed by this + container. type: "integer" format: "int64" SizeRootFs: @@ -4940,6 +5544,8 @@ paths: Domainname: "" Env: - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + Healthcheck: + Test: ["CMD-SHELL", "exit 0"] Hostname: "ba033ac44011" Image: "ubuntu" Labels: @@ -4985,6 +5591,14 @@ paths: CpuRealtimePeriod: 1000000 CpuRealtimeRuntime: 10000 Devices: [] + DeviceRequests: + - Driver: "nvidia" + Count: -1 + DeviceIDs": ["0", "1", "GPU-fef8089b-4820-abfc-e83e-94318197576e"] + Capabilities: [["gpu", "nvidia", "compute"]] + Options: + property1: "string" + property2: "string" IpcMode: "" LxcConf: [] Memory: 0 @@ -5051,6 +5665,14 @@ paths: Error: "" ExitCode: 9 FinishedAt: "2015-01-06T15:47:32.080254511Z" + Health: + Status: "healthy" + FailingStreak: 0 + Log: + - Start: "2019-12-22T10:59:05.6385933Z" + End: "2019-12-22T10:59:05.8078452Z" + ExitCode: 0 + Output: "" OOMKilled: false Dead: false Paused: false @@ -5093,7 +5715,9 @@ paths: /containers/{id}/top: get: summary: "List processes running inside a container" - description: "On Unix systems, this is done by running the `ps` command. This endpoint is not supported on Windows." + description: | + On Unix systems, this is done by running the `ps` command. This endpoint + is not supported on Windows. operationId: "ContainerTop" responses: 200: @@ -5109,7 +5733,9 @@ paths: items: type: "string" Processes: - description: "Each process running in the container, where each is process is an array of values corresponding to the titles" + description: | + Each process running in the container, where each is process + is an array of values corresponding to the titles. type: "array" items: type: "array" @@ -5174,18 +5800,19 @@ paths: description: | Get `stdout` and `stderr` logs from a container. - Note: This endpoint works only for containers with the `json-file` or `journald` logging driver. + Note: This endpoint works only for containers with the `json-file` or + `journald` logging driver. operationId: "ContainerLogs" responses: - 101: - description: "logs returned as a stream" - schema: - type: "string" - format: "binary" 200: - description: "logs returned as a string in response body" + description: | + logs returned as a stream in response body. + For the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach). + Note that unlike the attach endpoint, the logs endpoint does not + upgrade the connection and does not set Content-Type. schema: type: "string" + format: "binary" 404: description: "no such container" schema: @@ -5205,10 +5832,7 @@ paths: type: "string" - name: "follow" in: "query" - description: | - Return the logs as a stream. - - This will return a `101` HTTP response with a `Connection: upgrade` header, then hijack the HTTP connection to send raw output. For more information about hijacking and the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach). + description: "Keep connection after returning logs." type: "boolean" default: false - name: "stdout" @@ -5238,7 +5862,9 @@ paths: default: false - name: "tail" in: "query" - description: "Only return this number of log lines from the end of the logs. Specify as an integer or `all` to output all log lines." + description: | + Only return this number of log lines from the end of the logs. + Specify as an integer or `all` to output all log lines. type: "string" default: "all" tags: ["Container"] @@ -5344,6 +5970,16 @@ paths: If either `precpu_stats.online_cpus` or `cpu_stats.online_cpus` is nil then for compatibility with older daemons the length of the corresponding `cpu_usage.percpu_usage` array should be used. + + To calculate the values shown by the `stats` command of the docker cli tool + the following formulas can be used: + * used_memory = `memory_stats.usage - memory_stats.stats.cache` + * available_memory = `memory_stats.limit` + * Memory usage % = `(used_memory / available_memory) * 100.0` + * cpu_delta = `cpu_stats.cpu_usage.total_usage - precpu_stats.cpu_usage.total_usage` + * system_cpu_delta = `cpu_stats.system_cpu_usage - precpu_stats.system_cpu_usage` + * number_cpus = `lenght(cpu_stats.cpu_usage.percpu_usage)` or `cpu_stats.online_cpus` + * CPU usage % = `(cpu_delta / system_cpu_delta) * number_cpus * 100.0` operationId: "ContainerStats" produces: ["application/json"] responses: @@ -5462,14 +6098,16 @@ paths: type: "string" - name: "stream" in: "query" - description: "Stream the output. If false, the stats will be output once and then it will disconnect." + description: | + Stream the output. If false, the stats will be output once and then + it will disconnect. type: "boolean" default: true tags: ["Container"] /containers/{id}/resize: post: summary: "Resize a container TTY" - description: "Resize the TTY for a container. You must restart the container for the resize to take effect." + description: "Resize the TTY for a container." operationId: "ContainerResize" consumes: - "application/octet-stream" @@ -5497,11 +6135,11 @@ paths: type: "string" - name: "h" in: "query" - description: "Height of the tty session in characters" + description: "Height of the TTY session in characters" type: "integer" - name: "w" in: "query" - description: "Width of the tty session in characters" + description: "Width of the TTY session in characters" type: "integer" tags: ["Container"] /containers/{id}/start: @@ -5513,8 +6151,6 @@ paths: description: "no error" 304: description: "container already started" - schema: - $ref: "#/definitions/ErrorResponse" 404: description: "no such container" schema: @@ -5534,7 +6170,10 @@ paths: type: "string" - name: "detachKeys" in: "query" - description: "Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-` where `` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`." + description: | + Override the key sequence for detaching a container. Format is a + single character `[a-Z]` or `ctrl-` where `` is one + of: `a-z`, `@`, `^`, `[`, `,` or `_`. type: "string" tags: ["Container"] /containers/{id}/stop: @@ -5546,8 +6185,6 @@ paths: description: "no error" 304: description: "container already stopped" - schema: - $ref: "#/definitions/ErrorResponse" 404: description: "no such container" schema: @@ -5602,7 +6239,9 @@ paths: /containers/{id}/kill: post: summary: "Kill a container" - description: "Send a POSIX signal to a container, defaulting to killing to the container." + description: | + Send a POSIX signal to a container, defaulting to killing to the + container. operationId: "ContainerKill" responses: 204: @@ -5640,7 +6279,9 @@ paths: /containers/{id}/update: post: summary: "Update a container" - description: "Change various configuration options of a container without having to recreate it." + description: | + Change various configuration options of a container without having to + recreate it. operationId: "ContainerUpdate" consumes: ["application/json"] produces: ["application/json"] @@ -5738,9 +6379,12 @@ paths: post: summary: "Pause a container" description: | - Use the cgroups freezer to suspend all processes in a container. + Use the freezer cgroup to suspend all processes in a container. - Traditionally, when suspending a process the `SIGSTOP` signal is used, which is observable by the process being suspended. With the cgroups freezer the process is unaware, and unable to capture, that it is being suspended, and subsequently resumed. + Traditionally, when suspending a process the `SIGSTOP` signal is used, + which is observable by the process being suspended. With the freezer + cgroup the process is unaware, and unable to capture, that it is being + suspended, and subsequently resumed. operationId: "ContainerPause" responses: 204: @@ -5793,15 +6437,20 @@ paths: post: summary: "Attach to a container" description: | - Attach to a container to read its output or send it input. You can attach to the same container multiple times and you can reattach to containers that have been detached. + Attach to a container to read its output or send it input. You can attach + to the same container multiple times and you can reattach to containers + that have been detached. - Either the `stream` or `logs` parameter must be `true` for this endpoint to do anything. + Either the `stream` or `logs` parameter must be `true` for this endpoint + to do anything. - See [the documentation for the `docker attach` command](https://docs.docker.com/engine/reference/commandline/attach/) for more details. + See the [documentation for the `docker attach` command](https://docs.docker.com/engine/reference/commandline/attach/) + for more details. ### Hijacking - This endpoint hijacks the HTTP connection to transport `stdin`, `stdout`, and `stderr` on the same socket. + This endpoint hijacks the HTTP connection to transport `stdin`, `stdout`, + and `stderr` on the same socket. This is the response from the daemon for an attach request: @@ -5812,9 +6461,11 @@ paths: [STREAM] ``` - After the headers and two new lines, the TCP connection can now be used for raw, bidirectional communication between the client and server. + After the headers and two new lines, the TCP connection can now be used + for raw, bidirectional communication between the client and server. - To hint potential proxies about connection hijacking, the Docker client can also optionally send connection upgrade headers. + To hint potential proxies about connection hijacking, the Docker client + can also optionally send connection upgrade headers. For example, the client sends this request to upgrade the connection: @@ -5824,7 +6475,8 @@ paths: Connection: Upgrade ``` - The Docker daemon will respond with a `101 UPGRADED` response, and will similarly follow with the raw stream: + The Docker daemon will respond with a `101 UPGRADED` response, and will + similarly follow with the raw stream: ``` HTTP/1.1 101 UPGRADED @@ -5837,9 +6489,14 @@ paths: ### Stream format - When the TTY setting is disabled in [`POST /containers/create`](#operation/ContainerCreate), the stream over the hijacked connected is multiplexed to separate out `stdout` and `stderr`. The stream consists of a series of frames, each containing a header and a payload. + When the TTY setting is disabled in [`POST /containers/create`](#operation/ContainerCreate), + the stream over the hijacked connected is multiplexed to separate out + `stdout` and `stderr`. The stream consists of a series of frames, each + containing a header and a payload. - The header contains the information which the stream writes (`stdout` or `stderr`). It also contains the size of the associated frame encoded in the last four bytes (`uint32`). + The header contains the information which the stream writes (`stdout` or + `stderr`). It also contains the size of the associated frame encoded in + the last four bytes (`uint32`). It is encoded on the first eight bytes like this: @@ -5853,9 +6510,11 @@ paths: - 1: `stdout` - 2: `stderr` - `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of the `uint32` size encoded as big endian. + `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of the `uint32` size + encoded as big endian. - Following the header is the payload, which is the specified number of bytes of `STREAM_TYPE`. + Following the header is the payload, which is the specified number of + bytes of `STREAM_TYPE`. The simplest way to implement this protocol is the following: @@ -5867,7 +6526,10 @@ paths: ### Stream format when using a TTY - When the TTY setting is enabled in [`POST /containers/create`](#operation/ContainerCreate), the stream is not multiplexed. The data exchanged over the hijacked connection is simply the raw data from the process PTY and client's `stdin`. + When the TTY setting is enabled in [`POST /containers/create`](#operation/ContainerCreate), + the stream is not multiplexed. The data exchanged over the hijacked + connection is simply the raw data from the process PTY and client's + `stdin`. operationId: "ContainerAttach" produces: @@ -5900,21 +6562,28 @@ paths: type: "string" - name: "detachKeys" in: "query" - description: "Override the key sequence for detaching a container.Format is a single character `[a-Z]` or `ctrl-` where `` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`." + description: | + Override the key sequence for detaching a container.Format is a single + character `[a-Z]` or `ctrl-` where `` is one of: `a-z`, + `@`, `^`, `[`, `,` or `_`. type: "string" - name: "logs" in: "query" description: | Replay previous logs from the container. - This is useful for attaching to a container that has started and you want to output everything since the container started. + This is useful for attaching to a container that has started and you + want to output everything since the container started. - If `stream` is also enabled, once all the previous output has been returned, it will seamlessly transition into streaming current output. + If `stream` is also enabled, once all the previous output has been + returned, it will seamlessly transition into streaming current + output. type: "boolean" default: false - name: "stream" in: "query" - description: "Stream attached streams from the time the request was made onwards" + description: | + Stream attached streams from the time the request was made onwards. type: "boolean" default: false - name: "stdin" @@ -5965,7 +6634,10 @@ paths: type: "string" - name: "detachKeys" in: "query" - description: "Override the key sequence for detaching a container.Format is a single character `[a-Z]` or `ctrl-` where `` is one of: `a-z`, `@`, `^`, `[`, `,`, or `_`." + description: | + Override the key sequence for detaching a container.Format is a single + character `[a-Z]` or `ctrl-` where `` is one of: `a-z`, + `@`, `^`, `[`, `,`, or `_`. type: "string" - name: "logs" in: "query" @@ -6038,7 +6710,9 @@ paths: type: "string" - name: "condition" in: "query" - description: "Wait until a container state reaches the given condition, either 'not-running' (default), 'next-exit', or 'removed'." + description: | + Wait until a container state reaches the given condition, either + 'not-running' (default), 'next-exit', or 'removed'. type: "string" default: "not-running" tags: ["Container"] @@ -6066,7 +6740,9 @@ paths: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "You cannot remove a running container: c2ada9df5af8. Stop the container before attempting removal or force remove" + message: | + You cannot remove a running container: c2ada9df5af8. Stop the + container before attempting removal or force remove 500: description: "server error" schema: @@ -6096,7 +6772,10 @@ paths: /containers/{id}/archive: head: summary: "Get information about files in a container" - description: "A response header `X-Docker-Container-Path-Stat` is return containing a base64 - encoded JSON object with some filesystem header information about the path." + description: | + A response header `X-Docker-Container-Path-Stat` is returned, containing + a base64 - encoded JSON object with some filesystem header information + about the path. operationId: "ContainerArchiveInfo" responses: 200: @@ -6104,7 +6783,9 @@ paths: headers: X-Docker-Container-Path-Stat: type: "string" - description: "A base64 - encoded JSON object with some filesystem header information about the path" + description: | + A base64 - encoded JSON object with some filesystem header + information about the path 400: description: "Bad parameter" schema: @@ -6113,7 +6794,10 @@ paths: - type: "object" properties: message: - description: "The error message. Either \"must specify path parameter\" (path cannot be empty) or \"not a directory\" (path was asserted to be a directory but exists as a file)." + description: | + The error message. Either "must specify path parameter" + (path cannot be empty) or "not a directory" (path was + asserted to be a directory but exists as a file). type: "string" x-nullable: false 404: @@ -6155,7 +6839,10 @@ paths: - type: "object" properties: message: - description: "The error message. Either \"must specify path parameter\" (path cannot be empty) or \"not a directory\" (path was asserted to be a directory but exists as a file)." + description: | + The error message. Either "must specify path parameter" + (path cannot be empty) or "not a directory" (path was + asserted to be a directory but exists as a file). type: "string" x-nullable: false 404: @@ -6221,14 +6908,27 @@ paths: type: "string" - name: "noOverwriteDirNonDir" in: "query" - description: "If “1”, “true”, or “True” then it will be an error if unpacking the given content would cause an existing directory to be replaced with a non-directory and vice versa." + description: | + If `1`, `true`, or `True` then it will be an error if unpacking the + given content would cause an existing directory to be replaced with + a non-directory and vice versa. + type: "string" + - name: "copyUIDGID" + in: "query" + description: | + If `1`, `true`, then it will copy UID/GID maps to the dest file or + dir type: "string" - name: "inputStream" in: "body" required: true - description: "The input stream must be a tar archive compressed with one of the following algorithms: identity (no compression), gzip, bzip2, xz." + description: | + The input stream must be a tar archive compressed with one of the + following algorithms: `identity` (no compression), `gzip`, `bzip2`, + or `xz`. schema: type: "string" + format: "binary" tags: ["Container"] /containers/prune: post: @@ -6323,7 +7023,10 @@ paths: - name: "filters" in: "query" description: | - A JSON encoded value of the filters (a `map[string][]string`) to process on the images list. Available filters: + A JSON encoded value of the filters (a `map[string][]string`) to + process on the images list. + + Available filters: - `before`=(`[:]`, `` or ``) - `dangling=true` @@ -6458,10 +7161,11 @@ paths: type: "string" - name: "networkmode" in: "query" - description: "Sets the networking mode for the run commands during - build. Supported standard values are: `bridge`, `host`, `none`, and - `container:`. Any other value is taken as a custom network's - name to which this container should connect to." + description: | + Sets the networking mode for the run commands during build. Supported + standard values are: `bridge`, `host`, `none`, and `container:`. + Any other value is taken as a custom network's name or ID to which this + container should connect to. type: "string" - name: "Content-type" in: "header" @@ -6538,7 +7242,11 @@ paths: in: "query" type: "string" description: | - A JSON encoded value of the filters (a `map[string][]string`) to process on the list of build cache objects. Available filters: + A JSON encoded value of the filters (a `map[string][]string`) to + process on the list of build cache objects. + + Available filters: + - `until=`: duration relative to daemon's time, during which build cache was not used, in Go's duration format (e.g., '24h') - `id=` - `parent=` @@ -6606,6 +7314,10 @@ paths: in: "query" description: "Tag or digest. If empty when pulling an image, this causes all tags for the given image to be pulled." type: "string" + - name: "message" + in: "query" + description: "Set commit message for imported image." + type: "string" - name: "inputImage" in: "body" description: "Image content if the value `-` has been specified in fromSrc query parameter" @@ -6614,7 +7326,11 @@ paths: required: false - name: "X-Registry-Auth" in: "header" - description: "A base64-encoded auth configuration. [See the authentication section for details.](#section/Authentication)" + description: | + A base64url-encoded auth configuration. + + Refer to the [authentication section](#section/Authentication) for + details. type: "string" - name: "platform" in: "query" @@ -6813,7 +7529,9 @@ paths: description: | Push an image to a registry. - If you wish to push an image on to a private registry, that image must already have a tag which references the registry. For example, `registry.example.com/myimage:latest`. + If you wish to push an image on to a private registry, that image must + already have a tag which references the registry. For example, + `registry.example.com/myimage:latest`. The push is cancelled if the HTTP connection is closed. operationId: "ImagePush" @@ -6842,7 +7560,11 @@ paths: type: "string" - name: "X-Registry-Auth" in: "header" - description: "A base64-encoded auth configuration. [See the authentication section for details.](#section/Authentication)" + description: | + A base64url-encoded auth configuration. + + Refer to the [authentication section](#section/Authentication) for + details. type: "string" required: true tags: ["Image"] @@ -7046,7 +7768,9 @@ paths: /auth: post: summary: "Check auth configuration" - description: "Validate credentials for a registry and, if available, get an identity token for accessing the registry without password." + description: | + Validate credentials for a registry and, if available, get an identity + token for accessing the registry without password. operationId: "SystemAuth" consumes: ["application/json"] produces: ["application/json"] @@ -7109,63 +7833,7 @@ paths: 200: description: "no error" schema: - type: "object" - title: "SystemVersionResponse" - properties: - Platform: - type: "object" - required: [Name] - properties: - Name: - type: "string" - Components: - type: "array" - items: - type: "object" - x-go-name: ComponentVersion - required: [Name, Version] - properties: - Name: - type: "string" - Version: - type: "string" - x-nullable: false - Details: - type: "object" - x-nullable: true - - Version: - type: "string" - ApiVersion: - type: "string" - MinAPIVersion: - type: "string" - GitCommit: - type: "string" - GoVersion: - type: "string" - Os: - type: "string" - Arch: - type: "string" - KernelVersion: - type: "string" - Experimental: - type: "boolean" - BuildTime: - type: "string" - examples: - application/json: - Version: "17.04.0" - Os: "linux" - KernelVersion: "3.19.0-23-generic" - GoVersion: "go1.7.5" - GitCommit: "deadbee" - Arch: "amd64" - ApiVersion: "1.27" - MinAPIVersion: "1.12" - BuildTime: "2016-06-14T07:09:13.444803460+00:00" - Experimental: true + $ref: "#/definitions/SystemVersion" 500: description: "server error" schema: @@ -7557,11 +8225,16 @@ paths: get: summary: "Export several images" description: | - Get a tarball containing all images and metadata for several image repositories. + Get a tarball containing all images and metadata for several image + repositories. - For each value of the `names` parameter: if it is a specific name and tag (e.g. `ubuntu:latest`), then only that image (and its parents) are returned; if it is an image ID, similarly only that image (and its parents) are returned and there would be no names referenced in the 'repositories' file for this image ID. + For each value of the `names` parameter: if it is a specific name and + tag (e.g. `ubuntu:latest`), then only that image (and its parents) are + returned; if it is an image ID, similarly only that image (and its parents) + are returned and there would be no names referenced in the 'repositories' + file for this image ID. - For details on the format, see [the export image endpoint](#operation/ImageGet). + For details on the format, see the [export image endpoint](#operation/ImageGet). operationId: "ImageGetAll" produces: - "application/x-tar" @@ -7589,7 +8262,7 @@ paths: description: | Load a set of images and tags into a repository. - For details on the format, see [the export image endpoint](#operation/ImageGet). + For details on the format, see the [export image endpoint](#operation/ImageGet). operationId: "ImageLoad" consumes: - "application/x-tar" @@ -7662,12 +8335,16 @@ paths: description: "Attach to `stderr` of the exec command." DetachKeys: type: "string" - description: "Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-` where `` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`." + description: | + Override the key sequence for detaching a container. Format is + a single character `[a-Z]` or `ctrl-` where `` + is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. Tty: type: "boolean" description: "Allocate a pseudo-TTY." Env: - description: "A list of environment variables in the form `[\"VAR=value\", ...]`." + description: | + A list of environment variables in the form `["VAR=value", ...]`. type: "array" items: type: "string" @@ -7682,10 +8359,14 @@ paths: default: false User: type: "string" - description: "The user, and optionally, group to run the exec process inside the container. Format is one of: `user`, `user:group`, `uid`, or `uid:gid`." + description: | + The user, and optionally, group to run the exec process inside + the container. Format is one of: `user`, `user:group`, `uid`, + or `uid:gid`. WorkingDir: type: "string" - description: "The working directory for the exec process inside the container." + description: | + The working directory for the exec process inside the container. example: AttachStdin: false AttachStdout: true @@ -7707,7 +8388,10 @@ paths: /exec/{id}/start: post: summary: "Start an exec instance" - description: "Starts a previously set up exec instance. If detach is true, this endpoint returns immediately after starting the command. Otherwise, it sets up an interactive session with the command." + description: | + Starts a previously set up exec instance. If detach is true, this endpoint + returns immediately after starting the command. Otherwise, it sets up an + interactive session with the command. operationId: "ExecStart" consumes: - "application/json" @@ -7748,7 +8432,9 @@ paths: /exec/{id}/resize: post: summary: "Resize an exec instance" - description: "Resize the TTY session used by an exec instance. This endpoint only works if `tty` was specified as part of creating and starting the exec instance." + description: | + Resize the TTY session used by an exec instance. This endpoint only works + if `tty` was specified as part of creating and starting the exec instance. operationId: "ExecResize" responses: 201: @@ -7868,7 +8554,8 @@ paths: Warnings: type: "array" x-nullable: false - description: "Warnings that occurred when fetching the list of volumes" + description: | + Warnings that occurred when fetching the list of volumes. items: type: "string" @@ -7937,7 +8624,8 @@ paths: title: "VolumeConfig" properties: Name: - description: "The new volume's name. If not specified, Docker generates a name." + description: | + The new volume's name. If not specified, Docker generates a name. type: "string" x-nullable: false Driver: @@ -7946,7 +8634,9 @@ paths: default: "local" x-nullable: false DriverOpts: - description: "A mapping of driver options and values. These options are passed directly to the driver and are driver specific." + description: | + A mapping of driver options and values. These options are + passed directly to the driver and are driver specific. type: "object" additionalProperties: type: "string" @@ -8060,10 +8750,12 @@ paths: get: summary: "List networks" description: | - Returns a list of networks. For details on the format, see [the network inspect endpoint](#operation/NetworkInspect). + Returns a list of networks. For details on the format, see the + [network inspect endpoint](#operation/NetworkInspect). - Note that it uses a different, smaller representation of a network than inspecting a single network. For example, - the list of containers attached to the network is not propagated in API versions 1.28 and up. + Note that it uses a different, smaller representation of a network than + inspecting a single network. For example, the list of containers attached + to the network is not propagated in API versions 1.28 and up. operationId: "NetworkList" produces: - "application/json" @@ -8133,7 +8825,10 @@ paths: - name: "filters" in: "query" description: | - JSON encoded value of the filters (a `map[string][]string`) to process on the networks list. Available filters: + JSON encoded value of the filters (a `map[string][]string`) to process + on the networks list. + + Available filters: - `dangling=` When set to `true` (or `1`), returns all networks that are not in use by a container. When set to `false` @@ -8258,7 +8953,14 @@ paths: description: "The network's name." type: "string" CheckDuplicate: - description: "Check for networks with duplicate names. Since Network is primarily keyed based on a random ID and not on the name, and network name is strictly a user-friendly alias to the network which is uniquely identified using ID, there is no guaranteed way to check for duplicates. CheckDuplicate is there to provide a best effort checking of any networks which has the same name but it is not guaranteed to catch all name collisions." + description: | + Check for networks with duplicate names. Since Network is + primarily keyed based on a random ID and not on the name, and + network name is strictly a user-friendly alias to the network + which is uniquely identified using ID, there is no guaranteed + way to check for duplicates. CheckDuplicate is there to provide + a best effort checking of any networks which has the same name + but it is not guaranteed to catch all name collisions. type: "boolean" Driver: description: "Name of the network driver plugin to use." @@ -8268,10 +8970,14 @@ paths: description: "Restrict external access to the network." type: "boolean" Attachable: - description: "Globally scoped network is manually attachable by regular containers from workers in swarm mode." + description: | + Globally scoped network is manually attachable by regular + containers from workers in swarm mode. type: "boolean" Ingress: - description: "Ingress network is the network which provides the routing-mesh in swarm mode." + description: | + Ingress network is the network which provides the routing-mesh + in swarm mode. type: "boolean" IPAM: description: "Optional custom IP scheme for the network." @@ -8400,10 +9106,12 @@ paths: properties: Container: type: "string" - description: "The ID or name of the container to disconnect from the network." + description: | + The ID or name of the container to disconnect from the network. Force: type: "boolean" - description: "Force the container to disconnect from the network." + description: | + Force the container to disconnect from the network. tags: ["Network"] /networks/prune: post: @@ -8460,7 +9168,10 @@ paths: in: "query" type: "string" description: | - A JSON encoded value of the filters (a `map[string][]string`) to process on the plugin list. Available filters: + A JSON encoded value of the filters (a `map[string][]string`) to + process on the plugin list. + + Available filters: - `capability=` - `enable=|` @@ -8476,7 +9187,9 @@ paths: schema: type: "array" items: - description: "Describes a permission the user has to accept upon installing the plugin." + description: | + Describes a permission the user has to accept upon installing + the plugin. type: "object" title: "PluginPrivilegeItem" properties: @@ -8508,7 +9221,9 @@ paths: parameters: - name: "remote" in: "query" - description: "The name of the plugin. The `:latest` tag is optional, and is the default if omitted." + description: | + The name of the plugin. The `:latest` tag is optional, and is the + default if omitted. required: true type: "string" tags: @@ -8519,7 +9234,8 @@ paths: summary: "Install a plugin" operationId: "PluginPull" description: | - Pulls and installs a plugin. After the plugin is installed, it can be enabled using the [`POST /plugins/{name}/enable` endpoint](#operation/PostPluginsEnable). + Pulls and installs a plugin. After the plugin is installed, it can be + enabled using the [`POST /plugins/{name}/enable` endpoint](#operation/PostPluginsEnable). produces: - "application/json" responses: @@ -8548,14 +9264,21 @@ paths: type: "string" - name: "X-Registry-Auth" in: "header" - description: "A base64-encoded auth configuration to use when pulling a plugin from a registry. [See the authentication section for details.](#section/Authentication)" + description: | + A base64url-encoded auth configuration to use when pulling a plugin + from a registry. + + Refer to the [authentication section](#section/Authentication) for + details. type: "string" - name: "body" in: "body" schema: type: "array" items: - description: "Describes a permission accepted by the user upon installing the plugin." + description: | + Describes a permission accepted by the user upon installing the + plugin. type: "object" properties: Name: @@ -8600,7 +9323,9 @@ paths: parameters: - name: "name" in: "path" - description: "The name of the plugin. The `:latest` tag is optional, and is the default if omitted." + description: | + The name of the plugin. The `:latest` tag is optional, and is the + default if omitted. required: true type: "string" tags: ["Plugin"] @@ -8624,12 +9349,16 @@ paths: parameters: - name: "name" in: "path" - description: "The name of the plugin. The `:latest` tag is optional, and is the default if omitted." + description: | + The name of the plugin. The `:latest` tag is optional, and is the + default if omitted. required: true type: "string" - name: "force" in: "query" - description: "Disable the plugin before removing. This may result in issues if the plugin is in use by a container." + description: | + Disable the plugin before removing. This may result in issues if the + plugin is in use by a container. type: "boolean" default: false tags: ["Plugin"] @@ -8651,7 +9380,9 @@ paths: parameters: - name: "name" in: "path" - description: "The name of the plugin. The `:latest` tag is optional, and is the default if omitted." + description: | + The name of the plugin. The `:latest` tag is optional, and is the + default if omitted. required: true type: "string" - name: "timeout" @@ -8678,7 +9409,9 @@ paths: parameters: - name: "name" in: "path" - description: "The name of the plugin. The `:latest` tag is optional, and is the default if omitted." + description: | + The name of the plugin. The `:latest` tag is optional, and is the + default if omitted. required: true type: "string" tags: ["Plugin"] @@ -8700,7 +9433,9 @@ paths: parameters: - name: "name" in: "path" - description: "The name of the plugin. The `:latest` tag is optional, and is the default if omitted." + description: | + The name of the plugin. The `:latest` tag is optional, and is the + default if omitted. required: true type: "string" - name: "remote" @@ -8713,14 +9448,21 @@ paths: type: "string" - name: "X-Registry-Auth" in: "header" - description: "A base64-encoded auth configuration to use when pulling a plugin from a registry. [See the authentication section for details.](#section/Authentication)" + description: | + A base64url-encoded auth configuration to use when pulling a plugin + from a registry. + + Refer to the [authentication section](#section/Authentication) for + details. type: "string" - name: "body" in: "body" schema: type: "array" items: - description: "Describes a permission accepted by the user upon installing the plugin." + description: | + Describes a permission accepted by the user upon installing the + plugin. type: "object" properties: Name: @@ -8761,7 +9503,9 @@ paths: parameters: - name: "name" in: "query" - description: "The name of the plugin. The `:latest` tag is optional, and is the default if omitted." + description: | + The name of the plugin. The `:latest` tag is optional, and is the + default if omitted. required: true type: "string" - name: "tarContext" @@ -8780,7 +9524,9 @@ paths: parameters: - name: "name" in: "path" - description: "The name of the plugin. The `:latest` tag is optional, and is the default if omitted." + description: | + The name of the plugin. The `:latest` tag is optional, and is the + default if omitted. required: true type: "string" responses: @@ -8804,7 +9550,9 @@ paths: parameters: - name: "name" in: "path" - description: "The name of the plugin. The `:latest` tag is optional, and is the default if omitted." + description: | + The name of the plugin. The `:latest` tag is optional, and is the + default if omitted. required: true type: "string" - name: "body" @@ -8953,7 +9701,9 @@ paths: $ref: "#/definitions/NodeSpec" - name: "version" in: "query" - description: "The version number of the node object being updated. This is required to avoid conflicting writes." + description: | + The version number of the node object being updated. This is required + to avoid conflicting writes. type: "integer" format: "int64" required: true @@ -9014,20 +9764,35 @@ paths: type: "object" properties: ListenAddr: - description: "Listen address used for inter-manager communication, as well as determining the networking interface used for the VXLAN Tunnel Endpoint (VTEP). This can either be an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port number, like `eth0:4567`. If the port number is omitted, the default swarm listening port is used." + description: | + Listen address used for inter-manager communication, as well + as determining the networking interface used for the VXLAN + Tunnel Endpoint (VTEP). This can either be an address/port + combination in the form `192.168.1.1:4567`, or an interface + followed by a port number, like `eth0:4567`. If the port number + is omitted, the default swarm listening port is used. type: "string" AdvertiseAddr: - description: "Externally reachable address advertised to other nodes. This can either be an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port number, like `eth0:4567`. If the port number is omitted, the port number from the listen address is used. If `AdvertiseAddr` is not specified, it will be automatically detected when possible." + description: | + Externally reachable address advertised to other nodes. This + can either be an address/port combination in the form + `192.168.1.1:4567`, or an interface followed by a port number, + like `eth0:4567`. If the port number is omitted, the port + number from the listen address is used. If `AdvertiseAddr` is + not specified, it will be automatically detected when possible. type: "string" DataPathAddr: description: | - Address or interface to use for data path traffic (format: ``), for example, `192.168.1.1`, - or an interface, like `eth0`. If `DataPathAddr` is unspecified, the same address as `AdvertiseAddr` - is used. - - The `DataPathAddr` specifies the address that global scope network drivers will publish towards other - nodes in order to reach the containers running on this node. Using this parameter it is possible to - separate the container data traffic from the management traffic of the cluster. + Address or interface to use for data path traffic (format: + ``), for example, `192.168.1.1`, or an interface, + like `eth0`. If `DataPathAddr` is unspecified, the same address + as `AdvertiseAddr` is used. + + The `DataPathAddr` specifies the address that global scope + network drivers will publish towards other nodes in order to + reach the containers running on this node. Using this parameter + it is possible to separate the container data traffic from the + management traffic of the cluster. type: "string" DataPathPort: description: | @@ -9038,7 +9803,8 @@ paths: format: "uint32" DefaultAddrPool: description: | - Default Address Pool specifies default subnet pools for global scope networks. + Default Address Pool specifies default subnet pools for global + scope networks. type: "array" items: type: "string" @@ -9048,7 +9814,8 @@ paths: type: "boolean" SubnetSize: description: | - SubnetSize specifies the subnet size of the networks created from the default subnet pool + SubnetSize specifies the subnet size of the networks created + from the default subnet pool. type: "integer" format: "uint32" Spec: @@ -9095,25 +9862,40 @@ paths: type: "object" properties: ListenAddr: - description: "Listen address used for inter-manager communication if the node gets promoted to manager, as well as determining the networking interface used for the VXLAN Tunnel Endpoint (VTEP)." + description: | + Listen address used for inter-manager communication if the node + gets promoted to manager, as well as determining the networking + interface used for the VXLAN Tunnel Endpoint (VTEP). type: "string" AdvertiseAddr: - description: "Externally reachable address advertised to other nodes. This can either be an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port number, like `eth0:4567`. If the port number is omitted, the port number from the listen address is used. If `AdvertiseAddr` is not specified, it will be automatically detected when possible." + description: | + Externally reachable address advertised to other nodes. This + can either be an address/port combination in the form + `192.168.1.1:4567`, or an interface followed by a port number, + like `eth0:4567`. If the port number is omitted, the port + number from the listen address is used. If `AdvertiseAddr` is + not specified, it will be automatically detected when possible. type: "string" DataPathAddr: description: | - Address or interface to use for data path traffic (format: ``), for example, `192.168.1.1`, - or an interface, like `eth0`. If `DataPathAddr` is unspecified, the same address as `AdvertiseAddr` - is used. + Address or interface to use for data path traffic (format: + ``), for example, `192.168.1.1`, or an interface, + like `eth0`. If `DataPathAddr` is unspecified, the same addres + as `AdvertiseAddr` is used. - The `DataPathAddr` specifies the address that global scope network drivers will publish towards other - nodes in order to reach the containers running on this node. Using this parameter it is possible to - separate the container data traffic from the management traffic of the cluster. + The `DataPathAddr` specifies the address that global scope + network drivers will publish towards other nodes in order to + reach the containers running on this node. Using this parameter + it is possible to separate the container data traffic from the + management traffic of the cluster. type: "string" RemoteAddrs: - description: "Addresses of manager nodes already participating in the swarm." - type: "string" + description: | + Addresses of manager nodes already participating in the swarm. + type: "array" + items: + type: "string" JoinToken: description: "Secret token for joining this swarm." type: "string" @@ -9141,7 +9923,9 @@ paths: $ref: "#/definitions/ErrorResponse" parameters: - name: "force" - description: "Force leave swarm, even if this is the last manager or that it will break the cluster." + description: | + Force leave swarm, even if this is the last manager or that it will + break the cluster. in: "query" type: "boolean" default: false @@ -9173,7 +9957,9 @@ paths: $ref: "#/definitions/SwarmSpec" - name: "version" in: "query" - description: "The version number of the swarm object being updated. This is required to avoid conflicting writes." + description: | + The version number of the swarm object being updated. This is + required to avoid conflicting writes. type: "integer" format: "int64" required: true @@ -9276,7 +10062,10 @@ paths: in: "query" type: "string" description: | - A JSON encoded value of the filters (a `map[string][]string`) to process on the services list. Available filters: + A JSON encoded value of the filters (a `map[string][]string`) to + process on the services list. + + Available filters: - `id=` - `label=` @@ -9404,7 +10193,12 @@ paths: foo: "bar" - name: "X-Registry-Auth" in: "header" - description: "A base64-encoded auth configuration for pulling from private registries. [See the authentication section for details.](#section/Authentication)" + description: | + A base64url-encoded auth configuration for pulling from private + registries. + + Refer to the [authentication section](#section/Authentication) for + details. type: "string" tags: ["Service"] /services/{id}: @@ -9540,28 +10334,37 @@ paths: - name: "version" in: "query" - description: "The version number of the service object being updated. - This is required to avoid conflicting writes. - This version number should be the value as currently set on the service *before* the update. - You can find the current version by calling `GET /services/{id}`" + description: | + The version number of the service object being updated. This is + required to avoid conflicting writes. + This version number should be the value as currently set on the + service *before* the update. You can find the current version by + calling `GET /services/{id}` required: true type: "integer" - name: "registryAuthFrom" in: "query" + description: | + If the `X-Registry-Auth` header is not specified, this parameter + indicates where to find registry authorization credentials. type: "string" - description: "If the X-Registry-Auth header is not specified, this - parameter indicates where to find registry authorization credentials. The - valid values are `spec` and `previous-spec`." + enum: ["spec", "previous-spec"] default: "spec" - name: "rollback" in: "query" + description: | + Set to this parameter to `previous` to cause a server-side rollback + to the previous service spec. The supplied spec will be ignored in + this case. type: "string" - description: "Set to this parameter to `previous` to cause a - server-side rollback to the previous service spec. The supplied spec will be - ignored in this case." - name: "X-Registry-Auth" in: "header" - description: "A base64-encoded auth configuration for pulling from private registries. [See the authentication section for details.](#section/Authentication)" + description: | + A base64url-encoded auth configuration for pulling from private + registries. + + Refer to the [authentication section](#section/Authentication) for + details. type: "string" tags: ["Service"] @@ -9569,23 +10372,18 @@ paths: get: summary: "Get service logs" description: | - Get `stdout` and `stderr` logs from a service. + Get `stdout` and `stderr` logs from a service. See also + [`/containers/{id}/logs`](#operation/ContainerLogs). - **Note**: This endpoint works only for services with the `json-file` or `journald` logging drivers. + **Note**: This endpoint works only for services with the `local`, + `json-file` or `journald` logging drivers. operationId: "ServiceLogs" - produces: - - "application/vnd.docker.raw-stream" - - "application/json" responses: - 101: - description: "logs returned as a stream" - schema: - type: "string" - format: "binary" 200: - description: "logs returned as a string in response body" + description: "logs returned as a stream in response body" schema: type: "string" + format: "binary" 404: description: "no such service" schema: @@ -9614,10 +10412,7 @@ paths: default: false - name: "follow" in: "query" - description: | - Return the logs as a stream. - - This will return a `101` HTTP response with a `Connection: upgrade` header, then hijack the HTTP connection to send raw output. For more information about hijacking and the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach). + description: "Keep connection after returning logs." type: "boolean" default: false - name: "stdout" @@ -9642,7 +10437,9 @@ paths: default: false - name: "tail" in: "query" - description: "Only return this number of log lines from the end of the logs. Specify as an integer or `all` to output all log lines." + description: | + Only return this number of log lines from the end of the logs. + Specify as an integer or `all` to output all log lines. type: "string" default: "all" tags: ["Service"] @@ -9783,7 +10580,10 @@ paths: in: "query" type: "string" description: | - A JSON encoded value of the filters (a `map[string][]string`) to process on the tasks list. Available filters: + A JSON encoded value of the filters (a `map[string][]string`) to + process on the tasks list. + + Available filters: - `desired-state=(running | shutdown | accepted)` - `id=` @@ -9827,22 +10627,17 @@ paths: summary: "Get task logs" description: | Get `stdout` and `stderr` logs from a task. + See also [`/containers/{id}/logs`](#operation/ContainerLogs). - **Note**: This endpoint works only for services with the `json-file` or `journald` logging drivers. + **Note**: This endpoint works only for services with the `local`, + `json-file` or `journald` logging drivers. operationId: "TaskLogs" - produces: - - "application/vnd.docker.raw-stream" - - "application/json" responses: - 101: - description: "logs returned as a stream" - schema: - type: "string" - format: "binary" 200: - description: "logs returned as a string in response body" + description: "logs returned as a stream in response body" schema: type: "string" + format: "binary" 404: description: "no such task" schema: @@ -9871,10 +10666,7 @@ paths: default: false - name: "follow" in: "query" - description: | - Return the logs as a stream. - - This will return a `101` HTTP response with a `Connection: upgrade` header, then hijack the HTTP connection to send raw output. For more information about hijacking and the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach). + description: "Keep connection after returning logs." type: "boolean" default: false - name: "stdout" @@ -9899,7 +10691,9 @@ paths: default: false - name: "tail" in: "query" - description: "Only return this number of log lines from the end of the logs. Specify as an integer or `all` to output all log lines." + description: | + Only return this number of log lines from the end of the logs. + Specify as an integer or `all` to output all log lines. type: "string" default: "all" tags: ["Task"] @@ -9953,7 +10747,10 @@ paths: in: "query" type: "string" description: | - A JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Available filters: + A JSON encoded value of the filters (a `map[string][]string`) to + process on the secrets list. + + Available filters: - `id=` - `label= or label==value` @@ -10110,10 +10907,15 @@ paths: in: "body" schema: $ref: "#/definitions/SecretSpec" - description: "The spec of the secret to update. Currently, only the Labels field can be updated. All other fields must remain unchanged from the [SecretInspect endpoint](#operation/SecretInspect) response values." + description: | + The spec of the secret to update. Currently, only the Labels field + can be updated. All other fields must remain unchanged from the + [SecretInspect endpoint](#operation/SecretInspect) response values. - name: "version" in: "query" - description: "The version number of the secret object being updated. This is required to avoid conflicting writes." + description: | + The version number of the secret object being updated. This is + required to avoid conflicting writes. type: "integer" format: "int64" required: true @@ -10152,7 +10954,10 @@ paths: in: "query" type: "string" description: | - A JSON encoded value of the filters (a `map[string][]string`) to process on the configs list. Available filters: + A JSON encoded value of the filters (a `map[string][]string`) to + process on the configs list. + + Available filters: - `id=` - `label= or label==value` @@ -10296,10 +11101,15 @@ paths: in: "body" schema: $ref: "#/definitions/ConfigSpec" - description: "The spec of the config to update. Currently, only the Labels field can be updated. All other fields must remain unchanged from the [ConfigInspect endpoint](#operation/ConfigInspect) response values." + description: | + The spec of the config to update. Currently, only the Labels field + can be updated. All other fields must remain unchanged from the + [ConfigInspect endpoint](#operation/ConfigInspect) response values. - name: "version" in: "query" - description: "The version number of the config object being updated. This is required to avoid conflicting writes." + description: | + The version number of the config object being updated. This is + required to avoid conflicting writes. type: "integer" format: "int64" required: true @@ -10307,7 +11117,8 @@ paths: /distribution/{name}/json: get: summary: "Get image information from the registry" - description: "Return image digest and platform information by contacting the registry." + description: | + Return image digest and platform information by contacting the registry. operationId: "DistributionInspect" produces: - "application/json" @@ -10322,7 +11133,8 @@ paths: properties: Descriptor: type: "object" - description: "A descriptor struct containing digest, media type, and size" + description: | + A descriptor struct containing digest, media type, and size. properties: MediaType: type: "string" @@ -10337,7 +11149,8 @@ paths: type: "string" Platforms: type: "array" - description: "An array containing all platforms supported by the image" + description: | + An array containing all platforms supported by the image. items: type: "object" properties: @@ -10396,14 +11209,13 @@ paths: post: summary: "Initialize interactive session" description: | - Start a new interactive session with a server. Session allows server to call back to the client for advanced capabilities. - - > **Note**: This endpoint is *experimental* and only available if the daemon is started with experimental - > features enabled. The specifications for this endpoint may still change in a future version of the API. + Start a new interactive session with a server. Session allows server to + call back to the client for advanced capabilities. ### Hijacking - This endpoint hijacks the HTTP connection to HTTP2 transport that allows the client to expose gPRC services on that connection. + This endpoint hijacks the HTTP connection to HTTP2 transport that allows + the client to expose gPRC services on that connection. For example, the client sends this request to upgrade the connection: @@ -10413,7 +11225,8 @@ paths: Connection: Upgrade ``` - The Docker daemon will respond with a `101 UPGRADED` response follow with the raw stream: + The Docker daemon responds with a `101 UPGRADED` response follow with + the raw stream: ``` HTTP/1.1 101 UPGRADED @@ -10434,4 +11247,4 @@ paths: description: "server error" schema: $ref: "#/definitions/ErrorResponse" - tags: ["Session (experimental)"] + tags: ["Session"] diff --git a/vendor/github.com/docker/docker/api/types/client.go b/vendor/github.com/docker/docker/api/types/client.go index 4b9f50282b1f..fe90617eec35 100644 --- a/vendor/github.com/docker/docker/api/types/client.go +++ b/vendor/github.com/docker/docker/api/types/client.go @@ -50,7 +50,7 @@ type ContainerCommitOptions struct { // ContainerExecInspect holds information returned by exec inspect. type ContainerExecInspect struct { - ExecID string + ExecID string `json:"ID"` ContainerID string Running bool ExitCode int diff --git a/vendor/github.com/docker/docker/api/types/container/container_changes.go b/vendor/github.com/docker/docker/api/types/container/container_changes.go index c909d6ca3e9e..222d141007ec 100644 --- a/vendor/github.com/docker/docker/api/types/container/container_changes.go +++ b/vendor/github.com/docker/docker/api/types/container/container_changes.go @@ -1,4 +1,4 @@ -package container +package container // import "github.com/docker/docker/api/types/container" // ---------------------------------------------------------------------------- // DO NOT EDIT THIS FILE diff --git a/vendor/github.com/docker/docker/api/types/container/container_create.go b/vendor/github.com/docker/docker/api/types/container/container_create.go index 49efa0f2c093..1ec9c3728ba8 100644 --- a/vendor/github.com/docker/docker/api/types/container/container_create.go +++ b/vendor/github.com/docker/docker/api/types/container/container_create.go @@ -1,4 +1,4 @@ -package container +package container // import "github.com/docker/docker/api/types/container" // ---------------------------------------------------------------------------- // DO NOT EDIT THIS FILE diff --git a/vendor/github.com/docker/docker/api/types/container/container_top.go b/vendor/github.com/docker/docker/api/types/container/container_top.go index ba41edcf3f84..bd34cd6b6928 100644 --- a/vendor/github.com/docker/docker/api/types/container/container_top.go +++ b/vendor/github.com/docker/docker/api/types/container/container_top.go @@ -1,4 +1,4 @@ -package container +package container // import "github.com/docker/docker/api/types/container" // ---------------------------------------------------------------------------- // DO NOT EDIT THIS FILE @@ -11,7 +11,9 @@ package container // swagger:model ContainerTopOKBody type ContainerTopOKBody struct { - // Each process running in the container, where each is process is an array of values corresponding to the titles + // Each process running in the container, where each is process + // is an array of values corresponding to the titles. + // // Required: true Processes [][]string `json:"Processes"` diff --git a/vendor/github.com/docker/docker/api/types/container/container_update.go b/vendor/github.com/docker/docker/api/types/container/container_update.go index 7630ae54cd6d..33addedf7791 100644 --- a/vendor/github.com/docker/docker/api/types/container/container_update.go +++ b/vendor/github.com/docker/docker/api/types/container/container_update.go @@ -1,4 +1,4 @@ -package container +package container // import "github.com/docker/docker/api/types/container" // ---------------------------------------------------------------------------- // DO NOT EDIT THIS FILE diff --git a/vendor/github.com/docker/docker/api/types/container/container_wait.go b/vendor/github.com/docker/docker/api/types/container/container_wait.go index 9e3910a6b42e..94b6a20e159b 100644 --- a/vendor/github.com/docker/docker/api/types/container/container_wait.go +++ b/vendor/github.com/docker/docker/api/types/container/container_wait.go @@ -1,4 +1,4 @@ -package container +package container // import "github.com/docker/docker/api/types/container" // ---------------------------------------------------------------------------- // DO NOT EDIT THIS FILE diff --git a/vendor/github.com/docker/docker/api/types/container/host_config.go b/vendor/github.com/docker/docker/api/types/container/host_config.go index c710107702b8..c3de3d976a57 100644 --- a/vendor/github.com/docker/docker/api/types/container/host_config.go +++ b/vendor/github.com/docker/docker/api/types/container/host_config.go @@ -338,7 +338,6 @@ type Resources struct { Devices []DeviceMapping // List of devices to map inside the container DeviceCgroupRules []string // List of rule to be added to the device cgroup DeviceRequests []DeviceRequest // List of device requests for device drivers - DiskQuota int64 // Disk limit (in bytes) KernelMemory int64 // Kernel memory limit (in bytes) KernelMemoryTCP int64 // Hard limit for kernel TCP buffer memory (in bytes) MemoryReservation int64 // Memory soft limit (in bytes) diff --git a/vendor/github.com/docker/docker/api/types/filters/parse.go b/vendor/github.com/docker/docker/api/types/filters/parse.go index d8f19ae227c4..0bd2e1e1853b 100644 --- a/vendor/github.com/docker/docker/api/types/filters/parse.go +++ b/vendor/github.com/docker/docker/api/types/filters/parse.go @@ -5,7 +5,6 @@ package filters // import "github.com/docker/docker/api/types/filters" import ( "encoding/json" - "errors" "regexp" "strings" @@ -37,39 +36,13 @@ func NewArgs(initialArgs ...KeyValuePair) Args { return args } -// ParseFlag parses a key=value string and adds it to an Args. -// -// Deprecated: Use Args.Add() -func ParseFlag(arg string, prev Args) (Args, error) { - filters := prev - if len(arg) == 0 { - return filters, nil - } - - if !strings.Contains(arg, "=") { - return filters, ErrBadFormat +// Keys returns all the keys in list of Args +func (args Args) Keys() []string { + keys := make([]string, 0, len(args.fields)) + for k := range args.fields { + keys = append(keys, k) } - - f := strings.SplitN(arg, "=", 2) - - name := strings.ToLower(strings.TrimSpace(f[0])) - value := strings.TrimSpace(f[1]) - - filters.Add(name, value) - - return filters, nil -} - -// ErrBadFormat is an error returned when a filter is not in the form key=value -// -// Deprecated: this error will be removed in a future version -var ErrBadFormat = errors.New("bad format of filter (expected name=value)") - -// ToParam encodes the Args as args JSON encoded string -// -// Deprecated: use ToJSON -func ToParam(a Args) (string, error) { - return ToJSON(a) + return keys } // MarshalJSON returns a JSON byte representation of the Args @@ -107,13 +80,6 @@ func ToParamWithVersion(version string, a Args) (string, error) { return ToJSON(a) } -// FromParam decodes a JSON encoded string into Args -// -// Deprecated: use FromJSON -func FromParam(p string) (Args, error) { - return FromJSON(p) -} - // FromJSON decodes a JSON encoded string into Args func FromJSON(p string) (Args, error) { args := NewArgs() @@ -275,14 +241,6 @@ func (args Args) FuzzyMatch(key, source string) bool { return false } -// Include returns true if the key exists in the mapping -// -// Deprecated: use Contains -func (args Args) Include(field string) bool { - _, ok := args.fields[field] - return ok -} - // Contains returns true if the key exists in the mapping func (args Args) Contains(field string) bool { _, ok := args.fields[field] diff --git a/vendor/github.com/docker/docker/api/types/image/image_history.go b/vendor/github.com/docker/docker/api/types/image/image_history.go index d6b354bcdf38..b5a7a0c4901b 100644 --- a/vendor/github.com/docker/docker/api/types/image/image_history.go +++ b/vendor/github.com/docker/docker/api/types/image/image_history.go @@ -1,4 +1,4 @@ -package image +package image // import "github.com/docker/docker/api/types/image" // ---------------------------------------------------------------------------- // DO NOT EDIT THIS FILE diff --git a/vendor/github.com/docker/docker/api/types/volume.go b/vendor/github.com/docker/docker/api/types/volume.go index b5ee96a50058..c69b08448df4 100644 --- a/vendor/github.com/docker/docker/api/types/volume.go +++ b/vendor/github.com/docker/docker/api/types/volume.go @@ -27,10 +27,13 @@ type Volume struct { Name string `json:"Name"` // The driver specific options used when creating the volume. + // // Required: true Options map[string]string `json:"Options"` - // The level at which the volume exists. Either `global` for cluster-wide, or `local` for machine level. + // The level at which the volume exists. Either `global` for cluster-wide, + // or `local` for machine level. + // // Required: true Scope string `json:"Scope"` diff --git a/vendor/github.com/docker/docker/api/types/volume/volume_create.go b/vendor/github.com/docker/docker/api/types/volume/volume_create.go index f12e48612c56..700aa804f851 100644 --- a/vendor/github.com/docker/docker/api/types/volume/volume_create.go +++ b/vendor/github.com/docker/docker/api/types/volume/volume_create.go @@ -1,4 +1,4 @@ -package volume +package volume // import "github.com/docker/docker/api/types/volume" // ---------------------------------------------------------------------------- // DO NOT EDIT THIS FILE @@ -15,7 +15,9 @@ type VolumeCreateBody struct { // Required: true Driver string `json:"Driver"` - // A mapping of driver options and values. These options are passed directly to the driver and are driver specific. + // A mapping of driver options and values. These options are + // passed directly to the driver and are driver specific. + // // Required: true DriverOpts map[string]string `json:"DriverOpts"` @@ -24,6 +26,7 @@ type VolumeCreateBody struct { Labels map[string]string `json:"Labels"` // The new volume's name. If not specified, Docker generates a name. + // // Required: true Name string `json:"Name"` } diff --git a/vendor/github.com/docker/docker/api/types/volume/volume_list.go b/vendor/github.com/docker/docker/api/types/volume/volume_list.go index 020198f7371b..5a79ad64370f 100644 --- a/vendor/github.com/docker/docker/api/types/volume/volume_list.go +++ b/vendor/github.com/docker/docker/api/types/volume/volume_list.go @@ -1,4 +1,4 @@ -package volume +package volume // import "github.com/docker/docker/api/types/volume" // ---------------------------------------------------------------------------- // DO NOT EDIT THIS FILE @@ -17,7 +17,8 @@ type VolumeListOKBody struct { // Required: true Volumes []*types.Volume `json:"Volumes"` - // Warnings that occurred when fetching the list of volumes + // Warnings that occurred when fetching the list of volumes. + // // Required: true Warnings []string `json:"Warnings"` } diff --git a/vendor/github.com/docker/docker/client/client.go b/vendor/github.com/docker/docker/client/client.go index 0b7b4d953c95..b63d4d6d4986 100644 --- a/vendor/github.com/docker/docker/client/client.go +++ b/vendor/github.com/docker/docker/client/client.go @@ -81,6 +81,15 @@ type Client struct { customHTTPHeaders map[string]string // manualOverride is set to true when the version was set by users. manualOverride bool + + // negotiateVersion indicates if the client should automatically negotiate + // the API version to use when making requests. API version negotiation is + // performed on the first request, after which negotiated is set to "true" + // so that subsequent requests do not re-negotiate. + negotiateVersion bool + + // negotiated indicates that API version negotiation took place + negotiated bool } // CheckRedirect specifies the policy for dealing with redirect responses: @@ -107,7 +116,7 @@ func CheckRedirect(req *http.Request, via []*http.Request) error { // It won't send any version information if the version number is empty. It is // highly recommended that you set a version or your client may break if the // server is upgraded. -func NewClientWithOpts(ops ...func(*Client) error) (*Client, error) { +func NewClientWithOpts(ops ...Opt) (*Client, error) { client, err := defaultHTTPClient(DefaultDockerHost) if err != nil { return nil, err @@ -169,8 +178,11 @@ func (cli *Client) Close() error { // getAPIPath returns the versioned request path to call the api. // It appends the query parameters to the path if they are not empty. -func (cli *Client) getAPIPath(p string, query url.Values) string { +func (cli *Client) getAPIPath(ctx context.Context, p string, query url.Values) string { var apiPath string + if cli.negotiateVersion && !cli.negotiated { + cli.NegotiateAPIVersion(ctx) + } if cli.version != "" { v := strings.TrimPrefix(cli.version, "v") apiPath = path.Join(cli.basePath, "/v"+v, p) @@ -186,19 +198,31 @@ func (cli *Client) ClientVersion() string { } // NegotiateAPIVersion queries the API and updates the version to match the -// API version. Any errors are silently ignored. +// API version. Any errors are silently ignored. If a manual override is in place, +// either through the `DOCKER_API_VERSION` environment variable, or if the client +// was initialized with a fixed version (`opts.WithVersion(xx)`), no negotiation +// will be performed. func (cli *Client) NegotiateAPIVersion(ctx context.Context) { - ping, _ := cli.Ping(ctx) - cli.NegotiateAPIVersionPing(ping) + if !cli.manualOverride { + ping, _ := cli.Ping(ctx) + cli.negotiateAPIVersionPing(ping) + } } // NegotiateAPIVersionPing updates the client version to match the Ping.APIVersion -// if the ping version is less than the default version. +// if the ping version is less than the default version. If a manual override is +// in place, either through the `DOCKER_API_VERSION` environment variable, or if +// the client was initialized with a fixed version (`opts.WithVersion(xx)`), no +// negotiation is performed. func (cli *Client) NegotiateAPIVersionPing(p types.Ping) { - if cli.manualOverride { - return + if !cli.manualOverride { + cli.negotiateAPIVersionPing(p) } +} +// negotiateAPIVersionPing queries the API and updates the version to match the +// API version. Any errors are silently ignored. +func (cli *Client) negotiateAPIVersionPing(p types.Ping) { // try the latest version before versioning headers existed if p.APIVersion == "" { p.APIVersion = "1.24" @@ -213,6 +237,12 @@ func (cli *Client) NegotiateAPIVersionPing(p types.Ping) { if versions.LessThan(p.APIVersion, cli.version) { cli.version = p.APIVersion } + + // Store the results, so that automatic API version negotiation (if enabled) + // won't be performed on the next request. + if cli.negotiateVersion { + cli.negotiated = true + } } // DaemonHost returns the host address used by the client diff --git a/vendor/github.com/docker/docker/client/client_unix.go b/vendor/github.com/docker/docker/client/client_unix.go index 3d24470ba3aa..178ff67409a1 100644 --- a/vendor/github.com/docker/docker/client/client_unix.go +++ b/vendor/github.com/docker/docker/client/client_unix.go @@ -1,4 +1,4 @@ -// +build linux freebsd openbsd darwin +// +build linux freebsd openbsd netbsd darwin dragonfly package client // import "github.com/docker/docker/client" diff --git a/vendor/github.com/docker/docker/client/hijack.go b/vendor/github.com/docker/docker/client/hijack.go index 0ac8248f2c7b..e9c9a752f83f 100644 --- a/vendor/github.com/docker/docker/client/hijack.go +++ b/vendor/github.com/docker/docker/client/hijack.go @@ -23,7 +23,7 @@ func (cli *Client) postHijacked(ctx context.Context, path string, query url.Valu return types.HijackedResponse{}, err } - apiPath := cli.getAPIPath(path, query) + apiPath := cli.getAPIPath(ctx, path, query) req, err := http.NewRequest("POST", apiPath, bodyEncoded) if err != nil { return types.HijackedResponse{}, err @@ -38,6 +38,17 @@ func (cli *Client) postHijacked(ctx context.Context, path string, query url.Valu return types.HijackedResponse{Conn: conn, Reader: bufio.NewReader(conn)}, err } +// DialHijack returns a hijacked connection with negotiated protocol proto. +func (cli *Client) DialHijack(ctx context.Context, url, proto string, meta map[string][]string) (net.Conn, error) { + req, err := http.NewRequest("POST", url, nil) + if err != nil { + return nil, err + } + req = cli.addHeaders(req, meta) + + return cli.setupHijackConn(ctx, req, proto) +} + // fallbackDial is used when WithDialer() was not called. // See cli.Dialer(). func fallbackDial(proto, addr string, tlsConfig *tls.Config) (net.Conn, error) { diff --git a/vendor/github.com/docker/docker/client/interface.go b/vendor/github.com/docker/docker/client/interface.go index d190f8e58db8..cde64be4b56b 100644 --- a/vendor/github.com/docker/docker/client/interface.go +++ b/vendor/github.com/docker/docker/client/interface.go @@ -38,7 +38,7 @@ type CommonAPIClient interface { ServerVersion(ctx context.Context) (types.Version, error) NegotiateAPIVersion(ctx context.Context) NegotiateAPIVersionPing(types.Ping) - DialSession(ctx context.Context, proto string, meta map[string][]string) (net.Conn, error) + DialHijack(ctx context.Context, url, proto string, meta map[string][]string) (net.Conn, error) Dialer() func(context.Context) (net.Conn, error) Close() error } diff --git a/vendor/github.com/docker/docker/client/options.go b/vendor/github.com/docker/docker/client/options.go index 089be0d50ddd..6f77f0955f69 100644 --- a/vendor/github.com/docker/docker/client/options.go +++ b/vendor/github.com/docker/docker/client/options.go @@ -6,12 +6,16 @@ import ( "net/http" "os" "path/filepath" + "time" "github.com/docker/go-connections/sockets" "github.com/docker/go-connections/tlsconfig" "github.com/pkg/errors" ) +// Opt is a configuration option to initialize a client +type Opt func(*Client) error + // FromEnv configures the client with values from environment variables. // // Supported environment variables: @@ -55,13 +59,13 @@ func FromEnv(c *Client) error { // WithDialer applies the dialer.DialContext to the client transport. This can be // used to set the Timeout and KeepAlive settings of the client. // Deprecated: use WithDialContext -func WithDialer(dialer *net.Dialer) func(*Client) error { +func WithDialer(dialer *net.Dialer) Opt { return WithDialContext(dialer.DialContext) } // WithDialContext applies the dialer to the client transport. This can be // used to set the Timeout and KeepAlive settings of the client. -func WithDialContext(dialContext func(ctx context.Context, network, addr string) (net.Conn, error)) func(*Client) error { +func WithDialContext(dialContext func(ctx context.Context, network, addr string) (net.Conn, error)) Opt { return func(c *Client) error { if transport, ok := c.client.Transport.(*http.Transport); ok { transport.DialContext = dialContext @@ -72,7 +76,7 @@ func WithDialContext(dialContext func(ctx context.Context, network, addr string) } // WithHost overrides the client host with the specified one. -func WithHost(host string) func(*Client) error { +func WithHost(host string) Opt { return func(c *Client) error { hostURL, err := ParseHostURL(host) if err != nil { @@ -90,7 +94,7 @@ func WithHost(host string) func(*Client) error { } // WithHTTPClient overrides the client http client with the specified one -func WithHTTPClient(client *http.Client) func(*Client) error { +func WithHTTPClient(client *http.Client) Opt { return func(c *Client) error { if client != nil { c.client = client @@ -99,8 +103,16 @@ func WithHTTPClient(client *http.Client) func(*Client) error { } } +// WithTimeout configures the time limit for requests made by the HTTP client +func WithTimeout(timeout time.Duration) Opt { + return func(c *Client) error { + c.client.Timeout = timeout + return nil + } +} + // WithHTTPHeaders overrides the client default http headers -func WithHTTPHeaders(headers map[string]string) func(*Client) error { +func WithHTTPHeaders(headers map[string]string) Opt { return func(c *Client) error { c.customHTTPHeaders = headers return nil @@ -108,7 +120,7 @@ func WithHTTPHeaders(headers map[string]string) func(*Client) error { } // WithScheme overrides the client scheme with the specified one -func WithScheme(scheme string) func(*Client) error { +func WithScheme(scheme string) Opt { return func(c *Client) error { c.scheme = scheme return nil @@ -116,7 +128,7 @@ func WithScheme(scheme string) func(*Client) error { } // WithTLSClientConfig applies a tls config to the client transport. -func WithTLSClientConfig(cacertPath, certPath, keyPath string) func(*Client) error { +func WithTLSClientConfig(cacertPath, certPath, keyPath string) Opt { return func(c *Client) error { opts := tlsconfig.Options{ CAFile: cacertPath, @@ -136,11 +148,25 @@ func WithTLSClientConfig(cacertPath, certPath, keyPath string) func(*Client) err } } -// WithVersion overrides the client version with the specified one -func WithVersion(version string) func(*Client) error { +// WithVersion overrides the client version with the specified one. If an empty +// version is specified, the value will be ignored to allow version negotiation. +func WithVersion(version string) Opt { + return func(c *Client) error { + if version != "" { + c.version = version + c.manualOverride = true + } + return nil + } +} + +// WithAPIVersionNegotiation enables automatic API version negotiation for the client. +// With this option enabled, the client automatically negotiates the API version +// to use when making requests. API version negotiation is performed on the first +// request; subsequent requests will not re-negotiate. +func WithAPIVersionNegotiation() Opt { return func(c *Client) error { - c.version = version - c.manualOverride = true + c.negotiateVersion = true return nil } } diff --git a/vendor/github.com/docker/docker/client/ping.go b/vendor/github.com/docker/docker/client/ping.go index 4553e0fb718f..90f39ec14f92 100644 --- a/vendor/github.com/docker/docker/client/ping.go +++ b/vendor/github.com/docker/docker/client/ping.go @@ -31,6 +31,8 @@ func (cli *Client) Ping(ctx context.Context) (types.Ping, error) { // Server handled the request, so parse the response return parsePingResponse(cli, serverResp) } + } else if IsErrConnectionFailed(err) { + return ping, err } req, err = cli.buildRequest("GET", path.Join(cli.basePath, "/_ping"), nil, nil) diff --git a/vendor/github.com/docker/docker/client/request.go b/vendor/github.com/docker/docker/client/request.go index 0afe26d5880a..44e0a22c4f60 100644 --- a/vendor/github.com/docker/docker/client/request.go +++ b/vendor/github.com/docker/docker/client/request.go @@ -115,7 +115,7 @@ func (cli *Client) buildRequest(method, path string, body io.Reader, headers hea } func (cli *Client) sendRequest(ctx context.Context, method, path string, query url.Values, body io.Reader, headers headers) (serverResponse, error) { - req, err := cli.buildRequest(method, cli.getAPIPath(path, query), body, headers) + req, err := cli.buildRequest(method, cli.getAPIPath(ctx, path, query), body, headers) if err != nil { return serverResponse{}, err } @@ -143,8 +143,7 @@ func (cli *Client) doRequest(ctx context.Context, req *http.Request) (serverResp // Don't decorate context sentinel errors; users may be comparing to // them directly. - switch err { - case context.Canceled, context.DeadlineExceeded: + if errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded) { return serverResp, err } @@ -178,7 +177,13 @@ func (cli *Client) doRequest(ctx context.Context, req *http.Request) (serverResp // this is localised - for example in French the error would be // `open //./pipe/docker_engine: Le fichier spécifié est introuvable.` if strings.Contains(err.Error(), `open //./pipe/docker_engine`) { - err = errors.New(err.Error() + " In the default daemon configuration on Windows, the docker client must be run elevated to connect. This error may also indicate that the docker daemon is not running.") + // Checks if client is running with elevated privileges + if f, elevatedErr := os.Open("\\\\.\\PHYSICALDRIVE0"); elevatedErr == nil { + err = errors.Wrap(err, "In the default daemon configuration on Windows, the docker client must be run with elevated privileges to connect.") + } else { + f.Close() + err = errors.Wrap(err, "This error may indicate that the docker daemon is not running.") + } } return serverResp, errors.Wrap(err, "error during connect") diff --git a/vendor/github.com/docker/docker/client/session.go b/vendor/github.com/docker/docker/client/session.go deleted file mode 100644 index df199f3d03ab..000000000000 --- a/vendor/github.com/docker/docker/client/session.go +++ /dev/null @@ -1,18 +0,0 @@ -package client // import "github.com/docker/docker/client" - -import ( - "context" - "net" - "net/http" -) - -// DialSession returns a connection that can be used communication with daemon -func (cli *Client) DialSession(ctx context.Context, proto string, meta map[string][]string) (net.Conn, error) { - req, err := http.NewRequest("POST", "/session", nil) - if err != nil { - return nil, err - } - req = cli.addHeaders(req, meta) - - return cli.setupHijackConn(ctx, req, proto) -} diff --git a/vendor/github.com/docker/docker/errdefs/http_helpers.go b/vendor/github.com/docker/docker/errdefs/http_helpers.go index ac9bf6d33e67..07552f1cc1dd 100644 --- a/vendor/github.com/docker/docker/errdefs/http_helpers.go +++ b/vendor/github.com/docker/docker/errdefs/http_helpers.go @@ -4,6 +4,7 @@ import ( "fmt" "net/http" + containerderrors "github.com/containerd/containerd/errdefs" "github.com/docker/distribution/registry/api/errcode" "github.com/sirupsen/logrus" "google.golang.org/grpc/codes" @@ -47,6 +48,10 @@ func GetHTTPErrorStatusCode(err error) int { if statusCode != http.StatusInternalServerError { return statusCode } + statusCode = statusCodeFromContainerdError(err) + if statusCode != http.StatusInternalServerError { + return statusCode + } statusCode = statusCodeFromDistributionError(err) if statusCode != http.StatusInternalServerError { return statusCode @@ -136,9 +141,6 @@ func statusCodeFromGRPCError(err error) int { case codes.Unavailable: // code 14 return http.StatusServiceUnavailable default: - if e, ok := err.(causer); ok { - return statusCodeFromGRPCError(e.Cause()) - } // codes.Canceled(1) // codes.Unknown(2) // codes.DeadlineExceeded(4) @@ -163,10 +165,27 @@ func statusCodeFromDistributionError(err error) int { } case errcode.ErrorCoder: return errs.ErrorCode().Descriptor().HTTPStatusCode - default: - if e, ok := err.(causer); ok { - return statusCodeFromDistributionError(e.Cause()) - } } return http.StatusInternalServerError } + +// statusCodeFromContainerdError returns status code for containerd errors when +// consumed directly (not through gRPC) +func statusCodeFromContainerdError(err error) int { + switch { + case containerderrors.IsInvalidArgument(err): + return http.StatusBadRequest + case containerderrors.IsNotFound(err): + return http.StatusNotFound + case containerderrors.IsAlreadyExists(err): + return http.StatusConflict + case containerderrors.IsFailedPrecondition(err): + return http.StatusPreconditionFailed + case containerderrors.IsUnavailable(err): + return http.StatusServiceUnavailable + case containerderrors.IsNotImplemented(err): + return http.StatusNotImplemented + default: + return http.StatusInternalServerError + } +} diff --git a/vendor/github.com/docker/docker/pkg/archive/archive_linux.go b/vendor/github.com/docker/docker/pkg/archive/archive_linux.go index 0601f7b0d1f5..c0f81ac3d68f 100644 --- a/vendor/github.com/docker/docker/pkg/archive/archive_linux.go +++ b/vendor/github.com/docker/docker/pkg/archive/archive_linux.go @@ -151,7 +151,9 @@ func mknodChar0Overlay(cleansedOriginalPath string) error { if err := ioutil.WriteFile(lowerDummy, []byte{}, 0600); err != nil { return errors.Wrapf(err, "failed to create a dummy lower file %s", lowerDummy) } - mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lower, upper, work) + // lowerdir needs ":" to be escaped: https://github.com/moby/moby/issues/40939#issuecomment-627098286 + lowerEscaped := strings.ReplaceAll(lower, ":", "\\:") + mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lowerEscaped, upper, work) // docker/pkg/mount.Mount() requires procfs to be mounted. So we use syscall.Mount() directly instead. if err := syscall.Mount("overlay", merged, "overlay", uintptr(0), mOpts); err != nil { return errors.Wrapf(err, "failed to mount overlay (%s) on %s", mOpts, merged) @@ -236,7 +238,9 @@ func createDirWithOverlayOpaque(tmp string) (string, error) { if err := os.MkdirAll(lowerDummy, 0700); err != nil { return "", errors.Wrapf(err, "failed to create a dummy lower directory %s", lowerDummy) } - mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lower, upper, work) + // lowerdir needs ":" to be escaped: https://github.com/moby/moby/issues/40939#issuecomment-627098286 + lowerEscaped := strings.ReplaceAll(lower, ":", "\\:") + mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lowerEscaped, upper, work) // docker/pkg/mount.Mount() requires procfs to be mounted. So we use syscall.Mount() directly instead. if err := syscall.Mount("overlay", merged, "overlay", uintptr(0), mOpts); err != nil { return "", errors.Wrapf(err, "failed to mount overlay (%s) on %s", mOpts, merged) diff --git a/vendor/github.com/docker/docker/pkg/archive/archive_unix.go b/vendor/github.com/docker/docker/pkg/archive/archive_unix.go index 1eec912b7b0b..d626336032ba 100644 --- a/vendor/github.com/docker/docker/pkg/archive/archive_unix.go +++ b/vendor/github.com/docker/docker/pkg/archive/archive_unix.go @@ -7,6 +7,7 @@ import ( "errors" "os" "path/filepath" + "strings" "syscall" "github.com/docker/docker/pkg/idtools" @@ -26,7 +27,7 @@ func fixVolumePathPrefix(srcPath string) string { // can't use filepath.Join(srcPath,include) because this will clean away // a trailing "." or "/" which may be important. func getWalkRoot(srcPath string, include string) string { - return srcPath + string(filepath.Separator) + include + return strings.TrimSuffix(srcPath, string(filepath.Separator)) + string(filepath.Separator) + include } // CanonicalTarNameForPath returns platform-specific filepath diff --git a/vendor/github.com/docker/docker/pkg/idtools/idtools.go b/vendor/github.com/docker/docker/pkg/idtools/idtools.go index 230422eac827..b3af7a4226e6 100644 --- a/vendor/github.com/docker/docker/pkg/idtools/idtools.go +++ b/vendor/github.com/docker/docker/pkg/idtools/idtools.go @@ -4,7 +4,6 @@ import ( "bufio" "fmt" "os" - "sort" "strconv" "strings" ) @@ -203,8 +202,6 @@ func (i *IdentityMapping) GIDs() []IDMap { func createIDMap(subidRanges ranges) []IDMap { idMap := []IDMap{} - // sort the ranges by lowest ID first - sort.Sort(subidRanges) containerID := 0 for _, idrange := range subidRanges { idMap = append(idMap, IDMap{ diff --git a/vendor/github.com/docker/docker/pkg/mount/mount.go b/vendor/github.com/docker/docker/pkg/mount/mount.go index 4afd63c427b3..be0631c630ca 100644 --- a/vendor/github.com/docker/docker/pkg/mount/mount.go +++ b/vendor/github.com/docker/docker/pkg/mount/mount.go @@ -102,13 +102,13 @@ func Mounted(mountpoint string) (bool, error) { // specified like the mount or fstab unix commands: "opt1=val1,opt2=val2". See // flags.go for supported option flags. func Mount(device, target, mType, options string) error { - flag, _ := parseOptions(options) + flag, data := parseOptions(options) if flag&REMOUNT != REMOUNT { if mounted, err := Mounted(target); err != nil || mounted { return err } } - return ForceMount(device, target, mType, options) + return mount(device, target, mType, uintptr(flag), data) } // ForceMount will mount a filesystem according to the specified configuration, diff --git a/vendor/github.com/docker/docker/pkg/mount/mountinfo_linux.go b/vendor/github.com/docker/docker/pkg/mount/mountinfo_linux.go index c1dba01fc31c..fe6e3ddba132 100644 --- a/vendor/github.com/docker/docker/pkg/mount/mountinfo_linux.go +++ b/vendor/github.com/docker/docker/pkg/mount/mountinfo_linux.go @@ -7,16 +7,21 @@ import ( "os" "strconv" "strings" + + "github.com/pkg/errors" ) func parseInfoFile(r io.Reader, filter FilterFunc) ([]*Info, error) { s := bufio.NewScanner(r) out := []*Info{} + var err error for s.Scan() { - if err := s.Err(); err != nil { + if err = s.Err(); err != nil { return nil, err } /* + See http://man7.org/linux/man-pages/man5/proc.5.html + 36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue (1)(2)(3) (4) (5) (6) (7) (8) (9) (10) (11) @@ -52,8 +57,15 @@ func parseInfoFile(r io.Reader, filter FilterFunc) ([]*Info, error) { p.Major, _ = strconv.Atoi(mm[0]) p.Minor, _ = strconv.Atoi(mm[1]) - p.Root = fields[3] - p.Mountpoint = fields[4] + p.Root, err = strconv.Unquote(`"` + fields[3] + `"`) + if err != nil { + return nil, errors.Wrapf(err, "Parsing '%s' failed: unable to unquote root field", fields[3]) + } + + p.Mountpoint, err = strconv.Unquote(`"` + fields[4] + `"`) + if err != nil { + return nil, errors.Wrapf(err, "Parsing '%s' failed: unable to unquote mount point field", fields[4]) + } p.Opts = fields[5] var skip, stop bool diff --git a/vendor/github.com/docker/docker/pkg/mount/sharedsubtree_linux.go b/vendor/github.com/docker/docker/pkg/mount/sharedsubtree_linux.go index 8a100f0bc85a..db3882874aea 100644 --- a/vendor/github.com/docker/docker/pkg/mount/sharedsubtree_linux.go +++ b/vendor/github.com/docker/docker/pkg/mount/sharedsubtree_linux.go @@ -3,49 +3,49 @@ package mount // import "github.com/docker/docker/pkg/mount" // MakeShared ensures a mounted filesystem has the SHARED mount option enabled. // See the supported options in flags.go for further reference. func MakeShared(mountPoint string) error { - return ensureMountedAs(mountPoint, "shared") + return ensureMountedAs(mountPoint, SHARED) } // MakeRShared ensures a mounted filesystem has the RSHARED mount option enabled. // See the supported options in flags.go for further reference. func MakeRShared(mountPoint string) error { - return ensureMountedAs(mountPoint, "rshared") + return ensureMountedAs(mountPoint, RSHARED) } // MakePrivate ensures a mounted filesystem has the PRIVATE mount option enabled. // See the supported options in flags.go for further reference. func MakePrivate(mountPoint string) error { - return ensureMountedAs(mountPoint, "private") + return ensureMountedAs(mountPoint, PRIVATE) } // MakeRPrivate ensures a mounted filesystem has the RPRIVATE mount option // enabled. See the supported options in flags.go for further reference. func MakeRPrivate(mountPoint string) error { - return ensureMountedAs(mountPoint, "rprivate") + return ensureMountedAs(mountPoint, RPRIVATE) } // MakeSlave ensures a mounted filesystem has the SLAVE mount option enabled. // See the supported options in flags.go for further reference. func MakeSlave(mountPoint string) error { - return ensureMountedAs(mountPoint, "slave") + return ensureMountedAs(mountPoint, SLAVE) } // MakeRSlave ensures a mounted filesystem has the RSLAVE mount option enabled. // See the supported options in flags.go for further reference. func MakeRSlave(mountPoint string) error { - return ensureMountedAs(mountPoint, "rslave") + return ensureMountedAs(mountPoint, RSLAVE) } // MakeUnbindable ensures a mounted filesystem has the UNBINDABLE mount option // enabled. See the supported options in flags.go for further reference. func MakeUnbindable(mountPoint string) error { - return ensureMountedAs(mountPoint, "unbindable") + return ensureMountedAs(mountPoint, UNBINDABLE) } // MakeRUnbindable ensures a mounted filesystem has the RUNBINDABLE mount // option enabled. See the supported options in flags.go for further reference. func MakeRUnbindable(mountPoint string) error { - return ensureMountedAs(mountPoint, "runbindable") + return ensureMountedAs(mountPoint, RUNBINDABLE) } // MakeMount ensures that the file or directory given is a mount point, @@ -59,13 +59,13 @@ func MakeMount(mnt string) error { return nil } - return Mount(mnt, mnt, "none", "bind") + return mount(mnt, mnt, "none", uintptr(BIND), "") } -func ensureMountedAs(mountPoint, options string) error { - if err := MakeMount(mountPoint); err != nil { +func ensureMountedAs(mnt string, flags int) error { + if err := MakeMount(mnt); err != nil { return err } - return ForceMount("", mountPoint, "none", options) + return mount("", mnt, "none", uintptr(flags), "") } diff --git a/vendor/github.com/docker/docker/pkg/system/init_windows.go b/vendor/github.com/docker/docker/pkg/system/init_windows.go index 7f675012854b..f303aa906392 100644 --- a/vendor/github.com/docker/docker/pkg/system/init_windows.go +++ b/vendor/github.com/docker/docker/pkg/system/init_windows.go @@ -3,6 +3,7 @@ package system // import "github.com/docker/docker/pkg/system" import ( "os" + "github.com/Microsoft/hcsshim/osversion" "github.com/sirupsen/logrus" ) @@ -15,10 +16,10 @@ var ( containerdRuntimeSupported = false ) -// InitLCOW sets whether LCOW is supported or not +// InitLCOW sets whether LCOW is supported or not. Requires RS5+ func InitLCOW(experimental bool) { v := GetOSVersion() - if experimental && v.Build >= 16299 { + if experimental && v.Build >= osversion.RS5 { lcowSupported = true } } diff --git a/vendor/github.com/docker/docker/pkg/system/stat_linux.go b/vendor/github.com/docker/docker/pkg/system/stat_linux.go index 98c9eb18d18d..17d5d131a3c8 100644 --- a/vendor/github.com/docker/docker/pkg/system/stat_linux.go +++ b/vendor/github.com/docker/docker/pkg/system/stat_linux.go @@ -8,7 +8,8 @@ func fromStatT(s *syscall.Stat_t) (*StatT, error) { mode: s.Mode, uid: s.Uid, gid: s.Gid, - rdev: s.Rdev, + // the type is 32bit on mips + rdev: uint64(s.Rdev), // nolint: unconvert mtim: s.Mtim}, nil } diff --git a/vendor/github.com/docker/docker/pkg/system/xattrs_linux.go b/vendor/github.com/docker/docker/pkg/system/xattrs_linux.go index 66d4895b27ab..d4f1a57fb06e 100644 --- a/vendor/github.com/docker/docker/pkg/system/xattrs_linux.go +++ b/vendor/github.com/docker/docker/pkg/system/xattrs_linux.go @@ -6,19 +6,28 @@ import "golang.org/x/sys/unix" // and associated with the given path in the file system. // It will returns a nil slice and nil error if the xattr is not set. func Lgetxattr(path string, attr string) ([]byte, error) { + // Start with a 128 length byte array dest := make([]byte, 128) sz, errno := unix.Lgetxattr(path, attr, dest) - if errno == unix.ENODATA { + + switch { + case errno == unix.ENODATA: return nil, nil - } - if errno == unix.ERANGE { + case errno == unix.ERANGE: + // 128 byte array might just not be good enough. A dummy buffer is used + // to get the real size of the xattrs on disk + sz, errno = unix.Lgetxattr(path, attr, []byte{}) + if errno != nil { + return nil, errno + } dest = make([]byte, sz) sz, errno = unix.Lgetxattr(path, attr, dest) - } - if errno != nil { + if errno != nil { + return nil, errno + } + case errno != nil: return nil, errno } - return dest[:sz], nil } diff --git a/vendor/github.com/docker/go-connections/nat/nat.go b/vendor/github.com/docker/go-connections/nat/nat.go index 4d5f5ae63afd..bb7e4e336950 100644 --- a/vendor/github.com/docker/go-connections/nat/nat.go +++ b/vendor/github.com/docker/go-connections/nat/nat.go @@ -113,7 +113,7 @@ func SplitProtoPort(rawPort string) (string, string) { } func validateProto(proto string) bool { - for _, availableProto := range []string{"tcp", "udp"} { + for _, availableProto := range []string{"tcp", "udp", "sctp"} { if availableProto == proto { return true } diff --git a/vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go b/vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go index 9ca974539a77..1ff81c333c36 100644 --- a/vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go +++ b/vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go @@ -4,7 +4,6 @@ package tlsconfig import ( "crypto/x509" - ) // SystemCertPool returns an new empty cert pool, diff --git a/vendor/github.com/docker/go-connections/tlsconfig/config.go b/vendor/github.com/docker/go-connections/tlsconfig/config.go index 1b31bbb8b1b9..0ef3fdcb4690 100644 --- a/vendor/github.com/docker/go-connections/tlsconfig/config.go +++ b/vendor/github.com/docker/go-connections/tlsconfig/config.go @@ -46,8 +46,6 @@ var acceptedCBCCiphers = []uint16{ tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - tls.TLS_RSA_WITH_AES_256_CBC_SHA, - tls.TLS_RSA_WITH_AES_128_CBC_SHA, } // DefaultServerAcceptedCiphers should be uses by code which already has a crypto/tls @@ -65,22 +63,34 @@ var allTLSVersions = map[uint16]struct{}{ } // ServerDefault returns a secure-enough TLS configuration for the server TLS configuration. -func ServerDefault() *tls.Config { - return &tls.Config{ - // Avoid fallback to SSL protocols < TLS1.0 - MinVersion: tls.VersionTLS10, +func ServerDefault(ops ...func(*tls.Config)) *tls.Config { + tlsconfig := &tls.Config{ + // Avoid fallback by default to SSL protocols < TLS1.2 + MinVersion: tls.VersionTLS12, PreferServerCipherSuites: true, CipherSuites: DefaultServerAcceptedCiphers, } + + for _, op := range ops { + op(tlsconfig) + } + + return tlsconfig } // ClientDefault returns a secure-enough TLS configuration for the client TLS configuration. -func ClientDefault() *tls.Config { - return &tls.Config{ +func ClientDefault(ops ...func(*tls.Config)) *tls.Config { + tlsconfig := &tls.Config{ // Prefer TLS1.2 as the client minimum MinVersion: tls.VersionTLS12, CipherSuites: clientCipherSuites, } + + for _, op := range ops { + op(tlsconfig) + } + + return tlsconfig } // certPool returns an X.509 certificate pool from `caFile`, the certificate file. diff --git a/vendor/github.com/form3tech-oss/jwt-go/.gitignore b/vendor/github.com/form3tech-oss/jwt-go/.gitignore new file mode 100644 index 000000000000..c0e81a8d9267 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/.gitignore @@ -0,0 +1,5 @@ +.DS_Store +bin +.idea/ + + diff --git a/vendor/github.com/form3tech-oss/jwt-go/.travis.yml b/vendor/github.com/form3tech-oss/jwt-go/.travis.yml new file mode 100644 index 000000000000..3c7fb7e1ae64 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/.travis.yml @@ -0,0 +1,12 @@ +language: go + +script: + - go vet ./... + - go test -v ./... + +go: + - 1.12 + - 1.13 + - 1.14 + - 1.15 + - tip diff --git a/vendor/github.com/form3tech-oss/jwt-go/LICENSE b/vendor/github.com/form3tech-oss/jwt-go/LICENSE new file mode 100644 index 000000000000..df83a9c2f019 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/LICENSE @@ -0,0 +1,8 @@ +Copyright (c) 2012 Dave Grijalva + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + diff --git a/vendor/github.com/form3tech-oss/jwt-go/MIGRATION_GUIDE.md b/vendor/github.com/form3tech-oss/jwt-go/MIGRATION_GUIDE.md new file mode 100644 index 000000000000..7fc1f793cbc4 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/MIGRATION_GUIDE.md @@ -0,0 +1,97 @@ +## Migration Guide from v2 -> v3 + +Version 3 adds several new, frequently requested features. To do so, it introduces a few breaking changes. We've worked to keep these as minimal as possible. This guide explains the breaking changes and how you can quickly update your code. + +### `Token.Claims` is now an interface type + +The most requested feature from the 2.0 verison of this library was the ability to provide a custom type to the JSON parser for claims. This was implemented by introducing a new interface, `Claims`, to replace `map[string]interface{}`. We also included two concrete implementations of `Claims`: `MapClaims` and `StandardClaims`. + +`MapClaims` is an alias for `map[string]interface{}` with built in validation behavior. It is the default claims type when using `Parse`. The usage is unchanged except you must type cast the claims property. + +The old example for parsing a token looked like this.. + +```go + if token, err := jwt.Parse(tokenString, keyLookupFunc); err == nil { + fmt.Printf("Token for user %v expires %v", token.Claims["user"], token.Claims["exp"]) + } +``` + +is now directly mapped to... + +```go + if token, err := jwt.Parse(tokenString, keyLookupFunc); err == nil { + claims := token.Claims.(jwt.MapClaims) + fmt.Printf("Token for user %v expires %v", claims["user"], claims["exp"]) + } +``` + +`StandardClaims` is designed to be embedded in your custom type. You can supply a custom claims type with the new `ParseWithClaims` function. Here's an example of using a custom claims type. + +```go + type MyCustomClaims struct { + User string + *StandardClaims + } + + if token, err := jwt.ParseWithClaims(tokenString, &MyCustomClaims{}, keyLookupFunc); err == nil { + claims := token.Claims.(*MyCustomClaims) + fmt.Printf("Token for user %v expires %v", claims.User, claims.StandardClaims.ExpiresAt) + } +``` + +### `ParseFromRequest` has been moved + +To keep this library focused on the tokens without becoming overburdened with complex request processing logic, `ParseFromRequest` and its new companion `ParseFromRequestWithClaims` have been moved to a subpackage, `request`. The method signatues have also been augmented to receive a new argument: `Extractor`. + +`Extractors` do the work of picking the token string out of a request. The interface is simple and composable. + +This simple parsing example: + +```go + if token, err := jwt.ParseFromRequest(tokenString, req, keyLookupFunc); err == nil { + fmt.Printf("Token for user %v expires %v", token.Claims["user"], token.Claims["exp"]) + } +``` + +is directly mapped to: + +```go + if token, err := request.ParseFromRequest(req, request.OAuth2Extractor, keyLookupFunc); err == nil { + claims := token.Claims.(jwt.MapClaims) + fmt.Printf("Token for user %v expires %v", claims["user"], claims["exp"]) + } +``` + +There are several concrete `Extractor` types provided for your convenience: + +* `HeaderExtractor` will search a list of headers until one contains content. +* `ArgumentExtractor` will search a list of keys in request query and form arguments until one contains content. +* `MultiExtractor` will try a list of `Extractors` in order until one returns content. +* `AuthorizationHeaderExtractor` will look in the `Authorization` header for a `Bearer` token. +* `OAuth2Extractor` searches the places an OAuth2 token would be specified (per the spec): `Authorization` header and `access_token` argument +* `PostExtractionFilter` wraps an `Extractor`, allowing you to process the content before it's parsed. A simple example is stripping the `Bearer ` text from a header + + +### RSA signing methods no longer accept `[]byte` keys + +Due to a [critical vulnerability](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/), we've decided the convenience of accepting `[]byte` instead of `rsa.PublicKey` or `rsa.PrivateKey` isn't worth the risk of misuse. + +To replace this behavior, we've added two helper methods: `ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error)` and `ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error)`. These are just simple helpers for unpacking PEM encoded PKCS1 and PKCS8 keys. If your keys are encoded any other way, all you need to do is convert them to the `crypto/rsa` package's types. + +```go + func keyLookupFunc(*Token) (interface{}, error) { + // Don't forget to validate the alg is what you expect: + if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok { + return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) + } + + // Look up key + key, err := lookupPublicKey(token.Header["kid"]) + if err != nil { + return nil, err + } + + // Unpack key from PEM encoded PKCS8 + return jwt.ParseRSAPublicKeyFromPEM(key) + } +``` diff --git a/vendor/github.com/form3tech-oss/jwt-go/README.md b/vendor/github.com/form3tech-oss/jwt-go/README.md new file mode 100644 index 000000000000..d7749077fde6 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/README.md @@ -0,0 +1,104 @@ +# jwt-go + +[![Build Status](https://travis-ci.org/dgrijalva/jwt-go.svg?branch=master)](https://travis-ci.org/dgrijalva/jwt-go) +[![GoDoc](https://godoc.org/github.com/dgrijalva/jwt-go?status.svg)](https://godoc.org/github.com/dgrijalva/jwt-go) + +A [go](http://www.golang.org) (or 'golang' for search engine friendliness) implementation of [JSON Web Tokens](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html) + +**NEW VERSION COMING:** There have been a lot of improvements suggested since the version 3.0.0 released in 2016. I'm working now on cutting two different releases: 3.2.0 will contain any non-breaking changes or enhancements. 4.0.0 will follow shortly which will include breaking changes. See the 4.0.0 milestone to get an idea of what's coming. If you have other ideas, or would like to participate in 4.0.0, now's the time. If you depend on this library and don't want to be interrupted, I recommend you use your dependency mangement tool to pin to version 3. + +**SECURITY NOTICE:** Some older versions of Go have a security issue in the cryotp/elliptic. Recommendation is to upgrade to at least 1.8.3. See issue #216 for more detail. + +**SECURITY NOTICE:** It's important that you [validate the `alg` presented is what you expect](https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/). This library attempts to make it easy to do the right thing by requiring key types match the expected alg, but you should take the extra step to verify it in your usage. See the examples provided. + +## What the heck is a JWT? + +JWT.io has [a great introduction](https://jwt.io/introduction) to JSON Web Tokens. + +In short, it's a signed JSON object that does something useful (for example, authentication). It's commonly used for `Bearer` tokens in Oauth 2. A token is made of three parts, separated by `.`'s. The first two parts are JSON objects, that have been [base64url](http://tools.ietf.org/html/rfc4648) encoded. The last part is the signature, encoded the same way. + +The first part is called the header. It contains the necessary information for verifying the last part, the signature. For example, which encryption method was used for signing and what key was used. + +The part in the middle is the interesting bit. It's called the Claims and contains the actual stuff you care about. Refer to [the RFC](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html) for information about reserved keys and the proper way to add your own. + +## What's in the box? + +This library supports the parsing and verification as well as the generation and signing of JWTs. Current supported signing algorithms are HMAC SHA, RSA, RSA-PSS, and ECDSA, though hooks are present for adding your own. + +## Examples + +See [the project documentation](https://godoc.org/github.com/dgrijalva/jwt-go) for examples of usage: + +* [Simple example of parsing and validating a token](https://godoc.org/github.com/dgrijalva/jwt-go#example-Parse--Hmac) +* [Simple example of building and signing a token](https://godoc.org/github.com/dgrijalva/jwt-go#example-New--Hmac) +* [Directory of Examples](https://godoc.org/github.com/dgrijalva/jwt-go#pkg-examples) + +## Extensions + +This library publishes all the necessary components for adding your own signing methods. Simply implement the `SigningMethod` interface and register a factory method using `RegisterSigningMethod`. + +Here's an example of an extension that integrates with multiple Google Cloud Platform signing tools (AppEngine, IAM API, Cloud KMS): https://github.com/someone1/gcp-jwt-go + +## Compliance + +This library was last reviewed to comply with [RTF 7519](http://www.rfc-editor.org/info/rfc7519) dated May 2015 with a few notable differences: + +* In order to protect against accidental use of [Unsecured JWTs](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#UnsecuredJWT), tokens using `alg=none` will only be accepted if the constant `jwt.UnsafeAllowNoneSignatureType` is provided as the key. + +## Project Status & Versioning + +This library is considered production ready. Feedback and feature requests are appreciated. The API should be considered stable. There should be very few backwards-incompatible changes outside of major version updates (and only with good reason). + +This project uses [Semantic Versioning 2.0.0](http://semver.org). Accepted pull requests will land on `master`. Periodically, versions will be tagged from `master`. You can find all the releases on [the project releases page](https://github.com/dgrijalva/jwt-go/releases). + +While we try to make it obvious when we make breaking changes, there isn't a great mechanism for pushing announcements out to users. You may want to use this alternative package include: `gopkg.in/dgrijalva/jwt-go.v3`. It will do the right thing WRT semantic versioning. + +**BREAKING CHANGES:*** +* Version 3.0.0 includes _a lot_ of changes from the 2.x line, including a few that break the API. We've tried to break as few things as possible, so there should just be a few type signature changes. A full list of breaking changes is available in `VERSION_HISTORY.md`. See `MIGRATION_GUIDE.md` for more information on updating your code. + +## Usage Tips + +### Signing vs Encryption + +A token is simply a JSON object that is signed by its author. this tells you exactly two things about the data: + +* The author of the token was in the possession of the signing secret +* The data has not been modified since it was signed + +It's important to know that JWT does not provide encryption, which means anyone who has access to the token can read its contents. If you need to protect (encrypt) the data, there is a companion spec, `JWE`, that provides this functionality. JWE is currently outside the scope of this library. + +### Choosing a Signing Method + +There are several signing methods available, and you should probably take the time to learn about the various options before choosing one. The principal design decision is most likely going to be symmetric vs asymmetric. + +Symmetric signing methods, such as HSA, use only a single secret. This is probably the simplest signing method to use since any `[]byte` can be used as a valid secret. They are also slightly computationally faster to use, though this rarely is enough to matter. Symmetric signing methods work the best when both producers and consumers of tokens are trusted, or even the same system. Since the same secret is used to both sign and validate tokens, you can't easily distribute the key for validation. + +Asymmetric signing methods, such as RSA, use different keys for signing and verifying tokens. This makes it possible to produce tokens with a private key, and allow any consumer to access the public key for verification. + +### Signing Methods and Key Types + +Each signing method expects a different object type for its signing keys. See the package documentation for details. Here are the most common ones: + +* The [HMAC signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation +* The [RSA signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation +* The [ECDSA signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation + +### JWT and OAuth + +It's worth mentioning that OAuth and JWT are not the same thing. A JWT token is simply a signed JSON object. It can be used anywhere such a thing is useful. There is some confusion, though, as JWT is the most common type of bearer token used in OAuth2 authentication. + +Without going too far down the rabbit hole, here's a description of the interaction of these technologies: + +* OAuth is a protocol for allowing an identity provider to be separate from the service a user is logging in to. For example, whenever you use Facebook to log into a different service (Yelp, Spotify, etc), you are using OAuth. +* OAuth defines several options for passing around authentication data. One popular method is called a "bearer token". A bearer token is simply a string that _should_ only be held by an authenticated user. Thus, simply presenting this token proves your identity. You can probably derive from here why a JWT might make a good bearer token. +* Because bearer tokens are used for authentication, it's important they're kept secret. This is why transactions that use bearer tokens typically happen over SSL. + +### Troubleshooting + +This library uses descriptive error messages whenever possible. If you are not getting the expected result, have a look at the errors. The most common place people get stuck is providing the correct type of key to the parser. See the above section on signing methods and key types. + +## More + +Documentation can be found [on godoc.org](http://godoc.org/github.com/dgrijalva/jwt-go). + +The command line utility included in this project (cmd/jwt) provides a straightforward example of token creation and parsing as well as a useful tool for debugging your own integration. You'll also find several implementation examples in the documentation. diff --git a/vendor/github.com/form3tech-oss/jwt-go/VERSION_HISTORY.md b/vendor/github.com/form3tech-oss/jwt-go/VERSION_HISTORY.md new file mode 100644 index 000000000000..6370298313a6 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/VERSION_HISTORY.md @@ -0,0 +1,118 @@ +## `jwt-go` Version History + +#### 3.2.0 + +* Added method `ParseUnverified` to allow users to split up the tasks of parsing and validation +* HMAC signing method returns `ErrInvalidKeyType` instead of `ErrInvalidKey` where appropriate +* Added options to `request.ParseFromRequest`, which allows for an arbitrary list of modifiers to parsing behavior. Initial set include `WithClaims` and `WithParser`. Existing usage of this function will continue to work as before. +* Deprecated `ParseFromRequestWithClaims` to simplify API in the future. + +#### 3.1.0 + +* Improvements to `jwt` command line tool +* Added `SkipClaimsValidation` option to `Parser` +* Documentation updates + +#### 3.0.0 + +* **Compatibility Breaking Changes**: See MIGRATION_GUIDE.md for tips on updating your code + * Dropped support for `[]byte` keys when using RSA signing methods. This convenience feature could contribute to security vulnerabilities involving mismatched key types with signing methods. + * `ParseFromRequest` has been moved to `request` subpackage and usage has changed + * The `Claims` property on `Token` is now type `Claims` instead of `map[string]interface{}`. The default value is type `MapClaims`, which is an alias to `map[string]interface{}`. This makes it possible to use a custom type when decoding claims. +* Other Additions and Changes + * Added `Claims` interface type to allow users to decode the claims into a custom type + * Added `ParseWithClaims`, which takes a third argument of type `Claims`. Use this function instead of `Parse` if you have a custom type you'd like to decode into. + * Dramatically improved the functionality and flexibility of `ParseFromRequest`, which is now in the `request` subpackage + * Added `ParseFromRequestWithClaims` which is the `FromRequest` equivalent of `ParseWithClaims` + * Added new interface type `Extractor`, which is used for extracting JWT strings from http requests. Used with `ParseFromRequest` and `ParseFromRequestWithClaims`. + * Added several new, more specific, validation errors to error type bitmask + * Moved examples from README to executable example files + * Signing method registry is now thread safe + * Added new property to `ValidationError`, which contains the raw error returned by calls made by parse/verify (such as those returned by keyfunc or json parser) + +#### 2.7.0 + +This will likely be the last backwards compatible release before 3.0.0, excluding essential bug fixes. + +* Added new option `-show` to the `jwt` command that will just output the decoded token without verifying +* Error text for expired tokens includes how long it's been expired +* Fixed incorrect error returned from `ParseRSAPublicKeyFromPEM` +* Documentation updates + +#### 2.6.0 + +* Exposed inner error within ValidationError +* Fixed validation errors when using UseJSONNumber flag +* Added several unit tests + +#### 2.5.0 + +* Added support for signing method none. You shouldn't use this. The API tries to make this clear. +* Updated/fixed some documentation +* Added more helpful error message when trying to parse tokens that begin with `BEARER ` + +#### 2.4.0 + +* Added new type, Parser, to allow for configuration of various parsing parameters + * You can now specify a list of valid signing methods. Anything outside this set will be rejected. + * You can now opt to use the `json.Number` type instead of `float64` when parsing token JSON +* Added support for [Travis CI](https://travis-ci.org/dgrijalva/jwt-go) +* Fixed some bugs with ECDSA parsing + +#### 2.3.0 + +* Added support for ECDSA signing methods +* Added support for RSA PSS signing methods (requires go v1.4) + +#### 2.2.0 + +* Gracefully handle a `nil` `Keyfunc` being passed to `Parse`. Result will now be the parsed token and an error, instead of a panic. + +#### 2.1.0 + +Backwards compatible API change that was missed in 2.0.0. + +* The `SignedString` method on `Token` now takes `interface{}` instead of `[]byte` + +#### 2.0.0 + +There were two major reasons for breaking backwards compatibility with this update. The first was a refactor required to expand the width of the RSA and HMAC-SHA signing implementations. There will likely be no required code changes to support this change. + +The second update, while unfortunately requiring a small change in integration, is required to open up this library to other signing methods. Not all keys used for all signing methods have a single standard on-disk representation. Requiring `[]byte` as the type for all keys proved too limiting. Additionally, this implementation allows for pre-parsed tokens to be reused, which might matter in an application that parses a high volume of tokens with a small set of keys. Backwards compatibilty has been maintained for passing `[]byte` to the RSA signing methods, but they will also accept `*rsa.PublicKey` and `*rsa.PrivateKey`. + +It is likely the only integration change required here will be to change `func(t *jwt.Token) ([]byte, error)` to `func(t *jwt.Token) (interface{}, error)` when calling `Parse`. + +* **Compatibility Breaking Changes** + * `SigningMethodHS256` is now `*SigningMethodHMAC` instead of `type struct` + * `SigningMethodRS256` is now `*SigningMethodRSA` instead of `type struct` + * `KeyFunc` now returns `interface{}` instead of `[]byte` + * `SigningMethod.Sign` now takes `interface{}` instead of `[]byte` for the key + * `SigningMethod.Verify` now takes `interface{}` instead of `[]byte` for the key +* Renamed type `SigningMethodHS256` to `SigningMethodHMAC`. Specific sizes are now just instances of this type. + * Added public package global `SigningMethodHS256` + * Added public package global `SigningMethodHS384` + * Added public package global `SigningMethodHS512` +* Renamed type `SigningMethodRS256` to `SigningMethodRSA`. Specific sizes are now just instances of this type. + * Added public package global `SigningMethodRS256` + * Added public package global `SigningMethodRS384` + * Added public package global `SigningMethodRS512` +* Moved sample private key for HMAC tests from an inline value to a file on disk. Value is unchanged. +* Refactored the RSA implementation to be easier to read +* Exposed helper methods `ParseRSAPrivateKeyFromPEM` and `ParseRSAPublicKeyFromPEM` + +#### 1.0.2 + +* Fixed bug in parsing public keys from certificates +* Added more tests around the parsing of keys for RS256 +* Code refactoring in RS256 implementation. No functional changes + +#### 1.0.1 + +* Fixed panic if RS256 signing method was passed an invalid key + +#### 1.0.0 + +* First versioned release +* API stabilized +* Supports creating, signing, parsing, and validating JWT tokens +* Supports RS256 and HS256 signing methods \ No newline at end of file diff --git a/vendor/github.com/form3tech-oss/jwt-go/claims.go b/vendor/github.com/form3tech-oss/jwt-go/claims.go new file mode 100644 index 000000000000..624890666c66 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/claims.go @@ -0,0 +1,136 @@ +package jwt + +import ( + "crypto/subtle" + "fmt" + "time" +) + +// For a type to be a Claims object, it must just have a Valid method that determines +// if the token is invalid for any supported reason +type Claims interface { + Valid() error +} + +// Structured version of Claims Section, as referenced at +// https://tools.ietf.org/html/rfc7519#section-4.1 +// See examples for how to use this with your own claim types +type StandardClaims struct { + Audience []string `json:"aud,omitempty"` + ExpiresAt int64 `json:"exp,omitempty"` + Id string `json:"jti,omitempty"` + IssuedAt int64 `json:"iat,omitempty"` + Issuer string `json:"iss,omitempty"` + NotBefore int64 `json:"nbf,omitempty"` + Subject string `json:"sub,omitempty"` +} + +// Validates time based claims "exp, iat, nbf". +// There is no accounting for clock skew. +// As well, if any of the above claims are not in the token, it will still +// be considered a valid claim. +func (c StandardClaims) Valid() error { + vErr := new(ValidationError) + now := TimeFunc().Unix() + + // The claims below are optional, by default, so if they are set to the + // default value in Go, let's not fail the verification for them. + if c.VerifyExpiresAt(now, false) == false { + delta := time.Unix(now, 0).Sub(time.Unix(c.ExpiresAt, 0)) + vErr.Inner = fmt.Errorf("token is expired by %v", delta) + vErr.Errors |= ValidationErrorExpired + } + + if c.VerifyIssuedAt(now, false) == false { + vErr.Inner = fmt.Errorf("Token used before issued") + vErr.Errors |= ValidationErrorIssuedAt + } + + if c.VerifyNotBefore(now, false) == false { + vErr.Inner = fmt.Errorf("token is not valid yet") + vErr.Errors |= ValidationErrorNotValidYet + } + + if vErr.valid() { + return nil + } + + return vErr +} + +// Compares the aud claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (c *StandardClaims) VerifyAudience(cmp string, req bool) bool { + return verifyAud(c.Audience, cmp, req) +} + +// Compares the exp claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (c *StandardClaims) VerifyExpiresAt(cmp int64, req bool) bool { + return verifyExp(c.ExpiresAt, cmp, req) +} + +// Compares the iat claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (c *StandardClaims) VerifyIssuedAt(cmp int64, req bool) bool { + return verifyIat(c.IssuedAt, cmp, req) +} + +// Compares the iss claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (c *StandardClaims) VerifyIssuer(cmp string, req bool) bool { + return verifyIss(c.Issuer, cmp, req) +} + +// Compares the nbf claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (c *StandardClaims) VerifyNotBefore(cmp int64, req bool) bool { + return verifyNbf(c.NotBefore, cmp, req) +} + +// ----- helpers + +func verifyAud(aud []string, cmp string, required bool) bool { + if len(aud) == 0 { + return !required + } + + for _, a := range aud { + if subtle.ConstantTimeCompare([]byte(a), []byte(cmp)) != 0 { + return true + } + } + return false +} + +func verifyExp(exp int64, now int64, required bool) bool { + if exp == 0 { + return !required + } + return now <= exp +} + +func verifyIat(iat int64, now int64, required bool) bool { + if iat == 0 { + return !required + } + return now >= iat +} + +func verifyIss(iss string, cmp string, required bool) bool { + if iss == "" { + return !required + } + if subtle.ConstantTimeCompare([]byte(iss), []byte(cmp)) != 0 { + return true + } else { + return false + } +} + +func verifyNbf(nbf int64, now int64, required bool) bool { + if nbf == 0 { + return !required + } + return now >= nbf +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/doc.go b/vendor/github.com/form3tech-oss/jwt-go/doc.go new file mode 100644 index 000000000000..a86dc1a3b348 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/doc.go @@ -0,0 +1,4 @@ +// Package jwt is a Go implementation of JSON Web Tokens: http://self-issued.info/docs/draft-jones-json-web-token.html +// +// See README.md for more info. +package jwt diff --git a/vendor/github.com/form3tech-oss/jwt-go/ecdsa.go b/vendor/github.com/form3tech-oss/jwt-go/ecdsa.go new file mode 100644 index 000000000000..f977381240e3 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/ecdsa.go @@ -0,0 +1,148 @@ +package jwt + +import ( + "crypto" + "crypto/ecdsa" + "crypto/rand" + "errors" + "math/big" +) + +var ( + // Sadly this is missing from crypto/ecdsa compared to crypto/rsa + ErrECDSAVerification = errors.New("crypto/ecdsa: verification error") +) + +// Implements the ECDSA family of signing methods signing methods +// Expects *ecdsa.PrivateKey for signing and *ecdsa.PublicKey for verification +type SigningMethodECDSA struct { + Name string + Hash crypto.Hash + KeySize int + CurveBits int +} + +// Specific instances for EC256 and company +var ( + SigningMethodES256 *SigningMethodECDSA + SigningMethodES384 *SigningMethodECDSA + SigningMethodES512 *SigningMethodECDSA +) + +func init() { + // ES256 + SigningMethodES256 = &SigningMethodECDSA{"ES256", crypto.SHA256, 32, 256} + RegisterSigningMethod(SigningMethodES256.Alg(), func() SigningMethod { + return SigningMethodES256 + }) + + // ES384 + SigningMethodES384 = &SigningMethodECDSA{"ES384", crypto.SHA384, 48, 384} + RegisterSigningMethod(SigningMethodES384.Alg(), func() SigningMethod { + return SigningMethodES384 + }) + + // ES512 + SigningMethodES512 = &SigningMethodECDSA{"ES512", crypto.SHA512, 66, 521} + RegisterSigningMethod(SigningMethodES512.Alg(), func() SigningMethod { + return SigningMethodES512 + }) +} + +func (m *SigningMethodECDSA) Alg() string { + return m.Name +} + +// Implements the Verify method from SigningMethod +// For this verify method, key must be an ecdsa.PublicKey struct +func (m *SigningMethodECDSA) Verify(signingString, signature string, key interface{}) error { + var err error + + // Decode the signature + var sig []byte + if sig, err = DecodeSegment(signature); err != nil { + return err + } + + // Get the key + var ecdsaKey *ecdsa.PublicKey + switch k := key.(type) { + case *ecdsa.PublicKey: + ecdsaKey = k + default: + return ErrInvalidKeyType + } + + if len(sig) != 2*m.KeySize { + return ErrECDSAVerification + } + + r := big.NewInt(0).SetBytes(sig[:m.KeySize]) + s := big.NewInt(0).SetBytes(sig[m.KeySize:]) + + // Create hasher + if !m.Hash.Available() { + return ErrHashUnavailable + } + hasher := m.Hash.New() + hasher.Write([]byte(signingString)) + + // Verify the signature + if verifystatus := ecdsa.Verify(ecdsaKey, hasher.Sum(nil), r, s); verifystatus == true { + return nil + } else { + return ErrECDSAVerification + } +} + +// Implements the Sign method from SigningMethod +// For this signing method, key must be an ecdsa.PrivateKey struct +func (m *SigningMethodECDSA) Sign(signingString string, key interface{}) (string, error) { + // Get the key + var ecdsaKey *ecdsa.PrivateKey + switch k := key.(type) { + case *ecdsa.PrivateKey: + ecdsaKey = k + default: + return "", ErrInvalidKeyType + } + + // Create the hasher + if !m.Hash.Available() { + return "", ErrHashUnavailable + } + + hasher := m.Hash.New() + hasher.Write([]byte(signingString)) + + // Sign the string and return r, s + if r, s, err := ecdsa.Sign(rand.Reader, ecdsaKey, hasher.Sum(nil)); err == nil { + curveBits := ecdsaKey.Curve.Params().BitSize + + if m.CurveBits != curveBits { + return "", ErrInvalidKey + } + + keyBytes := curveBits / 8 + if curveBits%8 > 0 { + keyBytes += 1 + } + + // We serialize the outpus (r and s) into big-endian byte arrays and pad + // them with zeros on the left to make sure the sizes work out. Both arrays + // must be keyBytes long, and the output must be 2*keyBytes long. + rBytes := r.Bytes() + rBytesPadded := make([]byte, keyBytes) + copy(rBytesPadded[keyBytes-len(rBytes):], rBytes) + + sBytes := s.Bytes() + sBytesPadded := make([]byte, keyBytes) + copy(sBytesPadded[keyBytes-len(sBytes):], sBytes) + + out := append(rBytesPadded, sBytesPadded...) + + return EncodeSegment(out), nil + } else { + return "", err + } +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/ecdsa_utils.go b/vendor/github.com/form3tech-oss/jwt-go/ecdsa_utils.go new file mode 100644 index 000000000000..db9f4be7d8ea --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/ecdsa_utils.go @@ -0,0 +1,69 @@ +package jwt + +import ( + "crypto/ecdsa" + "crypto/x509" + "encoding/pem" + "errors" +) + +var ( + ErrNotECPublicKey = errors.New("Key is not a valid ECDSA public key") + ErrNotECPrivateKey = errors.New("Key is not a valid ECDSA private key") +) + +// Parse PEM encoded Elliptic Curve Private Key Structure +func ParseECPrivateKeyFromPEM(key []byte) (*ecdsa.PrivateKey, error) { + var err error + + // Parse PEM block + var block *pem.Block + if block, _ = pem.Decode(key); block == nil { + return nil, ErrKeyMustBePEMEncoded + } + + // Parse the key + var parsedKey interface{} + if parsedKey, err = x509.ParseECPrivateKey(block.Bytes); err != nil { + if parsedKey, err = x509.ParsePKCS8PrivateKey(block.Bytes); err != nil { + return nil, err + } + } + + var pkey *ecdsa.PrivateKey + var ok bool + if pkey, ok = parsedKey.(*ecdsa.PrivateKey); !ok { + return nil, ErrNotECPrivateKey + } + + return pkey, nil +} + +// Parse PEM encoded PKCS1 or PKCS8 public key +func ParseECPublicKeyFromPEM(key []byte) (*ecdsa.PublicKey, error) { + var err error + + // Parse PEM block + var block *pem.Block + if block, _ = pem.Decode(key); block == nil { + return nil, ErrKeyMustBePEMEncoded + } + + // Parse the key + var parsedKey interface{} + if parsedKey, err = x509.ParsePKIXPublicKey(block.Bytes); err != nil { + if cert, err := x509.ParseCertificate(block.Bytes); err == nil { + parsedKey = cert.PublicKey + } else { + return nil, err + } + } + + var pkey *ecdsa.PublicKey + var ok bool + if pkey, ok = parsedKey.(*ecdsa.PublicKey); !ok { + return nil, ErrNotECPublicKey + } + + return pkey, nil +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/errors.go b/vendor/github.com/form3tech-oss/jwt-go/errors.go new file mode 100644 index 000000000000..1c93024aad2e --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/errors.go @@ -0,0 +1,59 @@ +package jwt + +import ( + "errors" +) + +// Error constants +var ( + ErrInvalidKey = errors.New("key is invalid") + ErrInvalidKeyType = errors.New("key is of invalid type") + ErrHashUnavailable = errors.New("the requested hash function is unavailable") +) + +// The errors that might occur when parsing and validating a token +const ( + ValidationErrorMalformed uint32 = 1 << iota // Token is malformed + ValidationErrorUnverifiable // Token could not be verified because of signing problems + ValidationErrorSignatureInvalid // Signature validation failed + + // Standard Claim validation errors + ValidationErrorAudience // AUD validation failed + ValidationErrorExpired // EXP validation failed + ValidationErrorIssuedAt // IAT validation failed + ValidationErrorIssuer // ISS validation failed + ValidationErrorNotValidYet // NBF validation failed + ValidationErrorId // JTI validation failed + ValidationErrorClaimsInvalid // Generic claims validation error +) + +// Helper for constructing a ValidationError with a string error message +func NewValidationError(errorText string, errorFlags uint32) *ValidationError { + return &ValidationError{ + text: errorText, + Errors: errorFlags, + } +} + +// The error from Parse if token is not valid +type ValidationError struct { + Inner error // stores the error returned by external dependencies, i.e.: KeyFunc + Errors uint32 // bitfield. see ValidationError... constants + text string // errors that do not have a valid error just have text +} + +// Validation error is an error type +func (e ValidationError) Error() string { + if e.Inner != nil { + return e.Inner.Error() + } else if e.text != "" { + return e.text + } else { + return "token is invalid" + } +} + +// No errors +func (e *ValidationError) valid() bool { + return e.Errors == 0 +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/hmac.go b/vendor/github.com/form3tech-oss/jwt-go/hmac.go new file mode 100644 index 000000000000..addbe5d40182 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/hmac.go @@ -0,0 +1,95 @@ +package jwt + +import ( + "crypto" + "crypto/hmac" + "errors" +) + +// Implements the HMAC-SHA family of signing methods signing methods +// Expects key type of []byte for both signing and validation +type SigningMethodHMAC struct { + Name string + Hash crypto.Hash +} + +// Specific instances for HS256 and company +var ( + SigningMethodHS256 *SigningMethodHMAC + SigningMethodHS384 *SigningMethodHMAC + SigningMethodHS512 *SigningMethodHMAC + ErrSignatureInvalid = errors.New("signature is invalid") +) + +func init() { + // HS256 + SigningMethodHS256 = &SigningMethodHMAC{"HS256", crypto.SHA256} + RegisterSigningMethod(SigningMethodHS256.Alg(), func() SigningMethod { + return SigningMethodHS256 + }) + + // HS384 + SigningMethodHS384 = &SigningMethodHMAC{"HS384", crypto.SHA384} + RegisterSigningMethod(SigningMethodHS384.Alg(), func() SigningMethod { + return SigningMethodHS384 + }) + + // HS512 + SigningMethodHS512 = &SigningMethodHMAC{"HS512", crypto.SHA512} + RegisterSigningMethod(SigningMethodHS512.Alg(), func() SigningMethod { + return SigningMethodHS512 + }) +} + +func (m *SigningMethodHMAC) Alg() string { + return m.Name +} + +// Verify the signature of HSXXX tokens. Returns nil if the signature is valid. +func (m *SigningMethodHMAC) Verify(signingString, signature string, key interface{}) error { + // Verify the key is the right type + keyBytes, ok := key.([]byte) + if !ok { + return ErrInvalidKeyType + } + + // Decode signature, for comparison + sig, err := DecodeSegment(signature) + if err != nil { + return err + } + + // Can we use the specified hashing method? + if !m.Hash.Available() { + return ErrHashUnavailable + } + + // This signing method is symmetric, so we validate the signature + // by reproducing the signature from the signing string and key, then + // comparing that against the provided signature. + hasher := hmac.New(m.Hash.New, keyBytes) + hasher.Write([]byte(signingString)) + if !hmac.Equal(sig, hasher.Sum(nil)) { + return ErrSignatureInvalid + } + + // No validation errors. Signature is good. + return nil +} + +// Implements the Sign method from SigningMethod for this signing method. +// Key must be []byte +func (m *SigningMethodHMAC) Sign(signingString string, key interface{}) (string, error) { + if keyBytes, ok := key.([]byte); ok { + if !m.Hash.Available() { + return "", ErrHashUnavailable + } + + hasher := hmac.New(m.Hash.New, keyBytes) + hasher.Write([]byte(signingString)) + + return EncodeSegment(hasher.Sum(nil)), nil + } + + return "", ErrInvalidKeyType +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/map_claims.go b/vendor/github.com/form3tech-oss/jwt-go/map_claims.go new file mode 100644 index 000000000000..90ab6bea350a --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/map_claims.go @@ -0,0 +1,102 @@ +package jwt + +import ( + "encoding/json" + "errors" + // "fmt" +) + +// Claims type that uses the map[string]interface{} for JSON decoding +// This is the default claims type if you don't supply one +type MapClaims map[string]interface{} + +// Compares the aud claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (m MapClaims) VerifyAudience(cmp string, req bool) bool { + aud, ok := m["aud"].([]string) + if !ok { + strAud, ok := m["aud"].(string) + if !ok { + return false + } + aud = append(aud, strAud) + } + + return verifyAud(aud, cmp, req) +} + +// Compares the exp claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (m MapClaims) VerifyExpiresAt(cmp int64, req bool) bool { + switch exp := m["exp"].(type) { + case float64: + return verifyExp(int64(exp), cmp, req) + case json.Number: + v, _ := exp.Int64() + return verifyExp(v, cmp, req) + } + return req == false +} + +// Compares the iat claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (m MapClaims) VerifyIssuedAt(cmp int64, req bool) bool { + switch iat := m["iat"].(type) { + case float64: + return verifyIat(int64(iat), cmp, req) + case json.Number: + v, _ := iat.Int64() + return verifyIat(v, cmp, req) + } + return req == false +} + +// Compares the iss claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (m MapClaims) VerifyIssuer(cmp string, req bool) bool { + iss, _ := m["iss"].(string) + return verifyIss(iss, cmp, req) +} + +// Compares the nbf claim against cmp. +// If required is false, this method will return true if the value matches or is unset +func (m MapClaims) VerifyNotBefore(cmp int64, req bool) bool { + switch nbf := m["nbf"].(type) { + case float64: + return verifyNbf(int64(nbf), cmp, req) + case json.Number: + v, _ := nbf.Int64() + return verifyNbf(v, cmp, req) + } + return req == false +} + +// Validates time based claims "exp, iat, nbf". +// There is no accounting for clock skew. +// As well, if any of the above claims are not in the token, it will still +// be considered a valid claim. +func (m MapClaims) Valid() error { + vErr := new(ValidationError) + now := TimeFunc().Unix() + + if m.VerifyExpiresAt(now, false) == false { + vErr.Inner = errors.New("Token is expired") + vErr.Errors |= ValidationErrorExpired + } + + if m.VerifyIssuedAt(now, false) == false { + vErr.Inner = errors.New("Token used before issued") + vErr.Errors |= ValidationErrorIssuedAt + } + + if m.VerifyNotBefore(now, false) == false { + vErr.Inner = errors.New("Token is not valid yet") + vErr.Errors |= ValidationErrorNotValidYet + } + + if vErr.valid() { + return nil + } + + return vErr +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/none.go b/vendor/github.com/form3tech-oss/jwt-go/none.go new file mode 100644 index 000000000000..f04d189d067b --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/none.go @@ -0,0 +1,52 @@ +package jwt + +// Implements the none signing method. This is required by the spec +// but you probably should never use it. +var SigningMethodNone *signingMethodNone + +const UnsafeAllowNoneSignatureType unsafeNoneMagicConstant = "none signing method allowed" + +var NoneSignatureTypeDisallowedError error + +type signingMethodNone struct{} +type unsafeNoneMagicConstant string + +func init() { + SigningMethodNone = &signingMethodNone{} + NoneSignatureTypeDisallowedError = NewValidationError("'none' signature type is not allowed", ValidationErrorSignatureInvalid) + + RegisterSigningMethod(SigningMethodNone.Alg(), func() SigningMethod { + return SigningMethodNone + }) +} + +func (m *signingMethodNone) Alg() string { + return "none" +} + +// Only allow 'none' alg type if UnsafeAllowNoneSignatureType is specified as the key +func (m *signingMethodNone) Verify(signingString, signature string, key interface{}) (err error) { + // Key must be UnsafeAllowNoneSignatureType to prevent accidentally + // accepting 'none' signing method + if _, ok := key.(unsafeNoneMagicConstant); !ok { + return NoneSignatureTypeDisallowedError + } + // If signing method is none, signature must be an empty string + if signature != "" { + return NewValidationError( + "'none' signing method with non-empty signature", + ValidationErrorSignatureInvalid, + ) + } + + // Accept 'none' signing method. + return nil +} + +// Only allow 'none' signing if UnsafeAllowNoneSignatureType is specified as the key +func (m *signingMethodNone) Sign(signingString string, key interface{}) (string, error) { + if _, ok := key.(unsafeNoneMagicConstant); ok { + return "", nil + } + return "", NoneSignatureTypeDisallowedError +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/parser.go b/vendor/github.com/form3tech-oss/jwt-go/parser.go new file mode 100644 index 000000000000..d6901d9adb52 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/parser.go @@ -0,0 +1,148 @@ +package jwt + +import ( + "bytes" + "encoding/json" + "fmt" + "strings" +) + +type Parser struct { + ValidMethods []string // If populated, only these methods will be considered valid + UseJSONNumber bool // Use JSON Number format in JSON decoder + SkipClaimsValidation bool // Skip claims validation during token parsing +} + +// Parse, validate, and return a token. +// keyFunc will receive the parsed token and should return the key for validating. +// If everything is kosher, err will be nil +func (p *Parser) Parse(tokenString string, keyFunc Keyfunc) (*Token, error) { + return p.ParseWithClaims(tokenString, MapClaims{}, keyFunc) +} + +func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error) { + token, parts, err := p.ParseUnverified(tokenString, claims) + if err != nil { + return token, err + } + + // Verify signing method is in the required set + if p.ValidMethods != nil { + var signingMethodValid = false + var alg = token.Method.Alg() + for _, m := range p.ValidMethods { + if m == alg { + signingMethodValid = true + break + } + } + if !signingMethodValid { + // signing method is not in the listed set + return token, NewValidationError(fmt.Sprintf("signing method %v is invalid", alg), ValidationErrorSignatureInvalid) + } + } + + // Lookup key + var key interface{} + if keyFunc == nil { + // keyFunc was not provided. short circuiting validation + return token, NewValidationError("no Keyfunc was provided.", ValidationErrorUnverifiable) + } + if key, err = keyFunc(token); err != nil { + // keyFunc returned an error + if ve, ok := err.(*ValidationError); ok { + return token, ve + } + return token, &ValidationError{Inner: err, Errors: ValidationErrorUnverifiable} + } + + vErr := &ValidationError{} + + // Validate Claims + if !p.SkipClaimsValidation { + if err := token.Claims.Valid(); err != nil { + + // If the Claims Valid returned an error, check if it is a validation error, + // If it was another error type, create a ValidationError with a generic ClaimsInvalid flag set + if e, ok := err.(*ValidationError); !ok { + vErr = &ValidationError{Inner: err, Errors: ValidationErrorClaimsInvalid} + } else { + vErr = e + } + } + } + + // Perform validation + token.Signature = parts[2] + if err = token.Method.Verify(strings.Join(parts[0:2], "."), token.Signature, key); err != nil { + vErr.Inner = err + vErr.Errors |= ValidationErrorSignatureInvalid + } + + if vErr.valid() { + token.Valid = true + return token, nil + } + + return token, vErr +} + +// WARNING: Don't use this method unless you know what you're doing +// +// This method parses the token but doesn't validate the signature. It's only +// ever useful in cases where you know the signature is valid (because it has +// been checked previously in the stack) and you want to extract values from +// it. +func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { + parts = strings.Split(tokenString, ".") + if len(parts) != 3 { + return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} + + // parse Header + var headerBytes []byte + if headerBytes, err = DecodeSegment(parts[0]); err != nil { + if strings.HasPrefix(strings.ToLower(tokenString), "bearer ") { + return token, parts, NewValidationError("tokenstring should not contain 'bearer '", ValidationErrorMalformed) + } + return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed} + } + if err = json.Unmarshal(headerBytes, &token.Header); err != nil { + return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed} + } + + // parse Claims + var claimBytes []byte + token.Claims = claims + + if claimBytes, err = DecodeSegment(parts[1]); err != nil { + return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed} + } + dec := json.NewDecoder(bytes.NewBuffer(claimBytes)) + if p.UseJSONNumber { + dec.UseNumber() + } + // JSON Decode. Special case for map type to avoid weird pointer behavior + if c, ok := token.Claims.(MapClaims); ok { + err = dec.Decode(&c) + } else { + err = dec.Decode(&claims) + } + // Handle decode error + if err != nil { + return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed} + } + + // Lookup signature method + if method, ok := token.Header["alg"].(string); ok { + if token.Method = GetSigningMethod(method); token.Method == nil { + return token, parts, NewValidationError("signing method (alg) is unavailable.", ValidationErrorUnverifiable) + } + } else { + return token, parts, NewValidationError("signing method (alg) is unspecified.", ValidationErrorUnverifiable) + } + + return token, parts, nil +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/rsa.go b/vendor/github.com/form3tech-oss/jwt-go/rsa.go new file mode 100644 index 000000000000..e4caf1ca4a11 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/rsa.go @@ -0,0 +1,101 @@ +package jwt + +import ( + "crypto" + "crypto/rand" + "crypto/rsa" +) + +// Implements the RSA family of signing methods signing methods +// Expects *rsa.PrivateKey for signing and *rsa.PublicKey for validation +type SigningMethodRSA struct { + Name string + Hash crypto.Hash +} + +// Specific instances for RS256 and company +var ( + SigningMethodRS256 *SigningMethodRSA + SigningMethodRS384 *SigningMethodRSA + SigningMethodRS512 *SigningMethodRSA +) + +func init() { + // RS256 + SigningMethodRS256 = &SigningMethodRSA{"RS256", crypto.SHA256} + RegisterSigningMethod(SigningMethodRS256.Alg(), func() SigningMethod { + return SigningMethodRS256 + }) + + // RS384 + SigningMethodRS384 = &SigningMethodRSA{"RS384", crypto.SHA384} + RegisterSigningMethod(SigningMethodRS384.Alg(), func() SigningMethod { + return SigningMethodRS384 + }) + + // RS512 + SigningMethodRS512 = &SigningMethodRSA{"RS512", crypto.SHA512} + RegisterSigningMethod(SigningMethodRS512.Alg(), func() SigningMethod { + return SigningMethodRS512 + }) +} + +func (m *SigningMethodRSA) Alg() string { + return m.Name +} + +// Implements the Verify method from SigningMethod +// For this signing method, must be an *rsa.PublicKey structure. +func (m *SigningMethodRSA) Verify(signingString, signature string, key interface{}) error { + var err error + + // Decode the signature + var sig []byte + if sig, err = DecodeSegment(signature); err != nil { + return err + } + + var rsaKey *rsa.PublicKey + var ok bool + + if rsaKey, ok = key.(*rsa.PublicKey); !ok { + return ErrInvalidKeyType + } + + // Create hasher + if !m.Hash.Available() { + return ErrHashUnavailable + } + hasher := m.Hash.New() + hasher.Write([]byte(signingString)) + + // Verify the signature + return rsa.VerifyPKCS1v15(rsaKey, m.Hash, hasher.Sum(nil), sig) +} + +// Implements the Sign method from SigningMethod +// For this signing method, must be an *rsa.PrivateKey structure. +func (m *SigningMethodRSA) Sign(signingString string, key interface{}) (string, error) { + var rsaKey *rsa.PrivateKey + var ok bool + + // Validate type of key + if rsaKey, ok = key.(*rsa.PrivateKey); !ok { + return "", ErrInvalidKey + } + + // Create the hasher + if !m.Hash.Available() { + return "", ErrHashUnavailable + } + + hasher := m.Hash.New() + hasher.Write([]byte(signingString)) + + // Sign the string and return the encoded bytes + if sigBytes, err := rsa.SignPKCS1v15(rand.Reader, rsaKey, m.Hash, hasher.Sum(nil)); err == nil { + return EncodeSegment(sigBytes), nil + } else { + return "", err + } +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/rsa_pss.go b/vendor/github.com/form3tech-oss/jwt-go/rsa_pss.go new file mode 100644 index 000000000000..c01470864803 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/rsa_pss.go @@ -0,0 +1,142 @@ +// +build go1.4 + +package jwt + +import ( + "crypto" + "crypto/rand" + "crypto/rsa" +) + +// Implements the RSAPSS family of signing methods signing methods +type SigningMethodRSAPSS struct { + *SigningMethodRSA + Options *rsa.PSSOptions + // VerifyOptions is optional. If set overrides Options for rsa.VerifyPPS. + // Used to accept tokens signed with rsa.PSSSaltLengthAuto, what doesn't follow + // https://tools.ietf.org/html/rfc7518#section-3.5 but was used previously. + // See https://github.com/dgrijalva/jwt-go/issues/285#issuecomment-437451244 for details. + VerifyOptions *rsa.PSSOptions +} + +// Specific instances for RS/PS and company. +var ( + SigningMethodPS256 *SigningMethodRSAPSS + SigningMethodPS384 *SigningMethodRSAPSS + SigningMethodPS512 *SigningMethodRSAPSS +) + +func init() { + // PS256 + SigningMethodPS256 = &SigningMethodRSAPSS{ + SigningMethodRSA: &SigningMethodRSA{ + Name: "PS256", + Hash: crypto.SHA256, + }, + Options: &rsa.PSSOptions{ + SaltLength: rsa.PSSSaltLengthEqualsHash, + }, + VerifyOptions: &rsa.PSSOptions{ + SaltLength: rsa.PSSSaltLengthAuto, + }, + } + RegisterSigningMethod(SigningMethodPS256.Alg(), func() SigningMethod { + return SigningMethodPS256 + }) + + // PS384 + SigningMethodPS384 = &SigningMethodRSAPSS{ + SigningMethodRSA: &SigningMethodRSA{ + Name: "PS384", + Hash: crypto.SHA384, + }, + Options: &rsa.PSSOptions{ + SaltLength: rsa.PSSSaltLengthEqualsHash, + }, + VerifyOptions: &rsa.PSSOptions{ + SaltLength: rsa.PSSSaltLengthAuto, + }, + } + RegisterSigningMethod(SigningMethodPS384.Alg(), func() SigningMethod { + return SigningMethodPS384 + }) + + // PS512 + SigningMethodPS512 = &SigningMethodRSAPSS{ + SigningMethodRSA: &SigningMethodRSA{ + Name: "PS512", + Hash: crypto.SHA512, + }, + Options: &rsa.PSSOptions{ + SaltLength: rsa.PSSSaltLengthEqualsHash, + }, + VerifyOptions: &rsa.PSSOptions{ + SaltLength: rsa.PSSSaltLengthAuto, + }, + } + RegisterSigningMethod(SigningMethodPS512.Alg(), func() SigningMethod { + return SigningMethodPS512 + }) +} + +// Implements the Verify method from SigningMethod +// For this verify method, key must be an rsa.PublicKey struct +func (m *SigningMethodRSAPSS) Verify(signingString, signature string, key interface{}) error { + var err error + + // Decode the signature + var sig []byte + if sig, err = DecodeSegment(signature); err != nil { + return err + } + + var rsaKey *rsa.PublicKey + switch k := key.(type) { + case *rsa.PublicKey: + rsaKey = k + default: + return ErrInvalidKey + } + + // Create hasher + if !m.Hash.Available() { + return ErrHashUnavailable + } + hasher := m.Hash.New() + hasher.Write([]byte(signingString)) + + opts := m.Options + if m.VerifyOptions != nil { + opts = m.VerifyOptions + } + + return rsa.VerifyPSS(rsaKey, m.Hash, hasher.Sum(nil), sig, opts) +} + +// Implements the Sign method from SigningMethod +// For this signing method, key must be an rsa.PrivateKey struct +func (m *SigningMethodRSAPSS) Sign(signingString string, key interface{}) (string, error) { + var rsaKey *rsa.PrivateKey + + switch k := key.(type) { + case *rsa.PrivateKey: + rsaKey = k + default: + return "", ErrInvalidKeyType + } + + // Create the hasher + if !m.Hash.Available() { + return "", ErrHashUnavailable + } + + hasher := m.Hash.New() + hasher.Write([]byte(signingString)) + + // Sign the string and return the encoded bytes + if sigBytes, err := rsa.SignPSS(rand.Reader, rsaKey, m.Hash, hasher.Sum(nil), m.Options); err == nil { + return EncodeSegment(sigBytes), nil + } else { + return "", err + } +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/rsa_utils.go b/vendor/github.com/form3tech-oss/jwt-go/rsa_utils.go new file mode 100644 index 000000000000..14c78c292a94 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/rsa_utils.go @@ -0,0 +1,101 @@ +package jwt + +import ( + "crypto/rsa" + "crypto/x509" + "encoding/pem" + "errors" +) + +var ( + ErrKeyMustBePEMEncoded = errors.New("Invalid Key: Key must be a PEM encoded PKCS1 or PKCS8 key") + ErrNotRSAPrivateKey = errors.New("Key is not a valid RSA private key") + ErrNotRSAPublicKey = errors.New("Key is not a valid RSA public key") +) + +// Parse PEM encoded PKCS1 or PKCS8 private key +func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error) { + var err error + + // Parse PEM block + var block *pem.Block + if block, _ = pem.Decode(key); block == nil { + return nil, ErrKeyMustBePEMEncoded + } + + var parsedKey interface{} + if parsedKey, err = x509.ParsePKCS1PrivateKey(block.Bytes); err != nil { + if parsedKey, err = x509.ParsePKCS8PrivateKey(block.Bytes); err != nil { + return nil, err + } + } + + var pkey *rsa.PrivateKey + var ok bool + if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok { + return nil, ErrNotRSAPrivateKey + } + + return pkey, nil +} + +// Parse PEM encoded PKCS1 or PKCS8 private key protected with password +func ParseRSAPrivateKeyFromPEMWithPassword(key []byte, password string) (*rsa.PrivateKey, error) { + var err error + + // Parse PEM block + var block *pem.Block + if block, _ = pem.Decode(key); block == nil { + return nil, ErrKeyMustBePEMEncoded + } + + var parsedKey interface{} + + var blockDecrypted []byte + if blockDecrypted, err = x509.DecryptPEMBlock(block, []byte(password)); err != nil { + return nil, err + } + + if parsedKey, err = x509.ParsePKCS1PrivateKey(blockDecrypted); err != nil { + if parsedKey, err = x509.ParsePKCS8PrivateKey(blockDecrypted); err != nil { + return nil, err + } + } + + var pkey *rsa.PrivateKey + var ok bool + if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok { + return nil, ErrNotRSAPrivateKey + } + + return pkey, nil +} + +// Parse PEM encoded PKCS1 or PKCS8 public key +func ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error) { + var err error + + // Parse PEM block + var block *pem.Block + if block, _ = pem.Decode(key); block == nil { + return nil, ErrKeyMustBePEMEncoded + } + + // Parse the key + var parsedKey interface{} + if parsedKey, err = x509.ParsePKIXPublicKey(block.Bytes); err != nil { + if cert, err := x509.ParseCertificate(block.Bytes); err == nil { + parsedKey = cert.PublicKey + } else { + return nil, err + } + } + + var pkey *rsa.PublicKey + var ok bool + if pkey, ok = parsedKey.(*rsa.PublicKey); !ok { + return nil, ErrNotRSAPublicKey + } + + return pkey, nil +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/signing_method.go b/vendor/github.com/form3tech-oss/jwt-go/signing_method.go new file mode 100644 index 000000000000..ed1f212b21e1 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/signing_method.go @@ -0,0 +1,35 @@ +package jwt + +import ( + "sync" +) + +var signingMethods = map[string]func() SigningMethod{} +var signingMethodLock = new(sync.RWMutex) + +// Implement SigningMethod to add new methods for signing or verifying tokens. +type SigningMethod interface { + Verify(signingString, signature string, key interface{}) error // Returns nil if signature is valid + Sign(signingString string, key interface{}) (string, error) // Returns encoded signature or error + Alg() string // returns the alg identifier for this method (example: 'HS256') +} + +// Register the "alg" name and a factory function for signing method. +// This is typically done during init() in the method's implementation +func RegisterSigningMethod(alg string, f func() SigningMethod) { + signingMethodLock.Lock() + defer signingMethodLock.Unlock() + + signingMethods[alg] = f +} + +// Get a signing method from an "alg" string +func GetSigningMethod(alg string) (method SigningMethod) { + signingMethodLock.RLock() + defer signingMethodLock.RUnlock() + + if methodF, ok := signingMethods[alg]; ok { + method = methodF() + } + return +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/token.go b/vendor/github.com/form3tech-oss/jwt-go/token.go new file mode 100644 index 000000000000..d637e0867c65 --- /dev/null +++ b/vendor/github.com/form3tech-oss/jwt-go/token.go @@ -0,0 +1,108 @@ +package jwt + +import ( + "encoding/base64" + "encoding/json" + "strings" + "time" +) + +// TimeFunc provides the current time when parsing token to validate "exp" claim (expiration time). +// You can override it to use another time value. This is useful for testing or if your +// server uses a different time zone than your tokens. +var TimeFunc = time.Now + +// Parse methods use this callback function to supply +// the key for verification. The function receives the parsed, +// but unverified Token. This allows you to use properties in the +// Header of the token (such as `kid`) to identify which key to use. +type Keyfunc func(*Token) (interface{}, error) + +// A JWT Token. Different fields will be used depending on whether you're +// creating or parsing/verifying a token. +type Token struct { + Raw string // The raw token. Populated when you Parse a token + Method SigningMethod // The signing method used or to be used + Header map[string]interface{} // The first segment of the token + Claims Claims // The second segment of the token + Signature string // The third segment of the token. Populated when you Parse a token + Valid bool // Is the token valid? Populated when you Parse/Verify a token +} + +// Create a new Token. Takes a signing method +func New(method SigningMethod) *Token { + return NewWithClaims(method, MapClaims{}) +} + +func NewWithClaims(method SigningMethod, claims Claims) *Token { + return &Token{ + Header: map[string]interface{}{ + "typ": "JWT", + "alg": method.Alg(), + }, + Claims: claims, + Method: method, + } +} + +// Get the complete, signed token +func (t *Token) SignedString(key interface{}) (string, error) { + var sig, sstr string + var err error + if sstr, err = t.SigningString(); err != nil { + return "", err + } + if sig, err = t.Method.Sign(sstr, key); err != nil { + return "", err + } + return strings.Join([]string{sstr, sig}, "."), nil +} + +// Generate the signing string. This is the +// most expensive part of the whole deal. Unless you +// need this for something special, just go straight for +// the SignedString. +func (t *Token) SigningString() (string, error) { + var err error + parts := make([]string, 2) + for i, _ := range parts { + var jsonValue []byte + if i == 0 { + if jsonValue, err = json.Marshal(t.Header); err != nil { + return "", err + } + } else { + if jsonValue, err = json.Marshal(t.Claims); err != nil { + return "", err + } + } + + parts[i] = EncodeSegment(jsonValue) + } + return strings.Join(parts, "."), nil +} + +// Parse, validate, and return a token. +// keyFunc will receive the parsed token and should return the key for validating. +// If everything is kosher, err will be nil +func Parse(tokenString string, keyFunc Keyfunc) (*Token, error) { + return new(Parser).Parse(tokenString, keyFunc) +} + +func ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error) { + return new(Parser).ParseWithClaims(tokenString, claims, keyFunc) +} + +// Encode JWT specific base64url encoding with padding stripped +func EncodeSegment(seg []byte) string { + return strings.TrimRight(base64.URLEncoding.EncodeToString(seg), "=") +} + +// Decode JWT specific base64url encoding with padding stripped +func DecodeSegment(seg string) ([]byte, error) { + if l := len(seg) % 4; l > 0 { + seg += strings.Repeat("=", 4-l) + } + + return base64.URLEncoding.DecodeString(seg) +} diff --git a/vendor/github.com/go-openapi/analysis/.codecov.yml b/vendor/github.com/go-openapi/analysis/.codecov.yml deleted file mode 100644 index 841c4281e23d..000000000000 --- a/vendor/github.com/go-openapi/analysis/.codecov.yml +++ /dev/null @@ -1,5 +0,0 @@ -coverage: - status: - patch: - default: - target: 80% diff --git a/vendor/github.com/go-openapi/analysis/.gitignore b/vendor/github.com/go-openapi/analysis/.gitignore deleted file mode 100644 index 87c3bd3e66e0..000000000000 --- a/vendor/github.com/go-openapi/analysis/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -secrets.yml -coverage.out -coverage.txt -*.cov -.idea diff --git a/vendor/github.com/go-openapi/analysis/.golangci.yml b/vendor/github.com/go-openapi/analysis/.golangci.yml deleted file mode 100644 index 76af8ab1c876..000000000000 --- a/vendor/github.com/go-openapi/analysis/.golangci.yml +++ /dev/null @@ -1,27 +0,0 @@ -linters-settings: - govet: - check-shadowing: true - golint: - min-confidence: 0 - gocyclo: - min-complexity: 40 - maligned: - suggest-new: true - dupl: - threshold: 100 - goconst: - min-len: 2 - min-occurrences: 4 - -linters: - enable-all: true - disable: - - maligned - - lll - - gochecknoglobals - - gochecknoinits - # scopelint is useful, but also reports false positives - # that unfortunately can't be disabled. So we disable the - # linter rather than changing code that works. - # see: https://github.com/kyoh86/scopelint/issues/4 - - scopelint diff --git a/vendor/github.com/go-openapi/analysis/.travis.yml b/vendor/github.com/go-openapi/analysis/.travis.yml deleted file mode 100644 index 7ecf865c21c4..000000000000 --- a/vendor/github.com/go-openapi/analysis/.travis.yml +++ /dev/null @@ -1,15 +0,0 @@ -after_success: -- bash <(curl -s https://codecov.io/bash) -go: -- 1.11.x -- 1.12.x -install: -- GO111MODULE=off go get -u gotest.tools/gotestsum -env: -- GO111MODULE=on -language: go -notifications: - slack: - secure: Sf7kZf7ZGbnwWUMpffHwMu5A0cHkLK2MYY32LNTPj4+/3qC3Ghl7+9v4TSLOqOlCwdRNjOGblAq7s+GDJed6/xgRQl1JtCi1klzZNrYX4q01pgTPvvGcwbBkIYgeMaPeIRcK9OZnud7sRXdttozgTOpytps2U6Js32ip7uj5mHSg2ub0FwoSJwlS6dbezZ8+eDhoha0F/guY99BEwx8Bd+zROrT2TFGsSGOFGN6wFc7moCqTHO/YkWib13a2QNXqOxCCVBy/lt76Wp+JkeFppjHlzs/2lP3EAk13RIUAaesdEUHvIHrzCyNJEd3/+KO2DzsWOYfpktd+KBCvgaYOsoo7ubdT3IROeAegZdCgo/6xgCEsmFc9ZcqCfN5yNx2A+BZ2Vwmpws+bQ1E1+B5HDzzaiLcYfG4X2O210QVGVDLWsv1jqD+uPYeHY2WRfh5ZsIUFvaqgUEnwHwrK44/8REAhQavt1QAj5uJpsRd7CkRVPWRNK+yIky+wgbVUFEchRNmS55E7QWf+W4+4QZkQi7vUTMc9nbTUu2Es9NfvfudOpM2wZbn98fjpb/qq/nRv6Bk+ca+7XD5/IgNLMbWp2ouDdzbiHLCOfDUiHiDJhLfFZx9Bwo7ZwfzeOlbrQX66bx7xRKYmOe4DLrXhNcpbsMa8qbfxlZRCmYbubB/Y8h4= -script: -- gotestsum -f short-verbose -- -race -timeout=20m -coverprofile=coverage.txt -covermode=atomic ./... diff --git a/vendor/github.com/go-openapi/analysis/CODE_OF_CONDUCT.md b/vendor/github.com/go-openapi/analysis/CODE_OF_CONDUCT.md deleted file mode 100644 index 9322b065e37a..000000000000 --- a/vendor/github.com/go-openapi/analysis/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,74 +0,0 @@ -# Contributor Covenant Code of Conduct - -## Our Pledge - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, gender identity and expression, level of experience, -nationality, personal appearance, race, religion, or sexual identity and -orientation. - -## Our Standards - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or -advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic - address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a - professional setting - -## Our Responsibilities - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -## Scope - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at ivan+abuse@flanders.co.nz. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, -available at [http://contributor-covenant.org/version/1/4][version] - -[homepage]: http://contributor-covenant.org -[version]: http://contributor-covenant.org/version/1/4/ diff --git a/vendor/github.com/go-openapi/analysis/README.md b/vendor/github.com/go-openapi/analysis/README.md deleted file mode 100644 index efafdf8fd328..000000000000 --- a/vendor/github.com/go-openapi/analysis/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# OpenAPI initiative analysis [![Build Status](https://travis-ci.org/go-openapi/analysis.svg?branch=master)](https://travis-ci.org/go-openapi/analysis) [![Build status](https://ci.appveyor.com/api/projects/status/x377t5o9ennm847o/branch/master?svg=true)](https://ci.appveyor.com/project/casualjim/go-openapi/analysis/branch/master) [![codecov](https://codecov.io/gh/go-openapi/analysis/branch/master/graph/badge.svg)](https://codecov.io/gh/go-openapi/analysis) -[![Slack Status](https://slackin.goswagger.io/badge.svg)](https://slackin.goswagger.io) -[![license](http://img.shields.io/badge/license-Apache%20v2-orange.svg)](https://raw.githubusercontent.com/go-openapi/analysis/master/LICENSE) -[![GoDoc](https://godoc.org/github.com/go-openapi/analysis?status.svg)](http://godoc.org/github.com/go-openapi/analysis) -[![GolangCI](https://golangci.com/badges/github.com/go-openapi/analysis.svg)](https://golangci.com) -[![Go Report Card](https://goreportcard.com/badge/github.com/go-openapi/analysis)](https://goreportcard.com/report/github.com/go-openapi/analysis) - - -A foundational library to analyze an OAI specification document for easier reasoning about the content. diff --git a/vendor/github.com/go-openapi/analysis/analyzer.go b/vendor/github.com/go-openapi/analysis/analyzer.go deleted file mode 100644 index 4d98718c4e62..000000000000 --- a/vendor/github.com/go-openapi/analysis/analyzer.go +++ /dev/null @@ -1,970 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package analysis - -import ( - "fmt" - slashpath "path" - "strconv" - "strings" - - "github.com/go-openapi/jsonpointer" - "github.com/go-openapi/spec" - "github.com/go-openapi/swag" -) - -type referenceAnalysis struct { - schemas map[string]spec.Ref - responses map[string]spec.Ref - parameters map[string]spec.Ref - items map[string]spec.Ref - headerItems map[string]spec.Ref - parameterItems map[string]spec.Ref - allRefs map[string]spec.Ref - pathItems map[string]spec.Ref -} - -func (r *referenceAnalysis) addRef(key string, ref spec.Ref) { - r.allRefs["#"+key] = ref -} - -func (r *referenceAnalysis) addItemsRef(key string, items *spec.Items, location string) { - r.items["#"+key] = items.Ref - r.addRef(key, items.Ref) - if location == "header" { - // NOTE: in swagger 2.0, headers and parameters (but not body param schemas) are simple schemas - // and $ref are not supported here. However it is possible to analyze this. - r.headerItems["#"+key] = items.Ref - } else { - r.parameterItems["#"+key] = items.Ref - } -} - -func (r *referenceAnalysis) addSchemaRef(key string, ref SchemaRef) { - r.schemas["#"+key] = ref.Schema.Ref - r.addRef(key, ref.Schema.Ref) -} - -func (r *referenceAnalysis) addResponseRef(key string, resp *spec.Response) { - r.responses["#"+key] = resp.Ref - r.addRef(key, resp.Ref) -} - -func (r *referenceAnalysis) addParamRef(key string, param *spec.Parameter) { - r.parameters["#"+key] = param.Ref - r.addRef(key, param.Ref) -} - -func (r *referenceAnalysis) addPathItemRef(key string, pathItem *spec.PathItem) { - r.pathItems["#"+key] = pathItem.Ref - r.addRef(key, pathItem.Ref) -} - -type patternAnalysis struct { - parameters map[string]string - headers map[string]string - items map[string]string - schemas map[string]string - allPatterns map[string]string -} - -func (p *patternAnalysis) addPattern(key, pattern string) { - p.allPatterns["#"+key] = pattern -} - -func (p *patternAnalysis) addParameterPattern(key, pattern string) { - p.parameters["#"+key] = pattern - p.addPattern(key, pattern) -} - -func (p *patternAnalysis) addHeaderPattern(key, pattern string) { - p.headers["#"+key] = pattern - p.addPattern(key, pattern) -} - -func (p *patternAnalysis) addItemsPattern(key, pattern string) { - p.items["#"+key] = pattern - p.addPattern(key, pattern) -} - -func (p *patternAnalysis) addSchemaPattern(key, pattern string) { - p.schemas["#"+key] = pattern - p.addPattern(key, pattern) -} - -type enumAnalysis struct { - parameters map[string][]interface{} - headers map[string][]interface{} - items map[string][]interface{} - schemas map[string][]interface{} - allEnums map[string][]interface{} -} - -func (p *enumAnalysis) addEnum(key string, enum []interface{}) { - p.allEnums["#"+key] = enum -} - -func (p *enumAnalysis) addParameterEnum(key string, enum []interface{}) { - p.parameters["#"+key] = enum - p.addEnum(key, enum) -} - -func (p *enumAnalysis) addHeaderEnum(key string, enum []interface{}) { - p.headers["#"+key] = enum - p.addEnum(key, enum) -} - -func (p *enumAnalysis) addItemsEnum(key string, enum []interface{}) { - p.items["#"+key] = enum - p.addEnum(key, enum) -} - -func (p *enumAnalysis) addSchemaEnum(key string, enum []interface{}) { - p.schemas["#"+key] = enum - p.addEnum(key, enum) -} - -// New takes a swagger spec object and returns an analyzed spec document. -// The analyzed document contains a number of indices that make it easier to -// reason about semantics of a swagger specification for use in code generation -// or validation etc. -func New(doc *spec.Swagger) *Spec { - a := &Spec{ - spec: doc, - references: referenceAnalysis{}, - patterns: patternAnalysis{}, - enums: enumAnalysis{}, - } - a.reset() - a.initialize() - return a -} - -// Spec is an analyzed specification object. It takes a swagger spec object and turns it into a registry -// with a bunch of utility methods to act on the information in the spec. -type Spec struct { - spec *spec.Swagger - consumes map[string]struct{} - produces map[string]struct{} - authSchemes map[string]struct{} - operations map[string]map[string]*spec.Operation - references referenceAnalysis - patterns patternAnalysis - enums enumAnalysis - allSchemas map[string]SchemaRef - allOfs map[string]SchemaRef -} - -func (s *Spec) reset() { - s.consumes = make(map[string]struct{}, 150) - s.produces = make(map[string]struct{}, 150) - s.authSchemes = make(map[string]struct{}, 150) - s.operations = make(map[string]map[string]*spec.Operation, 150) - s.allSchemas = make(map[string]SchemaRef, 150) - s.allOfs = make(map[string]SchemaRef, 150) - s.references.schemas = make(map[string]spec.Ref, 150) - s.references.pathItems = make(map[string]spec.Ref, 150) - s.references.responses = make(map[string]spec.Ref, 150) - s.references.parameters = make(map[string]spec.Ref, 150) - s.references.items = make(map[string]spec.Ref, 150) - s.references.headerItems = make(map[string]spec.Ref, 150) - s.references.parameterItems = make(map[string]spec.Ref, 150) - s.references.allRefs = make(map[string]spec.Ref, 150) - s.patterns.parameters = make(map[string]string, 150) - s.patterns.headers = make(map[string]string, 150) - s.patterns.items = make(map[string]string, 150) - s.patterns.schemas = make(map[string]string, 150) - s.patterns.allPatterns = make(map[string]string, 150) - s.enums.parameters = make(map[string][]interface{}, 150) - s.enums.headers = make(map[string][]interface{}, 150) - s.enums.items = make(map[string][]interface{}, 150) - s.enums.schemas = make(map[string][]interface{}, 150) - s.enums.allEnums = make(map[string][]interface{}, 150) -} - -func (s *Spec) reload() { - s.reset() - s.initialize() -} - -func (s *Spec) initialize() { - for _, c := range s.spec.Consumes { - s.consumes[c] = struct{}{} - } - for _, c := range s.spec.Produces { - s.produces[c] = struct{}{} - } - for _, ss := range s.spec.Security { - for k := range ss { - s.authSchemes[k] = struct{}{} - } - } - for path, pathItem := range s.AllPaths() { - s.analyzeOperations(path, &pathItem) - } - - for name, parameter := range s.spec.Parameters { - refPref := slashpath.Join("/parameters", jsonpointer.Escape(name)) - if parameter.Items != nil { - s.analyzeItems("items", parameter.Items, refPref, "parameter") - } - if parameter.In == "body" && parameter.Schema != nil { - s.analyzeSchema("schema", *parameter.Schema, refPref) - } - if parameter.Pattern != "" { - s.patterns.addParameterPattern(refPref, parameter.Pattern) - } - if len(parameter.Enum) > 0 { - s.enums.addParameterEnum(refPref, parameter.Enum) - } - } - - for name, response := range s.spec.Responses { - refPref := slashpath.Join("/responses", jsonpointer.Escape(name)) - for k, v := range response.Headers { - hRefPref := slashpath.Join(refPref, "headers", k) - if v.Items != nil { - s.analyzeItems("items", v.Items, hRefPref, "header") - } - if v.Pattern != "" { - s.patterns.addHeaderPattern(hRefPref, v.Pattern) - } - if len(v.Enum) > 0 { - s.enums.addHeaderEnum(hRefPref, v.Enum) - } - } - if response.Schema != nil { - s.analyzeSchema("schema", *response.Schema, refPref) - } - } - - for name, schema := range s.spec.Definitions { - s.analyzeSchema(name, schema, "/definitions") - } - // TODO: after analyzing all things and flattening schemas etc - // resolve all the collected references to their final representations - // best put in a separate method because this could get expensive -} - -func (s *Spec) analyzeOperations(path string, pi *spec.PathItem) { - // TODO: resolve refs here? - // Currently, operations declared via pathItem $ref are known only after expansion - op := pi - if pi.Ref.String() != "" { - key := slashpath.Join("/paths", jsonpointer.Escape(path)) - s.references.addPathItemRef(key, pi) - } - s.analyzeOperation("GET", path, op.Get) - s.analyzeOperation("PUT", path, op.Put) - s.analyzeOperation("POST", path, op.Post) - s.analyzeOperation("PATCH", path, op.Patch) - s.analyzeOperation("DELETE", path, op.Delete) - s.analyzeOperation("HEAD", path, op.Head) - s.analyzeOperation("OPTIONS", path, op.Options) - for i, param := range op.Parameters { - refPref := slashpath.Join("/paths", jsonpointer.Escape(path), "parameters", strconv.Itoa(i)) - if param.Ref.String() != "" { - s.references.addParamRef(refPref, ¶m) - } - if param.Pattern != "" { - s.patterns.addParameterPattern(refPref, param.Pattern) - } - if len(param.Enum) > 0 { - s.enums.addParameterEnum(refPref, param.Enum) - } - if param.Items != nil { - s.analyzeItems("items", param.Items, refPref, "parameter") - } - if param.Schema != nil { - s.analyzeSchema("schema", *param.Schema, refPref) - } - } -} - -func (s *Spec) analyzeItems(name string, items *spec.Items, prefix, location string) { - if items == nil { - return - } - refPref := slashpath.Join(prefix, name) - s.analyzeItems(name, items.Items, refPref, location) - if items.Ref.String() != "" { - s.references.addItemsRef(refPref, items, location) - } - if items.Pattern != "" { - s.patterns.addItemsPattern(refPref, items.Pattern) - } - if len(items.Enum) > 0 { - s.enums.addItemsEnum(refPref, items.Enum) - } -} - -func (s *Spec) analyzeOperation(method, path string, op *spec.Operation) { - if op == nil { - return - } - - for _, c := range op.Consumes { - s.consumes[c] = struct{}{} - } - for _, c := range op.Produces { - s.produces[c] = struct{}{} - } - for _, ss := range op.Security { - for k := range ss { - s.authSchemes[k] = struct{}{} - } - } - if _, ok := s.operations[method]; !ok { - s.operations[method] = make(map[string]*spec.Operation) - } - s.operations[method][path] = op - prefix := slashpath.Join("/paths", jsonpointer.Escape(path), strings.ToLower(method)) - for i, param := range op.Parameters { - refPref := slashpath.Join(prefix, "parameters", strconv.Itoa(i)) - if param.Ref.String() != "" { - s.references.addParamRef(refPref, ¶m) - } - if param.Pattern != "" { - s.patterns.addParameterPattern(refPref, param.Pattern) - } - if len(param.Enum) > 0 { - s.enums.addParameterEnum(refPref, param.Enum) - } - s.analyzeItems("items", param.Items, refPref, "parameter") - if param.In == "body" && param.Schema != nil { - s.analyzeSchema("schema", *param.Schema, refPref) - } - } - if op.Responses != nil { - if op.Responses.Default != nil { - refPref := slashpath.Join(prefix, "responses", "default") - if op.Responses.Default.Ref.String() != "" { - s.references.addResponseRef(refPref, op.Responses.Default) - } - for k, v := range op.Responses.Default.Headers { - hRefPref := slashpath.Join(refPref, "headers", k) - s.analyzeItems("items", v.Items, hRefPref, "header") - if v.Pattern != "" { - s.patterns.addHeaderPattern(hRefPref, v.Pattern) - } - } - if op.Responses.Default.Schema != nil { - s.analyzeSchema("schema", *op.Responses.Default.Schema, refPref) - } - } - for k, res := range op.Responses.StatusCodeResponses { - refPref := slashpath.Join(prefix, "responses", strconv.Itoa(k)) - if res.Ref.String() != "" { - s.references.addResponseRef(refPref, &res) - } - for k, v := range res.Headers { - hRefPref := slashpath.Join(refPref, "headers", k) - s.analyzeItems("items", v.Items, hRefPref, "header") - if v.Pattern != "" { - s.patterns.addHeaderPattern(hRefPref, v.Pattern) - } - if len(v.Enum) > 0 { - s.enums.addHeaderEnum(hRefPref, v.Enum) - } - } - if res.Schema != nil { - s.analyzeSchema("schema", *res.Schema, refPref) - } - } - } -} - -func (s *Spec) analyzeSchema(name string, schema spec.Schema, prefix string) { - refURI := slashpath.Join(prefix, jsonpointer.Escape(name)) - schRef := SchemaRef{ - Name: name, - Schema: &schema, - Ref: spec.MustCreateRef("#" + refURI), - TopLevel: prefix == "/definitions", - } - - s.allSchemas["#"+refURI] = schRef - - if schema.Ref.String() != "" { - s.references.addSchemaRef(refURI, schRef) - } - if schema.Pattern != "" { - s.patterns.addSchemaPattern(refURI, schema.Pattern) - } - if len(schema.Enum) > 0 { - s.enums.addSchemaEnum(refURI, schema.Enum) - } - - for k, v := range schema.Definitions { - s.analyzeSchema(k, v, slashpath.Join(refURI, "definitions")) - } - for k, v := range schema.Properties { - s.analyzeSchema(k, v, slashpath.Join(refURI, "properties")) - } - for k, v := range schema.PatternProperties { - // NOTE: swagger 2.0 does not support PatternProperties. - // However it is possible to analyze this in a schema - s.analyzeSchema(k, v, slashpath.Join(refURI, "patternProperties")) - } - for i, v := range schema.AllOf { - s.analyzeSchema(strconv.Itoa(i), v, slashpath.Join(refURI, "allOf")) - } - if len(schema.AllOf) > 0 { - s.allOfs["#"+refURI] = schRef - } - for i, v := range schema.AnyOf { - // NOTE: swagger 2.0 does not support anyOf constructs. - // However it is possible to analyze this in a schema - s.analyzeSchema(strconv.Itoa(i), v, slashpath.Join(refURI, "anyOf")) - } - for i, v := range schema.OneOf { - // NOTE: swagger 2.0 does not support oneOf constructs. - // However it is possible to analyze this in a schema - s.analyzeSchema(strconv.Itoa(i), v, slashpath.Join(refURI, "oneOf")) - } - if schema.Not != nil { - // NOTE: swagger 2.0 does not support "not" constructs. - // However it is possible to analyze this in a schema - s.analyzeSchema("not", *schema.Not, refURI) - } - if schema.AdditionalProperties != nil && schema.AdditionalProperties.Schema != nil { - s.analyzeSchema("additionalProperties", *schema.AdditionalProperties.Schema, refURI) - } - if schema.AdditionalItems != nil && schema.AdditionalItems.Schema != nil { - // NOTE: swagger 2.0 does not support AdditionalItems. - // However it is possible to analyze this in a schema - s.analyzeSchema("additionalItems", *schema.AdditionalItems.Schema, refURI) - } - if schema.Items != nil { - if schema.Items.Schema != nil { - s.analyzeSchema("items", *schema.Items.Schema, refURI) - } - for i, sch := range schema.Items.Schemas { - s.analyzeSchema(strconv.Itoa(i), sch, slashpath.Join(refURI, "items")) - } - } -} - -// SecurityRequirement is a representation of a security requirement for an operation -type SecurityRequirement struct { - Name string - Scopes []string -} - -// SecurityRequirementsFor gets the security requirements for the operation -func (s *Spec) SecurityRequirementsFor(operation *spec.Operation) [][]SecurityRequirement { - if s.spec.Security == nil && operation.Security == nil { - return nil - } - - schemes := s.spec.Security - if operation.Security != nil { - schemes = operation.Security - } - - result := [][]SecurityRequirement{} - for _, scheme := range schemes { - if len(scheme) == 0 { - // append a zero object for anonymous - result = append(result, []SecurityRequirement{{}}) - continue - } - var reqs []SecurityRequirement - for k, v := range scheme { - if v == nil { - v = []string{} - } - reqs = append(reqs, SecurityRequirement{Name: k, Scopes: v}) - } - result = append(result, reqs) - } - return result -} - -// SecurityDefinitionsForRequirements gets the matching security definitions for a set of requirements -func (s *Spec) SecurityDefinitionsForRequirements(requirements []SecurityRequirement) map[string]spec.SecurityScheme { - result := make(map[string]spec.SecurityScheme) - - for _, v := range requirements { - if definition, ok := s.spec.SecurityDefinitions[v.Name]; ok { - if definition != nil { - result[v.Name] = *definition - } - } - } - return result -} - -// SecurityDefinitionsFor gets the matching security definitions for a set of requirements -func (s *Spec) SecurityDefinitionsFor(operation *spec.Operation) map[string]spec.SecurityScheme { - requirements := s.SecurityRequirementsFor(operation) - if len(requirements) == 0 { - return nil - } - - result := make(map[string]spec.SecurityScheme) - for _, reqs := range requirements { - for _, v := range reqs { - if v.Name == "" { - // optional requirement - continue - } - if _, ok := result[v.Name]; ok { - // duplicate requirement - continue - } - if definition, ok := s.spec.SecurityDefinitions[v.Name]; ok { - if definition != nil { - result[v.Name] = *definition - } - } - } - } - return result -} - -// ConsumesFor gets the mediatypes for the operation -func (s *Spec) ConsumesFor(operation *spec.Operation) []string { - - if len(operation.Consumes) == 0 { - cons := make(map[string]struct{}, len(s.spec.Consumes)) - for _, k := range s.spec.Consumes { - cons[k] = struct{}{} - } - return s.structMapKeys(cons) - } - - cons := make(map[string]struct{}, len(operation.Consumes)) - for _, c := range operation.Consumes { - cons[c] = struct{}{} - } - return s.structMapKeys(cons) -} - -// ProducesFor gets the mediatypes for the operation -func (s *Spec) ProducesFor(operation *spec.Operation) []string { - if len(operation.Produces) == 0 { - prod := make(map[string]struct{}, len(s.spec.Produces)) - for _, k := range s.spec.Produces { - prod[k] = struct{}{} - } - return s.structMapKeys(prod) - } - - prod := make(map[string]struct{}, len(operation.Produces)) - for _, c := range operation.Produces { - prod[c] = struct{}{} - } - return s.structMapKeys(prod) -} - -func mapKeyFromParam(param *spec.Parameter) string { - return fmt.Sprintf("%s#%s", param.In, fieldNameFromParam(param)) -} - -func fieldNameFromParam(param *spec.Parameter) string { - // TODO: this should be x-go-name - if nm, ok := param.Extensions.GetString("go-name"); ok { - return nm - } - return swag.ToGoName(param.Name) -} - -// ErrorOnParamFunc is a callback function to be invoked -// whenever an error is encountered while resolving references -// on parameters. -// -// This function takes as input the spec.Parameter which triggered the -// error and the error itself. -// -// If the callback function returns false, the calling function should bail. -// -// If it returns true, the calling function should continue evaluating parameters. -// A nil ErrorOnParamFunc must be evaluated as equivalent to panic(). -type ErrorOnParamFunc func(spec.Parameter, error) bool - -func (s *Spec) paramsAsMap(parameters []spec.Parameter, res map[string]spec.Parameter, callmeOnError ErrorOnParamFunc) { - for _, param := range parameters { - pr := param - if pr.Ref.String() != "" { - obj, _, err := pr.Ref.GetPointer().Get(s.spec) - if err != nil { - if callmeOnError != nil { - if callmeOnError(param, fmt.Errorf("invalid reference: %q", pr.Ref.String())) { - continue - } - break - } else { - panic(fmt.Sprintf("invalid reference: %q", pr.Ref.String())) - } - } - if objAsParam, ok := obj.(spec.Parameter); ok { - pr = objAsParam - } else { - if callmeOnError != nil { - if callmeOnError(param, fmt.Errorf("resolved reference is not a parameter: %q", pr.Ref.String())) { - continue - } - break - } else { - panic(fmt.Sprintf("resolved reference is not a parameter: %q", pr.Ref.String())) - } - } - } - res[mapKeyFromParam(&pr)] = pr - } -} - -// ParametersFor the specified operation id. -// -// Assumes parameters properly resolve references if any and that -// such references actually resolve to a parameter object. -// Otherwise, panics. -func (s *Spec) ParametersFor(operationID string) []spec.Parameter { - return s.SafeParametersFor(operationID, nil) -} - -// SafeParametersFor the specified operation id. -// -// Does not assume parameters properly resolve references or that -// such references actually resolve to a parameter object. -// -// Upon error, invoke a ErrorOnParamFunc callback with the erroneous -// parameters. If the callback is set to nil, panics upon errors. -func (s *Spec) SafeParametersFor(operationID string, callmeOnError ErrorOnParamFunc) []spec.Parameter { - gatherParams := func(pi *spec.PathItem, op *spec.Operation) []spec.Parameter { - bag := make(map[string]spec.Parameter) - s.paramsAsMap(pi.Parameters, bag, callmeOnError) - s.paramsAsMap(op.Parameters, bag, callmeOnError) - - var res []spec.Parameter - for _, v := range bag { - res = append(res, v) - } - return res - } - for _, pi := range s.spec.Paths.Paths { - if pi.Get != nil && pi.Get.ID == operationID { - return gatherParams(&pi, pi.Get) - } - if pi.Head != nil && pi.Head.ID == operationID { - return gatherParams(&pi, pi.Head) - } - if pi.Options != nil && pi.Options.ID == operationID { - return gatherParams(&pi, pi.Options) - } - if pi.Post != nil && pi.Post.ID == operationID { - return gatherParams(&pi, pi.Post) - } - if pi.Patch != nil && pi.Patch.ID == operationID { - return gatherParams(&pi, pi.Patch) - } - if pi.Put != nil && pi.Put.ID == operationID { - return gatherParams(&pi, pi.Put) - } - if pi.Delete != nil && pi.Delete.ID == operationID { - return gatherParams(&pi, pi.Delete) - } - } - return nil -} - -// ParamsFor the specified method and path. Aggregates them with the defaults etc, so it's all the params that -// apply for the method and path. -// -// Assumes parameters properly resolve references if any and that -// such references actually resolve to a parameter object. -// Otherwise, panics. -func (s *Spec) ParamsFor(method, path string) map[string]spec.Parameter { - return s.SafeParamsFor(method, path, nil) -} - -// SafeParamsFor the specified method and path. Aggregates them with the defaults etc, so it's all the params that -// apply for the method and path. -// -// Does not assume parameters properly resolve references or that -// such references actually resolve to a parameter object. -// -// Upon error, invoke a ErrorOnParamFunc callback with the erroneous -// parameters. If the callback is set to nil, panics upon errors. -func (s *Spec) SafeParamsFor(method, path string, callmeOnError ErrorOnParamFunc) map[string]spec.Parameter { - res := make(map[string]spec.Parameter) - if pi, ok := s.spec.Paths.Paths[path]; ok { - s.paramsAsMap(pi.Parameters, res, callmeOnError) - s.paramsAsMap(s.operations[strings.ToUpper(method)][path].Parameters, res, callmeOnError) - } - return res -} - -// OperationForName gets the operation for the given id -func (s *Spec) OperationForName(operationID string) (string, string, *spec.Operation, bool) { - for method, pathItem := range s.operations { - for path, op := range pathItem { - if operationID == op.ID { - return method, path, op, true - } - } - } - return "", "", nil, false -} - -// OperationFor the given method and path -func (s *Spec) OperationFor(method, path string) (*spec.Operation, bool) { - if mp, ok := s.operations[strings.ToUpper(method)]; ok { - op, fn := mp[path] - return op, fn - } - return nil, false -} - -// Operations gathers all the operations specified in the spec document -func (s *Spec) Operations() map[string]map[string]*spec.Operation { - return s.operations -} - -func (s *Spec) structMapKeys(mp map[string]struct{}) []string { - if len(mp) == 0 { - return nil - } - - result := make([]string, 0, len(mp)) - for k := range mp { - result = append(result, k) - } - return result -} - -// AllPaths returns all the paths in the swagger spec -func (s *Spec) AllPaths() map[string]spec.PathItem { - if s.spec == nil || s.spec.Paths == nil { - return nil - } - return s.spec.Paths.Paths -} - -// OperationIDs gets all the operation ids based on method an dpath -func (s *Spec) OperationIDs() []string { - if len(s.operations) == 0 { - return nil - } - result := make([]string, 0, len(s.operations)) - for method, v := range s.operations { - for p, o := range v { - if o.ID != "" { - result = append(result, o.ID) - } else { - result = append(result, fmt.Sprintf("%s %s", strings.ToUpper(method), p)) - } - } - } - return result -} - -// OperationMethodPaths gets all the operation ids based on method an dpath -func (s *Spec) OperationMethodPaths() []string { - if len(s.operations) == 0 { - return nil - } - result := make([]string, 0, len(s.operations)) - for method, v := range s.operations { - for p := range v { - result = append(result, fmt.Sprintf("%s %s", strings.ToUpper(method), p)) - } - } - return result -} - -// RequiredConsumes gets all the distinct consumes that are specified in the specification document -func (s *Spec) RequiredConsumes() []string { - return s.structMapKeys(s.consumes) -} - -// RequiredProduces gets all the distinct produces that are specified in the specification document -func (s *Spec) RequiredProduces() []string { - return s.structMapKeys(s.produces) -} - -// RequiredSecuritySchemes gets all the distinct security schemes that are specified in the swagger spec -func (s *Spec) RequiredSecuritySchemes() []string { - return s.structMapKeys(s.authSchemes) -} - -// SchemaRef is a reference to a schema -type SchemaRef struct { - Name string - Ref spec.Ref - Schema *spec.Schema - TopLevel bool -} - -// SchemasWithAllOf returns schema references to all schemas that are defined -// with an allOf key -func (s *Spec) SchemasWithAllOf() (result []SchemaRef) { - for _, v := range s.allOfs { - result = append(result, v) - } - return -} - -// AllDefinitions returns schema references for all the definitions that were discovered -func (s *Spec) AllDefinitions() (result []SchemaRef) { - for _, v := range s.allSchemas { - result = append(result, v) - } - return -} - -// AllDefinitionReferences returns json refs for all the discovered schemas -func (s *Spec) AllDefinitionReferences() (result []string) { - for _, v := range s.references.schemas { - result = append(result, v.String()) - } - return -} - -// AllParameterReferences returns json refs for all the discovered parameters -func (s *Spec) AllParameterReferences() (result []string) { - for _, v := range s.references.parameters { - result = append(result, v.String()) - } - return -} - -// AllResponseReferences returns json refs for all the discovered responses -func (s *Spec) AllResponseReferences() (result []string) { - for _, v := range s.references.responses { - result = append(result, v.String()) - } - return -} - -// AllPathItemReferences returns the references for all the items -func (s *Spec) AllPathItemReferences() (result []string) { - for _, v := range s.references.pathItems { - result = append(result, v.String()) - } - return -} - -// AllItemsReferences returns the references for all the items in simple schemas (parameters or headers). -// -// NOTE: since Swagger 2.0 forbids $ref in simple params, this should always yield an empty slice for a valid -// Swagger 2.0 spec. -func (s *Spec) AllItemsReferences() (result []string) { - for _, v := range s.references.items { - result = append(result, v.String()) - } - return -} - -// AllReferences returns all the references found in the document, with possible duplicates -func (s *Spec) AllReferences() (result []string) { - for _, v := range s.references.allRefs { - result = append(result, v.String()) - } - return -} - -// AllRefs returns all the unique references found in the document -func (s *Spec) AllRefs() (result []spec.Ref) { - set := make(map[string]struct{}) - for _, v := range s.references.allRefs { - a := v.String() - if a == "" { - continue - } - if _, ok := set[a]; !ok { - set[a] = struct{}{} - result = append(result, v) - } - } - return -} - -func cloneStringMap(source map[string]string) map[string]string { - res := make(map[string]string, len(source)) - for k, v := range source { - res[k] = v - } - return res -} - -func cloneEnumMap(source map[string][]interface{}) map[string][]interface{} { - res := make(map[string][]interface{}, len(source)) - for k, v := range source { - res[k] = v - } - return res -} - -// ParameterPatterns returns all the patterns found in parameters -// the map is cloned to avoid accidental changes -func (s *Spec) ParameterPatterns() map[string]string { - return cloneStringMap(s.patterns.parameters) -} - -// HeaderPatterns returns all the patterns found in response headers -// the map is cloned to avoid accidental changes -func (s *Spec) HeaderPatterns() map[string]string { - return cloneStringMap(s.patterns.headers) -} - -// ItemsPatterns returns all the patterns found in simple array items -// the map is cloned to avoid accidental changes -func (s *Spec) ItemsPatterns() map[string]string { - return cloneStringMap(s.patterns.items) -} - -// SchemaPatterns returns all the patterns found in schemas -// the map is cloned to avoid accidental changes -func (s *Spec) SchemaPatterns() map[string]string { - return cloneStringMap(s.patterns.schemas) -} - -// AllPatterns returns all the patterns found in the spec -// the map is cloned to avoid accidental changes -func (s *Spec) AllPatterns() map[string]string { - return cloneStringMap(s.patterns.allPatterns) -} - -// ParameterEnums returns all the enums found in parameters -// the map is cloned to avoid accidental changes -func (s *Spec) ParameterEnums() map[string][]interface{} { - return cloneEnumMap(s.enums.parameters) -} - -// HeaderEnums returns all the enums found in response headers -// the map is cloned to avoid accidental changes -func (s *Spec) HeaderEnums() map[string][]interface{} { - return cloneEnumMap(s.enums.headers) -} - -// ItemsEnums returns all the enums found in simple array items -// the map is cloned to avoid accidental changes -func (s *Spec) ItemsEnums() map[string][]interface{} { - return cloneEnumMap(s.enums.items) -} - -// SchemaEnums returns all the enums found in schemas -// the map is cloned to avoid accidental changes -func (s *Spec) SchemaEnums() map[string][]interface{} { - return cloneEnumMap(s.enums.schemas) -} - -// AllEnums returns all the enums found in the spec -// the map is cloned to avoid accidental changes -func (s *Spec) AllEnums() map[string][]interface{} { - return cloneEnumMap(s.enums.allEnums) -} diff --git a/vendor/github.com/go-openapi/analysis/appveyor.yml b/vendor/github.com/go-openapi/analysis/appveyor.yml deleted file mode 100644 index 3239d74416a7..000000000000 --- a/vendor/github.com/go-openapi/analysis/appveyor.yml +++ /dev/null @@ -1,33 +0,0 @@ -version: "0.1.{build}" - -clone_folder: C:\go-openapi\analysis -shallow_clone: true # for startup speed -pull_requests: - do_not_increment_build_number: true - -#skip_tags: true -#skip_branch_with_pr: true - -# appveyor.yml -build: off - -environment: - GOPATH: c:\gopath - -stack: go 1.12 - -test_script: - - go test -v -timeout 20m ./... -#artifacts: -# - path: '%GOPATH%\bin\*.exe' -deploy: off - -notifications: - - provider: Slack - incoming_webhook: https://hooks.slack.com/services/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 - auth_token: - secure: Sf7kZf7ZGbnwWUMpffHwMu5A0cHkLK2MYY32LNTPj4+/3qC3Ghl7+9v4TSLOqOlCwdRNjOGblAq7s+GDJed6/xgRQl1JtCi1klzZNrYX4q01pgTPvvGcwbBkIYgeMaPeIRcK9OZnud7sRXdttozgTOpytps2U6Js32ip7uj5mHSg2ub0FwoSJwlS6dbezZ8+eDhoha0F/guY99BEwx8Bd+zROrT2TFGsSGOFGN6wFc7moCqTHO/YkWib13a2QNXqOxCCVBy/lt76Wp+JkeFppjHlzs/2lP3EAk13RIUAaesdEUHvIHrzCyNJEd3/+KO2DzsWOYfpktd+KBCvgaYOsoo7ubdT3IROeAegZdCgo/6xgCEsmFc9ZcqCfN5yNx2A+BZ2Vwmpws+bQ1E1+B5HDzzaiLcYfG4X2O210QVGVDLWsv1jqD+uPYeHY2WRfh5ZsIUFvaqgUEnwHwrK44/8REAhQavt1QAj5uJpsRd7CkRVPWRNK+yIky+wgbVUFEchRNmS55E7QWf+W4+4QZkQi7vUTMc9nbTUu2Es9NfvfudOpM2wZbn98fjpb/qq/nRv6Bk+ca+7XD5/IgNLMbWp2ouDdzbiHLCOfDUiHiDJhLfFZx9Bwo7ZwfzeOlbrQX66bx7xRKYmOe4DLrXhNcpbsMa8qbfxlZRCmYbubB/Y8h4= - channel: bots - on_build_success: false - on_build_failure: true - on_build_status_changed: true diff --git a/vendor/github.com/go-openapi/analysis/debug.go b/vendor/github.com/go-openapi/analysis/debug.go deleted file mode 100644 index 84cc4e54cb79..000000000000 --- a/vendor/github.com/go-openapi/analysis/debug.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package analysis - -import ( - "fmt" - "log" - "os" - "path/filepath" - "runtime" -) - -var ( - // Debug is true when the SWAGGER_DEBUG env var is not empty. - // It enables a more verbose logging of the spec analyzer. - Debug = os.Getenv("SWAGGER_DEBUG") != "" - // analysisLogger is a debug logger for this package - analysisLogger *log.Logger -) - -func init() { - debugOptions() -} - -func debugOptions() { - analysisLogger = log.New(os.Stdout, "analysis:", log.LstdFlags) -} - -func debugLog(msg string, args ...interface{}) { - // A private, trivial trace logger, based on go-openapi/spec/expander.go:debugLog() - if Debug { - _, file1, pos1, _ := runtime.Caller(1) - analysisLogger.Printf("%s:%d: %s", filepath.Base(file1), pos1, fmt.Sprintf(msg, args...)) - } -} diff --git a/vendor/github.com/go-openapi/analysis/doc.go b/vendor/github.com/go-openapi/analysis/doc.go deleted file mode 100644 index d5294c0950b6..000000000000 --- a/vendor/github.com/go-openapi/analysis/doc.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -/* -Package analysis provides methods to work with a Swagger specification document from -package go-openapi/spec. - -Analyzing a specification - -An analysed specification object (type Spec) provides methods to work with swagger definition. - -Flattening or expanding a specification - -Flattening a specification bundles all remote $ref in the main spec document. -Depending on flattening options, additional preprocessing may take place: - - full flattening: replacing all inline complex constructs by a named entry in #/definitions - - expand: replace all $ref's in the document by their expanded content - -Merging several specifications - -Mixin several specifications merges all Swagger constructs, and warns about found conflicts. - -Fixing a specification - -Unmarshalling a specification with golang json unmarshalling may lead to -some unwanted result on present but empty fields. - -Analyzing a Swagger schema - -Swagger schemas are analyzed to determine their complexity and qualify their content. -*/ -package analysis diff --git a/vendor/github.com/go-openapi/analysis/fixer.go b/vendor/github.com/go-openapi/analysis/fixer.go deleted file mode 100644 index bfe014ca51a8..000000000000 --- a/vendor/github.com/go-openapi/analysis/fixer.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package analysis - -import "github.com/go-openapi/spec" - -// FixEmptyResponseDescriptions replaces empty ("") response -// descriptions in the input with "(empty)" to ensure that the -// resulting Swagger is stays valid. The problem appears to arise -// from reading in valid specs that have a explicit response -// description of "" (valid, response.description is required), but -// due to zero values being omitted upon re-serializing (omitempty) we -// lose them unless we stick some chars in there. -func FixEmptyResponseDescriptions(s *spec.Swagger) { - if s.Paths != nil { - for _, v := range s.Paths.Paths { - if v.Get != nil { - FixEmptyDescs(v.Get.Responses) - } - if v.Put != nil { - FixEmptyDescs(v.Put.Responses) - } - if v.Post != nil { - FixEmptyDescs(v.Post.Responses) - } - if v.Delete != nil { - FixEmptyDescs(v.Delete.Responses) - } - if v.Options != nil { - FixEmptyDescs(v.Options.Responses) - } - if v.Head != nil { - FixEmptyDescs(v.Head.Responses) - } - if v.Patch != nil { - FixEmptyDescs(v.Patch.Responses) - } - } - } - for k, v := range s.Responses { - FixEmptyDesc(&v) - s.Responses[k] = v - } -} - -// FixEmptyDescs adds "(empty)" as the description for any Response in -// the given Responses object that doesn't already have one. -func FixEmptyDescs(rs *spec.Responses) { - FixEmptyDesc(rs.Default) - for k, v := range rs.StatusCodeResponses { - FixEmptyDesc(&v) - rs.StatusCodeResponses[k] = v - } -} - -// FixEmptyDesc adds "(empty)" as the description to the given -// Response object if it doesn't already have one and isn't a -// ref. No-op on nil input. -func FixEmptyDesc(rs *spec.Response) { - if rs == nil || rs.Description != "" || rs.Ref.Ref.GetURL() != nil { - return - } - rs.Description = "(empty)" -} diff --git a/vendor/github.com/go-openapi/analysis/flatten.go b/vendor/github.com/go-openapi/analysis/flatten.go deleted file mode 100644 index ae1eef5d197a..000000000000 --- a/vendor/github.com/go-openapi/analysis/flatten.go +++ /dev/null @@ -1,1732 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package analysis - -import ( - "fmt" - "log" - "net/http" - "net/url" - "os" - slashpath "path" - "path/filepath" - "sort" - "strings" - - "strconv" - - "github.com/go-openapi/analysis/internal" - "github.com/go-openapi/jsonpointer" - swspec "github.com/go-openapi/spec" - "github.com/go-openapi/swag" -) - -// FlattenOpts configuration for flattening a swagger specification. -type FlattenOpts struct { - Spec *Spec // The analyzed spec to work with - flattenContext *context // Internal context to track flattening activity - - BasePath string - - // Flattening options - Expand bool // If Expand is true, we skip flattening the spec and expand it instead - Minimal bool - Verbose bool - RemoveUnused bool - - /* Extra keys */ - _ struct{} // require keys -} - -// ExpandOpts creates a spec.ExpandOptions to configure expanding a specification document. -func (f *FlattenOpts) ExpandOpts(skipSchemas bool) *swspec.ExpandOptions { - return &swspec.ExpandOptions{RelativeBase: f.BasePath, SkipSchemas: skipSchemas} -} - -// Swagger gets the swagger specification for this flatten operation -func (f *FlattenOpts) Swagger() *swspec.Swagger { - return f.Spec.spec -} - -// newRef stores information about refs created during the flattening process -type newRef struct { - key string - newName string - path string - isOAIGen bool - resolved bool - schema *swspec.Schema - parents []string -} - -// context stores intermediary results from flatten -type context struct { - newRefs map[string]*newRef - warnings []string - resolved map[string]string -} - -func newContext() *context { - return &context{ - newRefs: make(map[string]*newRef, 150), - warnings: make([]string, 0), - resolved: make(map[string]string, 50), - } -} - -// Flatten an analyzed spec and produce a self-contained spec bundle. -// -// There is a minimal and a full flattening mode. -// -// Minimally flattening a spec means: -// - Expanding parameters, responses, path items, parameter items and header items (references to schemas are left -// unscathed) -// - Importing external (http, file) references so they become internal to the document -// - Moving every JSON pointer to a $ref to a named definition (i.e. the reworked spec does not contain pointers -// like "$ref": "#/definitions/myObject/allOfs/1") -// -// A minimally flattened spec thus guarantees the following properties: -// - all $refs point to a local definition (i.e. '#/definitions/...') -// - definitions are unique -// -// NOTE: arbitrary JSON pointers (other than $refs to top level definitions) are rewritten as definitions if they -// represent a complex schema or express commonality in the spec. -// Otherwise, they are simply expanded. -// -// Minimal flattening is necessary and sufficient for codegen rendering using go-swagger. -// -// Fully flattening a spec means: -// - Moving every complex inline schema to be a definition with an auto-generated name in a depth-first fashion. -// -// By complex, we mean every JSON object with some properties. -// Arrays, when they do not define a tuple, -// or empty objects with or without additionalProperties, are not considered complex and remain inline. -// -// NOTE: rewritten schemas get a vendor extension x-go-gen-location so we know from which part of the spec definitions -// have been created. -// -// Available flattening options: -// - Minimal: stops flattening after minimal $ref processing, leaving schema constructs untouched -// - Expand: expand all $ref's in the document (inoperant if Minimal set to true) -// - Verbose: croaks about name conflicts detected -// - RemoveUnused: removes unused parameters, responses and definitions after expansion/flattening -// -// NOTE: expansion removes all $ref save circular $ref, which remain in place -// -// TODO: additional options -// - ProgagateNameExtensions: ensure that created entries properly follow naming rules when their parent have set a -// x-go-name extension -// - LiftAllOfs: -// - limit the flattening of allOf members when simple objects -// - merge allOf with validation only -// - merge allOf with extensions only -// - ... -// -func Flatten(opts FlattenOpts) error { - // Make sure opts.BasePath is an absolute path - if !filepath.IsAbs(opts.BasePath) { - cwd, _ := os.Getwd() - opts.BasePath = filepath.Join(cwd, opts.BasePath) - } - // make sure drive letter on windows is normalized to lower case - u, _ := url.Parse(opts.BasePath) - opts.BasePath = u.String() - - opts.flattenContext = newContext() - - // recursively expand responses, parameters, path items and items in simple schemas. - // This simplifies the spec and leaves $ref only into schema objects. - if err := swspec.ExpandSpec(opts.Swagger(), opts.ExpandOpts(!opts.Expand)); err != nil { - return err - } - - // strip current file from $ref's, so we can recognize them as proper definitions - // In particular, this works around for issue go-openapi/spec#76: leading absolute file in $ref is stripped - if err := normalizeRef(&opts); err != nil { - return err - } - - if opts.RemoveUnused { - // optionally removes shared parameters and responses already expanded (now unused) - // default parameters (i.e. under paths) remain. - opts.Swagger().Parameters = nil - opts.Swagger().Responses = nil - } - - opts.Spec.reload() // re-analyze - - // at this point there are no references left but in schemas - - for imported := false; !imported; { - // iteratively import remote references until none left. - // This inlining deals with name conflicts by introducing auto-generated names ("OAIGen") - var err error - if imported, err = importExternalReferences(&opts); err != nil { - return err - } - opts.Spec.reload() // re-analyze - } - - if !opts.Minimal && !opts.Expand { - // full flattening: rewrite inline schemas (schemas that aren't simple types or arrays or maps) - if err := nameInlinedSchemas(&opts); err != nil { - return err - } - - opts.Spec.reload() // re-analyze - } - - // rewrite JSON pointers other than $ref to named definitions - // and attempt to resolve conflicting names whenever possible. - if err := stripPointersAndOAIGen(&opts); err != nil { - return err - } - - if opts.RemoveUnused { - // remove unused definitions - expected := make(map[string]struct{}) - for k := range opts.Swagger().Definitions { - expected[slashpath.Join(definitionsPath, jsonpointer.Escape(k))] = struct{}{} - } - for _, k := range opts.Spec.AllDefinitionReferences() { - delete(expected, k) - } - for k := range expected { - debugLog("removing unused definition %s", slashpath.Base(k)) - if opts.Verbose { - log.Printf("info: removing unused definition: %s", slashpath.Base(k)) - } - delete(opts.Swagger().Definitions, slashpath.Base(k)) - } - opts.Spec.reload() // re-analyze - } - - // TODO: simplify known schema patterns to flat objects with properties - // examples: - // - lift simple allOf object, - // - empty allOf with validation only or extensions only - // - rework allOf arrays - // - rework allOf additionalProperties - - if opts.Verbose { - // issue notifications - croak(&opts) - } - return nil -} - -// isAnalyzedAsComplex determines if an analyzed schema is eligible to flattening (i.e. it is "complex"). -// -// Complex means the schema is any of: -// - a simple type (primitive) -// - an array of something (items are possibly complex ; if this is the case, items will generate a definition) -// - a map of something (additionalProperties are possibly complex ; if this is the case, additionalProperties will -// generate a definition) -func isAnalyzedAsComplex(asch *AnalyzedSchema) bool { - if !asch.IsSimpleSchema && !asch.IsArray && !asch.IsMap { - return true - } - return false -} - -// nameInlinedSchemas replaces every complex inline construct by a named definition. -func nameInlinedSchemas(opts *FlattenOpts) error { - debugLog("nameInlinedSchemas") - namer := &inlineSchemaNamer{ - Spec: opts.Swagger(), - Operations: opRefsByRef(gatherOperations(opts.Spec, nil)), - flattenContext: opts.flattenContext, - opts: opts, - } - depthFirst := sortDepthFirst(opts.Spec.allSchemas) - for _, key := range depthFirst { - sch := opts.Spec.allSchemas[key] - if sch.Schema != nil && sch.Schema.Ref.String() == "" && !sch.TopLevel { // inline schema - asch, err := Schema(SchemaOpts{Schema: sch.Schema, Root: opts.Swagger(), BasePath: opts.BasePath}) - if err != nil { - return fmt.Errorf("schema analysis [%s]: %v", key, err) - } - - if isAnalyzedAsComplex(asch) { // move complex schemas to definitions - if err := namer.Name(key, sch.Schema, asch); err != nil { - return err - } - } - } - } - return nil -} - -var depthGroupOrder = []string{ - "sharedParam", "sharedResponse", "sharedOpParam", "opParam", "codeResponse", "defaultResponse", "definition", -} - -func sortDepthFirst(data map[string]SchemaRef) []string { - // group by category (shared params, op param, statuscode response, default response, definitions) - // sort groups internally by number of parts in the key and lexical names - // flatten groups into a single list of keys - sorted := make([]string, 0, len(data)) - grouped := make(map[string]keys, len(data)) - for k := range data { - split := keyParts(k) - var pk string - if split.IsSharedOperationParam() { - pk = "sharedOpParam" - } - if split.IsOperationParam() { - pk = "opParam" - } - if split.IsStatusCodeResponse() { - pk = "codeResponse" - } - if split.IsDefaultResponse() { - pk = "defaultResponse" - } - if split.IsDefinition() { - pk = "definition" - } - if split.IsSharedParam() { - pk = "sharedParam" - } - if split.IsSharedResponse() { - pk = "sharedResponse" - } - grouped[pk] = append(grouped[pk], key{Segments: len(split), Key: k}) - } - - for _, pk := range depthGroupOrder { - res := grouped[pk] - sort.Sort(res) - for _, v := range res { - sorted = append(sorted, v.Key) - } - } - return sorted -} - -type key struct { - Segments int - Key string -} -type keys []key - -func (k keys) Len() int { return len(k) } -func (k keys) Swap(i, j int) { k[i], k[j] = k[j], k[i] } -func (k keys) Less(i, j int) bool { - return k[i].Segments > k[j].Segments || (k[i].Segments == k[j].Segments && k[i].Key < k[j].Key) -} - -type inlineSchemaNamer struct { - Spec *swspec.Swagger - Operations map[string]opRef - flattenContext *context - opts *FlattenOpts -} - -func opRefsByRef(oprefs map[string]opRef) map[string]opRef { - result := make(map[string]opRef, len(oprefs)) - for _, v := range oprefs { - result[v.Ref.String()] = v - } - return result -} - -func (isn *inlineSchemaNamer) Name(key string, schema *swspec.Schema, aschema *AnalyzedSchema) error { - debugLog("naming inlined schema at %s", key) - - parts := keyParts(key) - for _, name := range namesFromKey(parts, aschema, isn.Operations) { - if name != "" { - // create unique name - newName, isOAIGen := uniqifyName(isn.Spec.Definitions, swag.ToJSONName(name)) - - // clone schema - sch, err := cloneSchema(schema) - if err != nil { - return err - } - - // replace values on schema - if err := rewriteSchemaToRef(isn.Spec, key, - swspec.MustCreateRef(slashpath.Join(definitionsPath, newName))); err != nil { - return fmt.Errorf("error while creating definition %q from inline schema: %v", newName, err) - } - - // rewrite any dependent $ref pointing to this place, - // when not already pointing to a top-level definition. - // - // NOTE: this is important if such referers use arbitrary JSON pointers. - an := New(isn.Spec) - for k, v := range an.references.allRefs { - r, _, erd := deepestRef(isn.opts, v) - if erd != nil { - return fmt.Errorf("at %s, %v", k, erd) - } - if r.String() == key || - r.String() == slashpath.Join(definitionsPath, newName) && - slashpath.Dir(v.String()) != definitionsPath { - debugLog("found a $ref to a rewritten schema: %s points to %s", k, v.String()) - - // rewrite $ref to the new target - if err := updateRef(isn.Spec, k, - swspec.MustCreateRef(slashpath.Join(definitionsPath, newName))); err != nil { - return err - } - } - } - - // NOTE: this extension is currently not used by go-swagger (provided for information only) - sch.AddExtension("x-go-gen-location", genLocation(parts)) - - // save cloned schema to definitions - saveSchema(isn.Spec, newName, sch) - - // keep track of created refs - if isn.flattenContext != nil { - debugLog("track created ref: key=%s, newName=%s, isOAIGen=%t", key, newName, isOAIGen) - resolved := false - if _, ok := isn.flattenContext.newRefs[key]; ok { - resolved = isn.flattenContext.newRefs[key].resolved - } - isn.flattenContext.newRefs[key] = &newRef{ - key: key, - newName: newName, - path: slashpath.Join(definitionsPath, newName), - isOAIGen: isOAIGen, - resolved: resolved, - schema: sch, - } - } - } - } - return nil -} - -// genLocation indicates from which section of the specification (models or operations) a definition has been created. -// -// This is reflected in the output spec with a "x-go-gen-location" extension. At the moment, this is is provided -// for information only. -func genLocation(parts splitKey) string { - if parts.IsOperation() { - return "operations" - } - if parts.IsDefinition() { - return "models" - } - return "" -} - -// uniqifyName yields a unique name for a definition -func uniqifyName(definitions swspec.Definitions, name string) (string, bool) { - isOAIGen := false - if name == "" { - name = "oaiGen" - isOAIGen = true - } - if len(definitions) == 0 { - return name, isOAIGen - } - - unq := true - for k := range definitions { - if strings.EqualFold(k, name) { - unq = false - break - } - } - - if unq { - return name, isOAIGen - } - - name += "OAIGen" - isOAIGen = true - var idx int - unique := name - _, known := definitions[unique] - for known { - idx++ - unique = fmt.Sprintf("%s%d", name, idx) - _, known = definitions[unique] - } - return unique, isOAIGen -} - -func namesFromKey(parts splitKey, aschema *AnalyzedSchema, operations map[string]opRef) []string { - var baseNames [][]string - var startIndex int - if parts.IsOperation() { - // params - if parts.IsOperationParam() || parts.IsSharedOperationParam() { - piref := parts.PathItemRef() - if piref.String() != "" && parts.IsOperationParam() { - if op, ok := operations[piref.String()]; ok { - startIndex = 5 - baseNames = append(baseNames, []string{op.ID, "params", "body"}) - } - } else if parts.IsSharedOperationParam() { - pref := parts.PathRef() - for k, v := range operations { - if strings.HasPrefix(k, pref.String()) { - startIndex = 4 - baseNames = append(baseNames, []string{v.ID, "params", "body"}) - } - } - } - } - // responses - if parts.IsOperationResponse() { - piref := parts.PathItemRef() - if piref.String() != "" { - if op, ok := operations[piref.String()]; ok { - startIndex = 6 - baseNames = append(baseNames, []string{op.ID, parts.ResponseName(), "body"}) - } - } - } - } - - // definitions - if parts.IsDefinition() { - nm := parts.DefinitionName() - if nm != "" { - startIndex = 2 - baseNames = append(baseNames, []string{parts.DefinitionName()}) - } - } - - var result []string - for _, segments := range baseNames { - nm := parts.BuildName(segments, startIndex, aschema) - if nm != "" { - result = append(result, nm) - } - } - sort.Strings(result) - return result -} - -const ( - paths = "paths" - responses = "responses" - parameters = "parameters" - definitions = "definitions" - definitionsPath = "#/definitions" -) - -var ( - ignoredKeys map[string]struct{} - validMethods map[string]struct{} -) - -func init() { - ignoredKeys = map[string]struct{}{ - "schema": {}, - "properties": {}, - "not": {}, - "anyOf": {}, - "oneOf": {}, - } - - validMethods = map[string]struct{}{ - "GET": {}, - "HEAD": {}, - "OPTIONS": {}, - "PATCH": {}, - "POST": {}, - "PUT": {}, - "DELETE": {}, - } -} - -type splitKey []string - -func (s splitKey) IsDefinition() bool { - return len(s) > 1 && s[0] == definitions -} - -func (s splitKey) DefinitionName() string { - if !s.IsDefinition() { - return "" - } - return s[1] -} - -func (s splitKey) isKeyName(i int) bool { - if i <= 0 { - return false - } - count := 0 - for idx := i - 1; idx > 0; idx-- { - if s[idx] != "properties" { - break - } - count++ - } - - return count%2 != 0 -} - -func (s splitKey) BuildName(segments []string, startIndex int, aschema *AnalyzedSchema) string { - for i, part := range s[startIndex:] { - if _, ignored := ignoredKeys[part]; !ignored || s.isKeyName(startIndex+i) { - if part == "items" || part == "additionalItems" { - if aschema.IsTuple || aschema.IsTupleWithExtra { - segments = append(segments, "tuple") - } else { - segments = append(segments, "items") - } - if part == "additionalItems" { - segments = append(segments, part) - } - continue - } - segments = append(segments, part) - } - } - return strings.Join(segments, " ") -} - -func (s splitKey) IsOperation() bool { - return len(s) > 1 && s[0] == paths -} - -func (s splitKey) IsSharedOperationParam() bool { - return len(s) > 2 && s[0] == paths && s[2] == parameters -} - -func (s splitKey) IsSharedParam() bool { - return len(s) > 1 && s[0] == parameters -} - -func (s splitKey) IsOperationParam() bool { - return len(s) > 3 && s[0] == paths && s[3] == parameters -} - -func (s splitKey) IsOperationResponse() bool { - return len(s) > 3 && s[0] == paths && s[3] == responses -} - -func (s splitKey) IsSharedResponse() bool { - return len(s) > 1 && s[0] == responses -} - -func (s splitKey) IsDefaultResponse() bool { - return len(s) > 4 && s[0] == paths && s[3] == responses && s[4] == "default" -} - -func (s splitKey) IsStatusCodeResponse() bool { - isInt := func() bool { - _, err := strconv.Atoi(s[4]) - return err == nil - } - return len(s) > 4 && s[0] == paths && s[3] == responses && isInt() -} - -func (s splitKey) ResponseName() string { - if s.IsStatusCodeResponse() { - code, _ := strconv.Atoi(s[4]) - return http.StatusText(code) - } - if s.IsDefaultResponse() { - return "Default" - } - return "" -} - -func (s splitKey) PathItemRef() swspec.Ref { - if len(s) < 3 { - return swspec.Ref{} - } - pth, method := s[1], s[2] - if _, isValidMethod := validMethods[strings.ToUpper(method)]; !isValidMethod && !strings.HasPrefix(method, "x-") { - return swspec.Ref{} - } - return swspec.MustCreateRef("#" + slashpath.Join("/", paths, jsonpointer.Escape(pth), strings.ToUpper(method))) -} - -func (s splitKey) PathRef() swspec.Ref { - if !s.IsOperation() { - return swspec.Ref{} - } - return swspec.MustCreateRef("#" + slashpath.Join("/", paths, jsonpointer.Escape(s[1]))) -} - -func keyParts(key string) splitKey { - var res []string - for _, part := range strings.Split(key[1:], "/") { - if part != "" { - res = append(res, jsonpointer.Unescape(part)) - } - } - return res -} - -func rewriteSchemaToRef(spec *swspec.Swagger, key string, ref swspec.Ref) error { - debugLog("rewriting schema to ref for %s with %s", key, ref.String()) - _, value, err := getPointerFromKey(spec, key) - if err != nil { - return err - } - - switch refable := value.(type) { - case *swspec.Schema: - return rewriteParentRef(spec, key, ref) - - case swspec.Schema: - return rewriteParentRef(spec, key, ref) - - case *swspec.SchemaOrArray: - if refable.Schema != nil { - refable.Schema = &swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - } - - case *swspec.SchemaOrBool: - if refable.Schema != nil { - refable.Schema = &swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - } - default: - return fmt.Errorf("no schema with ref found at %s for %T", key, value) - } - - return nil -} - -func rewriteParentRef(spec *swspec.Swagger, key string, ref swspec.Ref) error { - parent, entry, pvalue, err := getParentFromKey(spec, key) - if err != nil { - return err - } - - debugLog("rewriting holder for %T", pvalue) - switch container := pvalue.(type) { - case swspec.Response: - if err := rewriteParentRef(spec, "#"+parent, ref); err != nil { - return err - } - - case *swspec.Response: - container.Schema = &swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - - case *swspec.Responses: - statusCode, err := strconv.Atoi(entry) - if err != nil { - return fmt.Errorf("%s not a number: %v", key[1:], err) - } - resp := container.StatusCodeResponses[statusCode] - resp.Schema = &swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - container.StatusCodeResponses[statusCode] = resp - - case map[string]swspec.Response: - resp := container[entry] - resp.Schema = &swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - container[entry] = resp - - case swspec.Parameter: - if err := rewriteParentRef(spec, "#"+parent, ref); err != nil { - return err - } - - case map[string]swspec.Parameter: - param := container[entry] - param.Schema = &swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - container[entry] = param - - case []swspec.Parameter: - idx, err := strconv.Atoi(entry) - if err != nil { - return fmt.Errorf("%s not a number: %v", key[1:], err) - } - param := container[idx] - param.Schema = &swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - container[idx] = param - - case swspec.Definitions: - container[entry] = swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - - case map[string]swspec.Schema: - container[entry] = swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - - case []swspec.Schema: - idx, err := strconv.Atoi(entry) - if err != nil { - return fmt.Errorf("%s not a number: %v", key[1:], err) - } - container[idx] = swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - - case *swspec.SchemaOrArray: - // NOTE: this is necessarily an array - otherwise, the parent would be *Schema - idx, err := strconv.Atoi(entry) - if err != nil { - return fmt.Errorf("%s not a number: %v", key[1:], err) - } - container.Schemas[idx] = swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - - // NOTE: can't have case *swspec.SchemaOrBool = parent in this case is *Schema - - default: - return fmt.Errorf("unhandled parent schema rewrite %s (%T)", key, pvalue) - } - return nil -} - -func cloneSchema(schema *swspec.Schema) (*swspec.Schema, error) { - var sch swspec.Schema - if err := swag.FromDynamicJSON(schema, &sch); err != nil { - return nil, fmt.Errorf("cannot clone schema: %v", err) - } - return &sch, nil -} - -// importExternalReferences iteratively digs remote references and imports them into the main schema. -// -// At every iteration, new remotes may be found when digging deeper: they are rebased to the current schema before being imported. -// -// This returns true when no more remote references can be found. -func importExternalReferences(opts *FlattenOpts) (bool, error) { - debugLog("importExternalReferences") - - groupedRefs := reverseIndexForSchemaRefs(opts) - sortedRefStr := make([]string, 0, len(groupedRefs)) - if opts.flattenContext == nil { - opts.flattenContext = newContext() - } - - // sort $ref resolution to ensure deterministic name conflict resolution - for refStr := range groupedRefs { - sortedRefStr = append(sortedRefStr, refStr) - } - sort.Strings(sortedRefStr) - - complete := true - - for _, refStr := range sortedRefStr { - entry := groupedRefs[refStr] - if entry.Ref.HasFragmentOnly { - continue - } - complete = false - var isOAIGen bool - - newName := opts.flattenContext.resolved[refStr] - if newName != "" { - // rewrite ref with already resolved external ref (useful for cyclical refs): - // rewrite external refs to local ones - debugLog("resolving known ref [%s] to %s", refStr, newName) - for _, key := range entry.Keys { - if err := updateRef(opts.Swagger(), key, - swspec.MustCreateRef(slashpath.Join(definitionsPath, newName))); err != nil { - return false, err - } - } - } else { - // resolve schemas - debugLog("resolving schema from remote $ref [%s]", refStr) - sch, err := swspec.ResolveRefWithBase(opts.Swagger(), &entry.Ref, opts.ExpandOpts(false)) - if err != nil { - return false, fmt.Errorf("could not resolve schema: %v", err) - } - - // at this stage only $ref analysis matters - partialAnalyzer := &Spec{ - references: referenceAnalysis{}, - patterns: patternAnalysis{}, - enums: enumAnalysis{}, - } - partialAnalyzer.reset() - partialAnalyzer.analyzeSchema("", *sch, "/") - - // now rewrite those refs with rebase - for key, ref := range partialAnalyzer.references.allRefs { - if err := updateRef(sch, key, swspec.MustCreateRef(rebaseRef(entry.Ref.String(), ref.String()))); err != nil { - return false, fmt.Errorf("failed to rewrite ref for key %q at %s: %v", key, entry.Ref.String(), err) - } - } - - // generate a unique name - isOAIGen means that a naming conflict was resolved by changing the name - newName, isOAIGen = uniqifyName(opts.Swagger().Definitions, nameFromRef(entry.Ref)) - debugLog("new name for [%s]: %s - with name conflict:%t", - strings.Join(entry.Keys, ", "), newName, isOAIGen) - - opts.flattenContext.resolved[refStr] = newName - - // rewrite the external refs to local ones - for _, key := range entry.Keys { - if err := updateRef(opts.Swagger(), key, - swspec.MustCreateRef(slashpath.Join(definitionsPath, newName))); err != nil { - return false, err - } - - // keep track of created refs - resolved := false - if _, ok := opts.flattenContext.newRefs[key]; ok { - resolved = opts.flattenContext.newRefs[key].resolved - } - opts.flattenContext.newRefs[key] = &newRef{ - key: key, - newName: newName, - path: slashpath.Join(definitionsPath, newName), - isOAIGen: isOAIGen, - resolved: resolved, - schema: sch, - } - } - - // add the resolved schema to the definitions - saveSchema(opts.Swagger(), newName, sch) - } - } - // maintains ref index entries - for k := range opts.flattenContext.newRefs { - r := opts.flattenContext.newRefs[k] - - // update tracking with resolved schemas - if r.schema.Ref.String() != "" { - ref := swspec.MustCreateRef(r.path) - sch, err := swspec.ResolveRefWithBase(opts.Swagger(), &ref, opts.ExpandOpts(false)) - if err != nil { - return false, fmt.Errorf("could not resolve schema: %v", err) - } - r.schema = sch - } - // update tracking with renamed keys: got a cascade of refs - if r.path != k { - renamed := *r - renamed.key = r.path - opts.flattenContext.newRefs[renamed.path] = &renamed - - // indirect ref - r.newName = slashpath.Base(k) - r.schema = swspec.RefSchema(r.path) - r.path = k - r.isOAIGen = strings.Contains(k, "OAIGen") - } - } - - return complete, nil -} - -type refRevIdx struct { - Ref swspec.Ref - Keys []string -} - -// rebaseRef rebase a remote ref relative to a base ref. -// -// NOTE: does not support JSONschema ID for $ref (we assume we are working with swagger specs here). -// -// NOTE(windows): -// * refs are assumed to have been normalized with drive letter lower cased (from go-openapi/spec) -// * "/ in paths may appear as escape sequences -func rebaseRef(baseRef string, ref string) string { - debugLog("rebasing ref: %s onto %s", ref, baseRef) - baseRef, _ = url.PathUnescape(baseRef) - ref, _ = url.PathUnescape(ref) - if baseRef == "" || baseRef == "." || strings.HasPrefix(baseRef, "#") { - return ref - } - - parts := strings.Split(ref, "#") - - baseParts := strings.Split(baseRef, "#") - baseURL, _ := url.Parse(baseParts[0]) - if strings.HasPrefix(ref, "#") { - if baseURL.Host == "" { - return strings.Join([]string{baseParts[0], parts[1]}, "#") - } - return strings.Join([]string{baseParts[0], parts[1]}, "#") - } - - refURL, _ := url.Parse(parts[0]) - if refURL.Host != "" || filepath.IsAbs(parts[0]) { - // not rebasing an absolute path - return ref - } - - // there is a relative path - var basePath string - if baseURL.Host != "" { - // when there is a host, standard URI rules apply (with "/") - baseURL.Path = slashpath.Dir(baseURL.Path) - baseURL.Path = slashpath.Join(baseURL.Path, "/"+parts[0]) - return baseURL.String() - } - - // this is a local relative path - // basePart[0] and parts[0] are local filesystem directories/files - basePath = filepath.Dir(baseParts[0]) - relPath := filepath.Join(basePath, string(filepath.Separator)+parts[0]) - if len(parts) > 1 { - return strings.Join([]string{relPath, parts[1]}, "#") - } - return relPath -} - -// normalizePath renders absolute path on remote file refs -// -// NOTE(windows): -// * refs are assumed to have been normalized with drive letter lower cased (from go-openapi/spec) -// * "/ in paths may appear as escape sequences -func normalizePath(ref swspec.Ref, opts *FlattenOpts) (normalizedPath string) { - uri, _ := url.PathUnescape(ref.String()) - if ref.HasFragmentOnly || filepath.IsAbs(uri) { - normalizedPath = uri - return - } - - refURL, _ := url.Parse(uri) - if refURL.Host != "" { - normalizedPath = uri - return - } - - parts := strings.Split(uri, "#") - // BasePath, parts[0] are local filesystem directories, guaranteed to be absolute at this stage - parts[0] = filepath.Join(filepath.Dir(opts.BasePath), parts[0]) - normalizedPath = strings.Join(parts, "#") - return -} - -func reverseIndexForSchemaRefs(opts *FlattenOpts) map[string]refRevIdx { - collected := make(map[string]refRevIdx) - for key, schRef := range opts.Spec.references.schemas { - // normalize paths before sorting, - // so we get together keys in same external file - normalizedPath := normalizePath(schRef, opts) - if entry, ok := collected[normalizedPath]; ok { - entry.Keys = append(entry.Keys, key) - collected[normalizedPath] = entry - } else { - collected[normalizedPath] = refRevIdx{ - Ref: schRef, - Keys: []string{key}, - } - } - } - return collected -} - -func nameFromRef(ref swspec.Ref) string { - u := ref.GetURL() - if u.Fragment != "" { - return swag.ToJSONName(slashpath.Base(u.Fragment)) - } - if u.Path != "" { - bn := slashpath.Base(u.Path) - if bn != "" && bn != "/" { - ext := slashpath.Ext(bn) - if ext != "" { - return swag.ToJSONName(bn[:len(bn)-len(ext)]) - } - return swag.ToJSONName(bn) - } - } - return swag.ToJSONName(strings.Replace(u.Host, ".", " ", -1)) -} - -func saveSchema(spec *swspec.Swagger, name string, schema *swspec.Schema) { - if schema == nil { - return - } - if spec.Definitions == nil { - spec.Definitions = make(map[string]swspec.Schema, 150) - } - spec.Definitions[name] = *schema -} - -// getPointerFromKey retrieves the content of the JSON pointer "key" -func getPointerFromKey(spec interface{}, key string) (string, interface{}, error) { - switch spec.(type) { - case *swspec.Schema: - case *swspec.Swagger: - default: - panic("unexpected type used in getPointerFromKey") - } - if key == "#/" { - return "", spec, nil - } - // unescape chars in key, e.g. "{}" from path params - pth, _ := internal.PathUnescape(key[1:]) - ptr, err := jsonpointer.New(pth) - if err != nil { - return "", nil, err - } - - value, _, err := ptr.Get(spec) - if err != nil { - debugLog("error when getting key: %s with path: %s", key, pth) - return "", nil, err - } - return pth, value, nil -} - -// getParentFromKey retrieves the container of the JSON pointer "key" -func getParentFromKey(spec interface{}, key string) (string, string, interface{}, error) { - switch spec.(type) { - case *swspec.Schema: - case *swspec.Swagger: - default: - panic("unexpected type used in getPointerFromKey") - } - // unescape chars in key, e.g. "{}" from path params - pth, _ := internal.PathUnescape(key[1:]) - - parent, entry := slashpath.Dir(pth), slashpath.Base(pth) - debugLog("getting schema holder at: %s, with entry: %s", parent, entry) - - pptr, err := jsonpointer.New(parent) - if err != nil { - return "", "", nil, err - } - pvalue, _, err := pptr.Get(spec) - if err != nil { - return "", "", nil, fmt.Errorf("can't get parent for %s: %v", parent, err) - } - return parent, entry, pvalue, nil -} - -// updateRef replaces a ref by another one -func updateRef(spec interface{}, key string, ref swspec.Ref) error { - switch spec.(type) { - case *swspec.Schema: - case *swspec.Swagger: - default: - panic("unexpected type used in getPointerFromKey") - } - debugLog("updating ref for %s with %s", key, ref.String()) - pth, value, err := getPointerFromKey(spec, key) - if err != nil { - return err - } - - switch refable := value.(type) { - case *swspec.Schema: - refable.Ref = ref - case *swspec.SchemaOrArray: - if refable.Schema != nil { - refable.Schema.Ref = ref - } - case *swspec.SchemaOrBool: - if refable.Schema != nil { - refable.Schema.Ref = ref - } - case swspec.Schema: - debugLog("rewriting holder for %T", refable) - _, entry, pvalue, erp := getParentFromKey(spec, key) - if erp != nil { - return err - } - switch container := pvalue.(type) { - case swspec.Definitions: - container[entry] = swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - - case map[string]swspec.Schema: - container[entry] = swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - - case []swspec.Schema: - idx, err := strconv.Atoi(entry) - if err != nil { - return fmt.Errorf("%s not a number: %v", pth, err) - } - container[idx] = swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - - case *swspec.SchemaOrArray: - // NOTE: this is necessarily an array - otherwise, the parent would be *Schema - idx, err := strconv.Atoi(entry) - if err != nil { - return fmt.Errorf("%s not a number: %v", pth, err) - } - container.Schemas[idx] = swspec.Schema{SchemaProps: swspec.SchemaProps{Ref: ref}} - - // NOTE: can't have case *swspec.SchemaOrBool = parent in this case is *Schema - - default: - return fmt.Errorf("unhandled container type at %s: %T", key, value) - } - - default: - return fmt.Errorf("no schema with ref found at %s for %T", key, value) - } - - return nil -} - -// updateRefWithSchema replaces a ref with a schema (i.e. re-inline schema) -func updateRefWithSchema(spec *swspec.Swagger, key string, sch *swspec.Schema) error { - debugLog("updating ref for %s with schema", key) - pth, value, err := getPointerFromKey(spec, key) - if err != nil { - return err - } - - switch refable := value.(type) { - case *swspec.Schema: - *refable = *sch - case swspec.Schema: - _, entry, pvalue, erp := getParentFromKey(spec, key) - if erp != nil { - return err - } - switch container := pvalue.(type) { - case swspec.Definitions: - container[entry] = *sch - - case map[string]swspec.Schema: - container[entry] = *sch - - case []swspec.Schema: - idx, err := strconv.Atoi(entry) - if err != nil { - return fmt.Errorf("%s not a number: %v", pth, err) - } - container[idx] = *sch - - case *swspec.SchemaOrArray: - // NOTE: this is necessarily an array - otherwise, the parent would be *Schema - idx, err := strconv.Atoi(entry) - if err != nil { - return fmt.Errorf("%s not a number: %v", pth, err) - } - container.Schemas[idx] = *sch - - // NOTE: can't have case *swspec.SchemaOrBool = parent in this case is *Schema - - default: - return fmt.Errorf("unhandled type for parent of [%s]: %T", key, value) - } - case *swspec.SchemaOrArray: - *refable.Schema = *sch - // NOTE: can't have case *swspec.SchemaOrBool = parent in this case is *Schema - case *swspec.SchemaOrBool: - *refable.Schema = *sch - default: - return fmt.Errorf("no schema with ref found at %s for %T", key, value) - } - - return nil -} - -func containsString(names []string, name string) bool { - for _, nm := range names { - if nm == name { - return true - } - } - return false -} - -type opRef struct { - Method string - Path string - Key string - ID string - Op *swspec.Operation - Ref swspec.Ref -} - -type opRefs []opRef - -func (o opRefs) Len() int { return len(o) } -func (o opRefs) Swap(i, j int) { o[i], o[j] = o[j], o[i] } -func (o opRefs) Less(i, j int) bool { return o[i].Key < o[j].Key } - -func gatherOperations(specDoc *Spec, operationIDs []string) map[string]opRef { - var oprefs opRefs - - for method, pathItem := range specDoc.Operations() { - for pth, operation := range pathItem { - vv := *operation - oprefs = append(oprefs, opRef{ - Key: swag.ToGoName(strings.ToLower(method) + " " + pth), - Method: method, - Path: pth, - ID: vv.ID, - Op: &vv, - Ref: swspec.MustCreateRef("#" + slashpath.Join("/paths", jsonpointer.Escape(pth), method)), - }) - } - } - - sort.Sort(oprefs) - - operations := make(map[string]opRef) - for _, opr := range oprefs { - nm := opr.ID - if nm == "" { - nm = opr.Key - } - - oo, found := operations[nm] - if found && oo.Method != opr.Method && oo.Path != opr.Path { - nm = opr.Key - } - if len(operationIDs) == 0 || containsString(operationIDs, opr.ID) || containsString(operationIDs, nm) { - opr.ID = nm - opr.Op.ID = nm - operations[nm] = opr - } - } - return operations -} - -// stripPointersAndOAIGen removes anonymous JSON pointers from spec and chain with name conflicts handler. -// This loops until the spec has no such pointer and all name conflicts have been reduced as much as possible. -func stripPointersAndOAIGen(opts *FlattenOpts) error { - // name all JSON pointers to anonymous documents - if err := namePointers(opts); err != nil { - return err - } - - // remove unnecessary OAIGen ref (created when flattening external refs creates name conflicts) - hasIntroducedPointerOrInline, ers := stripOAIGen(opts) - if ers != nil { - return ers - } - - // iterate as pointer or OAIGen resolution may introduce inline schemas or pointers - for hasIntroducedPointerOrInline { - if !opts.Minimal { - opts.Spec.reload() // re-analyze - if err := nameInlinedSchemas(opts); err != nil { - return err - } - } - - if err := namePointers(opts); err != nil { - return err - } - - // restrip - if hasIntroducedPointerOrInline, ers = stripOAIGen(opts); ers != nil { - return ers - } - - opts.Spec.reload() // re-analyze - } - return nil -} - -// stripOAIGen strips the spec from unnecessary OAIGen constructs, initially created to dedupe flattened definitions. -// -// A dedupe is deemed unnecessary whenever: -// - the only conflict is with its (single) parent: OAIGen is merged into its parent (reinlining) -// - there is a conflict with multiple parents: merge OAIGen in first parent, the rewrite other parents to point to -// the first parent. -// -// This function returns a true bool whenever it re-inlined a complex schema, so the caller may chose to iterate -// pointer and name resolution again. -func stripOAIGen(opts *FlattenOpts) (bool, error) { - debugLog("stripOAIGen") - replacedWithComplex := false - - // figure out referers of OAIGen definitions - for _, r := range opts.flattenContext.newRefs { - if !r.isOAIGen || r.resolved { // bail on already resolved entries (avoid looping) - continue - } - for k, v := range opts.Spec.references.allRefs { - if r.path != v.String() { - continue - } - found := false - for _, p := range r.parents { - if p == k { - found = true - break - } - } - if !found { - r.parents = append(r.parents, k) - } - } - } - - for k := range opts.flattenContext.newRefs { - r := opts.flattenContext.newRefs[k] - //debugLog("newRefs[%s]: isOAIGen: %t, resolved: %t, name: %s, path:%s, #parents: %d, parents: %v, ref: %s", - // k, r.isOAIGen, r.resolved, r.newName, r.path, len(r.parents), r.parents, r.schema.Ref.String()) - if r.isOAIGen && len(r.parents) >= 1 { - pr := r.parents - sort.Strings(pr) - - // rewrite first parent schema in lexicographical order - debugLog("rewrite first parent in lex order %s with schema", pr[0]) - if err := updateRefWithSchema(opts.Swagger(), pr[0], r.schema); err != nil { - return false, err - } - if pa, ok := opts.flattenContext.newRefs[pr[0]]; ok && pa.isOAIGen { - // update parent in ref index entry - debugLog("update parent entry: %s", pr[0]) - pa.schema = r.schema - pa.resolved = false - replacedWithComplex = true - } - - // rewrite other parents to point to first parent - if len(pr) > 1 { - for _, p := range pr[1:] { - replacingRef := swspec.MustCreateRef(pr[0]) - - // set complex when replacing ref is an anonymous jsonpointer: further processing may be required - replacedWithComplex = replacedWithComplex || - slashpath.Dir(replacingRef.String()) != definitionsPath - debugLog("rewrite parent with ref: %s", replacingRef.String()) - - // NOTE: it is possible at this stage to introduce json pointers (to non-definitions places). - // Those are stripped later on. - if err := updateRef(opts.Swagger(), p, replacingRef); err != nil { - return false, err - } - - if pa, ok := opts.flattenContext.newRefs[p]; ok && pa.isOAIGen { - // update parent in ref index - debugLog("update parent entry: %s", p) - pa.schema = r.schema - pa.resolved = false - replacedWithComplex = true - } - } - } - - // remove OAIGen definition - debugLog("removing definition %s", slashpath.Base(r.path)) - delete(opts.Swagger().Definitions, slashpath.Base(r.path)) - - // propagate changes in ref index for keys which have this one as a parent - for kk, value := range opts.flattenContext.newRefs { - if kk == k || !value.isOAIGen || value.resolved { - continue - } - found := false - newParents := make([]string, 0, len(value.parents)) - for _, parent := range value.parents { - switch { - case parent == r.path: - found = true - parent = pr[0] - case strings.HasPrefix(parent, r.path+"/"): - found = true - parent = slashpath.Join(pr[0], strings.TrimPrefix(parent, r.path)) - } - newParents = append(newParents, parent) - } - if found { - value.parents = newParents - } - } - - // mark naming conflict as resolved - debugLog("marking naming conflict resolved for key: %s", r.key) - opts.flattenContext.newRefs[r.key].isOAIGen = false - opts.flattenContext.newRefs[r.key].resolved = true - - // determine if the previous substitution did inline a complex schema - if r.schema != nil && r.schema.Ref.String() == "" { // inline schema - asch, err := Schema(SchemaOpts{Schema: r.schema, Root: opts.Swagger(), BasePath: opts.BasePath}) - if err != nil { - return false, err - } - debugLog("re-inlined schema: parent: %s, %t", pr[0], isAnalyzedAsComplex(asch)) - replacedWithComplex = replacedWithComplex || - !(slashpath.Dir(pr[0]) == definitionsPath) && isAnalyzedAsComplex(asch) - } - } - } - - debugLog("replacedWithComplex: %t", replacedWithComplex) - opts.Spec.reload() // re-analyze - return replacedWithComplex, nil -} - -// croak logs notifications and warnings about valid, but possibly unwanted constructs resulting -// from flattening a spec -func croak(opts *FlattenOpts) { - reported := make(map[string]bool, len(opts.flattenContext.newRefs)) - for _, v := range opts.Spec.references.allRefs { - // warns about duplicate handling - for _, r := range opts.flattenContext.newRefs { - if r.isOAIGen && r.path == v.String() { - reported[r.newName] = true - } - } - } - for k := range reported { - log.Printf("warning: duplicate flattened definition name resolved as %s", k) - } - // warns about possible type mismatches - uniqueMsg := make(map[string]bool) - for _, msg := range opts.flattenContext.warnings { - if _, ok := uniqueMsg[msg]; ok { - continue - } - log.Printf("warning: %s", msg) - uniqueMsg[msg] = true - } -} - -// namePointers replaces all JSON pointers to anonymous documents by a $ref to a new named definitions. -// -// This is carried on depth-first. Pointers to $refs which are top level definitions are replaced by the $ref itself. -// Pointers to simple types are expanded, unless they express commonality (i.e. several such $ref are used). -func namePointers(opts *FlattenOpts) error { - debugLog("name pointers") - refsToReplace := make(map[string]SchemaRef, len(opts.Spec.references.schemas)) - for k, ref := range opts.Spec.references.allRefs { - if slashpath.Dir(ref.String()) == definitionsPath { - // this a ref to a top-level definition: ok - continue - } - replacingRef, sch, erd := deepestRef(opts, ref) - if erd != nil { - return fmt.Errorf("at %s, %v", k, erd) - } - debugLog("planning pointer to replace at %s: %s, resolved to: %s", k, ref.String(), replacingRef.String()) - refsToReplace[k] = SchemaRef{ - Name: k, // caller - Ref: replacingRef, // callee - Schema: sch, - TopLevel: slashpath.Dir(replacingRef.String()) == definitionsPath, - } - } - depthFirst := sortDepthFirst(refsToReplace) - namer := &inlineSchemaNamer{ - Spec: opts.Swagger(), - Operations: opRefsByRef(gatherOperations(opts.Spec, nil)), - flattenContext: opts.flattenContext, - opts: opts, - } - - for _, key := range depthFirst { - v := refsToReplace[key] - // update current replacement, which may have been updated by previous changes of deeper elements - replacingRef, sch, erd := deepestRef(opts, v.Ref) - if erd != nil { - return fmt.Errorf("at %s, %v", key, erd) - } - v.Ref = replacingRef - v.Schema = sch - v.TopLevel = slashpath.Dir(replacingRef.String()) == definitionsPath - debugLog("replacing pointer at %s: resolved to: %s", key, v.Ref.String()) - - if v.TopLevel { - debugLog("replace pointer %s by canonical definition: %s", key, v.Ref.String()) - // if the schema is a $ref to a top level definition, just rewrite the pointer to this $ref - if err := updateRef(opts.Swagger(), key, v.Ref); err != nil { - return err - } - } else { - // this is a JSON pointer to an anonymous document (internal or external): - // create a definition for this schema when: - // - it is a complex schema - // - or it is pointed by more than one $ref (i.e. expresses commonality) - // otherwise, expand the pointer (single reference to a simple type) - // - // The named definition for this follows the target's key, not the caller's - debugLog("namePointers at %s for %s", key, v.Ref.String()) - - // qualify the expanded schema - /* - if key == "#/paths/~1some~1where~1{id}/get/parameters/1/items" { - // DEBUG - //func getPointerFromKey(spec interface{}, key string) (string, interface{}, error) { - k, res, err := getPointerFromKey(namer.Spec, key) - debugLog("k = %s, res=%#v, err=%v", k, res, err) - } - */ - asch, ers := Schema(SchemaOpts{Schema: v.Schema, Root: opts.Swagger(), BasePath: opts.BasePath}) - if ers != nil { - return fmt.Errorf("schema analysis [%s]: %v", key, ers) - } - callers := make([]string, 0, 64) - - debugLog("looking for callers") - an := New(opts.Swagger()) - for k, w := range an.references.allRefs { - r, _, erd := deepestRef(opts, w) - if erd != nil { - return fmt.Errorf("at %s, %v", key, erd) - } - if r.String() == v.Ref.String() { - callers = append(callers, k) - } - } - debugLog("callers for %s: %d", v.Ref.String(), len(callers)) - if len(callers) == 0 { - // has already been updated and resolved - continue - } - - parts := keyParts(v.Ref.String()) - debugLog("number of callers for %s: %d", v.Ref.String(), len(callers)) - // identifying edge case when the namer did nothing because we point to a non-schema object - // no definition is created and we expand the $ref for all callers - if (!asch.IsSimpleSchema || len(callers) > 1) && !parts.IsSharedParam() && !parts.IsSharedResponse() { - debugLog("replace JSON pointer at [%s] by definition: %s", key, v.Ref.String()) - if err := namer.Name(v.Ref.String(), v.Schema, asch); err != nil { - return err - } - - // regular case: we named the $ref as a definition, and we move all callers to this new $ref - for _, caller := range callers { - if caller != key { - // move $ref for next to resolve - debugLog("identified caller of %s at [%s]", v.Ref.String(), caller) - c := refsToReplace[caller] - c.Ref = v.Ref - refsToReplace[caller] = c - } - } - } else { - debugLog("expand JSON pointer for key=%s", key) - if err := updateRefWithSchema(opts.Swagger(), key, v.Schema); err != nil { - return err - } - // NOTE: there is no other caller to update - } - } - } - opts.Spec.reload() // re-analyze - return nil -} - -// deepestRef finds the first definition ref, from a cascade of nested refs which are not definitions. -// - if no definition is found, returns the deepest ref. -// - pointers to external files are expanded -// -// NOTE: all external $ref's are assumed to be already expanded at this stage. -func deepestRef(opts *FlattenOpts, ref swspec.Ref) (swspec.Ref, *swspec.Schema, error) { - if !ref.HasFragmentOnly { - // we found an external $ref, which is odd - // does nothing on external $refs - return ref, nil, nil - } - currentRef := ref - visited := make(map[string]bool, 64) -DOWNREF: - for currentRef.String() != "" { - if slashpath.Dir(currentRef.String()) == definitionsPath { - // this is a top-level definition: stop here and return this ref - return currentRef, nil, nil - } - if _, beenThere := visited[currentRef.String()]; beenThere { - return swspec.Ref{}, nil, - fmt.Errorf("cannot resolve cyclic chain of pointers under %s", currentRef.String()) - } - visited[currentRef.String()] = true - value, _, err := currentRef.GetPointer().Get(opts.Swagger()) - if err != nil { - return swspec.Ref{}, nil, err - } - switch refable := value.(type) { - case *swspec.Schema: - if refable.Ref.String() == "" { - break DOWNREF - } - currentRef = refable.Ref - - case swspec.Schema: - if refable.Ref.String() == "" { - break DOWNREF - } - currentRef = refable.Ref - - case *swspec.SchemaOrArray: - if refable.Schema == nil || refable.Schema != nil && refable.Schema.Ref.String() == "" { - break DOWNREF - } - currentRef = refable.Schema.Ref - - case *swspec.SchemaOrBool: - if refable.Schema == nil || refable.Schema != nil && refable.Schema.Ref.String() == "" { - break DOWNREF - } - currentRef = refable.Schema.Ref - - case swspec.Response: - // a pointer points to a schema initially marshalled in responses section... - // Attempt to convert this to a schema. If this fails, the spec is invalid - asJSON, _ := refable.MarshalJSON() - var asSchema swspec.Schema - err := asSchema.UnmarshalJSON(asJSON) - if err != nil { - return swspec.Ref{}, nil, - fmt.Errorf("invalid type for resolved JSON pointer %s. Expected a schema a, got: %T", - currentRef.String(), value) - - } - opts.flattenContext.warnings = append(opts.flattenContext.warnings, - fmt.Sprintf("found $ref %q (response) interpreted as schema", currentRef.String())) - - if asSchema.Ref.String() == "" { - break DOWNREF - } - currentRef = asSchema.Ref - - case swspec.Parameter: - // a pointer points to a schema initially marshalled in parameters section... - // Attempt to convert this to a schema. If this fails, the spec is invalid - asJSON, _ := refable.MarshalJSON() - var asSchema swspec.Schema - err := asSchema.UnmarshalJSON(asJSON) - if err != nil { - return swspec.Ref{}, nil, - fmt.Errorf("invalid type for resolved JSON pointer %s. Expected a schema a, got: %T", - currentRef.String(), value) - - } - opts.flattenContext.warnings = append(opts.flattenContext.warnings, - fmt.Sprintf("found $ref %q (parameter) interpreted as schema", currentRef.String())) - - if asSchema.Ref.String() == "" { - break DOWNREF - } - currentRef = asSchema.Ref - - default: - return swspec.Ref{}, nil, - fmt.Errorf("unhandled type to resolve JSON pointer %s. Expected a Schema, got: %T", - currentRef.String(), value) - - } - } - // assess what schema we're ending with - sch, erv := swspec.ResolveRefWithBase(opts.Swagger(), ¤tRef, opts.ExpandOpts(false)) - if erv != nil { - return swspec.Ref{}, nil, erv - } - if sch == nil { - return swspec.Ref{}, nil, fmt.Errorf("no schema found at %s", currentRef.String()) - } - return currentRef, sch, nil -} - -// normalizeRef strips the current file from any $ref. This works around issue go-openapi/spec#76: -// leading absolute file in $ref is stripped -func normalizeRef(opts *FlattenOpts) error { - debugLog("normalizeRef") - opts.Spec.reload() // re-analyze - for k, w := range opts.Spec.references.allRefs { - if strings.HasPrefix(w.String(), opts.BasePath+definitionsPath) { // may be a mix of / and \, depending on OS - // strip base path from definition - debugLog("stripping absolute path for: %s", w.String()) - if err := updateRef(opts.Swagger(), k, - swspec.MustCreateRef(slashpath.Join(definitionsPath, slashpath.Base(w.String())))); err != nil { - return err - } - } - } - opts.Spec.reload() // re-analyze - return nil -} diff --git a/vendor/github.com/go-openapi/analysis/go.mod b/vendor/github.com/go-openapi/analysis/go.mod deleted file mode 100644 index 6c8e58577cf5..000000000000 --- a/vendor/github.com/go-openapi/analysis/go.mod +++ /dev/null @@ -1,13 +0,0 @@ -module github.com/go-openapi/analysis - -require ( - github.com/go-openapi/jsonpointer v0.19.3 - github.com/go-openapi/loads v0.19.0 - github.com/go-openapi/spec v0.19.3 - github.com/go-openapi/strfmt v0.19.3 - github.com/go-openapi/swag v0.19.5 - github.com/stretchr/testify v1.3.0 - go.mongodb.org/mongo-driver v1.1.1 // indirect -) - -go 1.13 diff --git a/vendor/github.com/go-openapi/analysis/go.sum b/vendor/github.com/go-openapi/analysis/go.sum deleted file mode 100644 index 8e8b5f9bc474..000000000000 --- a/vendor/github.com/go-openapi/analysis/go.sum +++ /dev/null @@ -1,97 +0,0 @@ -github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= -github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.19.2 h1:a2kIyV3w+OS3S97zxUndRVD46+FhGOUBDFY7nmu4CsY= -github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= -github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.19.2 h1:A9+F4Dc/MCNB5jibxf6rRvOvR/iFgQdyNx9eIhnGqq0= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3 h1:gihV7YNZK1iK6Tgwwsxo2rJbD1GTbdm72325Bq8FI3w= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.19.2 h1:o20suLFB4Ri0tuzpWtyHlh7E7HnkqTNLq6aR6WVNS1w= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/loads v0.19.0 h1:wCOBNscACI8L93tt5tvB2zOMkJ098XCw3fP0BY2ybDA= -github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.19.3 h1:0XRyw8kguri6Yw4SxhsQA/atC88yqrk0+G4YhI2wabc= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.19.2 h1:clPGfBnJohokno0e+d7hs6Yocrzjlgz6EsQSDncCRnE= -github.com/go-openapi/strfmt v0.19.2/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= -github.com/go-openapi/strfmt v0.19.3 h1:eRfyY5SkaNJCAwmmMcADjY31ow9+N7MCLW7oRkbsINA= -github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= -github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.19.2 h1:jvO6bCMBEilGwMfHhrd61zIID4oIFdwb76V17SM88dE= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63 h1:nTT4s92Dgz2HlrB2NaMgvlfqHH39OgMhA7z3PK7PGD4= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e h1:hB2xlXdHp/pmPZq0y3QnmWAArdw9PqbmotexnWx/FU8= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= -github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -go.mongodb.org/mongo-driver v1.0.3 h1:GKoji1ld3tw2aC+GX1wbr/J2fX13yNacEYoJ8Nhr0yU= -go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.mongodb.org/mongo-driver v1.1.1 h1:Sq1fR+0c58RME5EoqKdjkiQAmPjmfHlZOoRI6fTUOcs= -go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980 h1:dfGZHvZk057jK2MCeWus/TowKpJ8y4AmooUzdBSR9GU= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 h1:k7pJ2yAPLPgbskkFdhRCsA77k2fySZ1zf2zCjvQCiIM= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/vendor/github.com/go-openapi/analysis/internal/post_go18.go b/vendor/github.com/go-openapi/analysis/internal/post_go18.go deleted file mode 100644 index f96f55c08733..000000000000 --- a/vendor/github.com/go-openapi/analysis/internal/post_go18.go +++ /dev/null @@ -1,29 +0,0 @@ -// +build go1.8 - -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package internal - -import "net/url" - -// PathUnescape provides url.PathUnescape(), with seamless -// go version support for pre-go1.8 -// -// TODO: this function is currently defined in go-openapi/swag, -// but unexported. We might chose to export it, or simple phase -// out pre-go1.8 support. -func PathUnescape(path string) (string, error) { - return url.PathUnescape(path) -} diff --git a/vendor/github.com/go-openapi/analysis/internal/pre_go18.go b/vendor/github.com/go-openapi/analysis/internal/pre_go18.go deleted file mode 100644 index 4cc644182209..000000000000 --- a/vendor/github.com/go-openapi/analysis/internal/pre_go18.go +++ /dev/null @@ -1,29 +0,0 @@ -// +build !go1.8 - -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package internal - -import "net/url" - -// PathUnescape provides url.PathUnescape(), with seamless -// go version support for pre-go1.8 -// -// TODO: this function is currently defined in go-openapi/swag, -// but unexported. We might chose to export it, or simple phase -// out pre-go1.8 support. -func PathUnescape(path string) (string, error) { - return url.QueryUnescape(path) -} diff --git a/vendor/github.com/go-openapi/analysis/mixin.go b/vendor/github.com/go-openapi/analysis/mixin.go deleted file mode 100644 index 625c46f8f9fb..000000000000 --- a/vendor/github.com/go-openapi/analysis/mixin.go +++ /dev/null @@ -1,425 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package analysis - -import ( - "fmt" - "reflect" - - "github.com/go-openapi/spec" -) - -// Mixin modifies the primary swagger spec by adding the paths and -// definitions from the mixin specs. Top level parameters and -// responses from the mixins are also carried over. Operation id -// collisions are avoided by appending "Mixin" but only if -// needed. -// -// The following parts of primary are subject to merge, filling empty details -// - Info -// - BasePath -// - Host -// - ExternalDocs -// -// Consider calling FixEmptyResponseDescriptions() on the modified primary -// if you read them from storage and they are valid to start with. -// -// Entries in "paths", "definitions", "parameters" and "responses" are -// added to the primary in the order of the given mixins. If the entry -// already exists in primary it is skipped with a warning message. -// -// The count of skipped entries (from collisions) is returned so any -// deviation from the number expected can flag a warning in your build -// scripts. Carefully review the collisions before accepting them; -// consider renaming things if possible. -// -// No key normalization takes place (paths, type defs, -// etc). Ensure they are canonical if your downstream tools do -// key normalization of any form. -// -// Merging schemes (http, https), and consumers/producers do not account for -// collisions. -func Mixin(primary *spec.Swagger, mixins ...*spec.Swagger) []string { - skipped := make([]string, 0, len(mixins)) - opIds := getOpIds(primary) - initPrimary(primary) - - for i, m := range mixins { - skipped = append(skipped, mergeSwaggerProps(primary, m)...) - - skipped = append(skipped, mergeConsumes(primary, m)...) - - skipped = append(skipped, mergeProduces(primary, m)...) - - skipped = append(skipped, mergeTags(primary, m)...) - - skipped = append(skipped, mergeSchemes(primary, m)...) - - skipped = append(skipped, mergeSecurityDefinitions(primary, m)...) - - skipped = append(skipped, mergeSecurityRequirements(primary, m)...) - - skipped = append(skipped, mergeDefinitions(primary, m)...) - - // merging paths requires a map of operationIDs to work with - skipped = append(skipped, mergePaths(primary, m, opIds, i)...) - - skipped = append(skipped, mergeParameters(primary, m)...) - - skipped = append(skipped, mergeResponses(primary, m)...) - } - return skipped -} - -// getOpIds extracts all the paths..operationIds from the given -// spec and returns them as the keys in a map with 'true' values. -func getOpIds(s *spec.Swagger) map[string]bool { - rv := make(map[string]bool) - if s.Paths == nil { - return rv - } - for _, v := range s.Paths.Paths { - piops := pathItemOps(v) - for _, op := range piops { - rv[op.ID] = true - } - } - return rv -} - -func pathItemOps(p spec.PathItem) []*spec.Operation { - var rv []*spec.Operation - rv = appendOp(rv, p.Get) - rv = appendOp(rv, p.Put) - rv = appendOp(rv, p.Post) - rv = appendOp(rv, p.Delete) - rv = appendOp(rv, p.Head) - rv = appendOp(rv, p.Patch) - return rv -} - -func appendOp(ops []*spec.Operation, op *spec.Operation) []*spec.Operation { - if op == nil { - return ops - } - return append(ops, op) -} - -func mergeSecurityDefinitions(primary *spec.Swagger, m *spec.Swagger) (skipped []string) { - for k, v := range m.SecurityDefinitions { - if _, exists := primary.SecurityDefinitions[k]; exists { - warn := fmt.Sprintf( - "SecurityDefinitions entry '%v' already exists in primary or higher priority mixin, skipping\n", k) - skipped = append(skipped, warn) - continue - } - primary.SecurityDefinitions[k] = v - } - return -} - -func mergeSecurityRequirements(primary *spec.Swagger, m *spec.Swagger) (skipped []string) { - for _, v := range m.Security { - found := false - for _, vv := range primary.Security { - if reflect.DeepEqual(v, vv) { - found = true - break - } - } - if found { - warn := fmt.Sprintf( - "Security requirement: '%v' already exists in primary or higher priority mixin, skipping\n", v) - skipped = append(skipped, warn) - continue - } - primary.Security = append(primary.Security, v) - } - return -} - -func mergeDefinitions(primary *spec.Swagger, m *spec.Swagger) (skipped []string) { - for k, v := range m.Definitions { - // assume name collisions represent IDENTICAL type. careful. - if _, exists := primary.Definitions[k]; exists { - warn := fmt.Sprintf( - "definitions entry '%v' already exists in primary or higher priority mixin, skipping\n", k) - skipped = append(skipped, warn) - continue - } - primary.Definitions[k] = v - } - return -} - -func mergePaths(primary *spec.Swagger, m *spec.Swagger, opIds map[string]bool, mixIndex int) (skipped []string) { - if m.Paths != nil { - for k, v := range m.Paths.Paths { - if _, exists := primary.Paths.Paths[k]; exists { - warn := fmt.Sprintf( - "paths entry '%v' already exists in primary or higher priority mixin, skipping\n", k) - skipped = append(skipped, warn) - continue - } - - // Swagger requires that operationIds be - // unique within a spec. If we find a - // collision we append "Mixin0" to the - // operatoinId we are adding, where 0 is mixin - // index. We assume that operationIds with - // all the proivded specs are already unique. - piops := pathItemOps(v) - for _, piop := range piops { - if opIds[piop.ID] { - piop.ID = fmt.Sprintf("%v%v%v", piop.ID, "Mixin", mixIndex) - } - opIds[piop.ID] = true - } - primary.Paths.Paths[k] = v - } - } - return -} - -func mergeParameters(primary *spec.Swagger, m *spec.Swagger) (skipped []string) { - for k, v := range m.Parameters { - // could try to rename on conflict but would - // have to fix $refs in the mixin. Complain - // for now - if _, exists := primary.Parameters[k]; exists { - warn := fmt.Sprintf( - "top level parameters entry '%v' already exists in primary or higher priority mixin, skipping\n", k) - skipped = append(skipped, warn) - continue - } - primary.Parameters[k] = v - } - return -} - -func mergeResponses(primary *spec.Swagger, m *spec.Swagger) (skipped []string) { - for k, v := range m.Responses { - // could try to rename on conflict but would - // have to fix $refs in the mixin. Complain - // for now - if _, exists := primary.Responses[k]; exists { - warn := fmt.Sprintf( - "top level responses entry '%v' already exists in primary or higher priority mixin, skipping\n", k) - skipped = append(skipped, warn) - continue - } - primary.Responses[k] = v - } - return skipped -} - -func mergeConsumes(primary *spec.Swagger, m *spec.Swagger) []string { - for _, v := range m.Consumes { - found := false - for _, vv := range primary.Consumes { - if v == vv { - found = true - break - } - } - if found { - // no warning here: we just skip it - continue - } - primary.Consumes = append(primary.Consumes, v) - } - return []string{} -} - -func mergeProduces(primary *spec.Swagger, m *spec.Swagger) []string { - for _, v := range m.Produces { - found := false - for _, vv := range primary.Produces { - if v == vv { - found = true - break - } - } - if found { - // no warning here: we just skip it - continue - } - primary.Produces = append(primary.Produces, v) - } - return []string{} -} - -func mergeTags(primary *spec.Swagger, m *spec.Swagger) (skipped []string) { - for _, v := range m.Tags { - found := false - for _, vv := range primary.Tags { - if v.Name == vv.Name { - found = true - break - } - } - if found { - warn := fmt.Sprintf( - "top level tags entry with name '%v' already exists in primary or higher priority mixin, skipping\n", v.Name) - skipped = append(skipped, warn) - continue - } - primary.Tags = append(primary.Tags, v) - } - return -} - -func mergeSchemes(primary *spec.Swagger, m *spec.Swagger) []string { - for _, v := range m.Schemes { - found := false - for _, vv := range primary.Schemes { - if v == vv { - found = true - break - } - } - if found { - // no warning here: we just skip it - continue - } - primary.Schemes = append(primary.Schemes, v) - } - return []string{} -} - -func mergeSwaggerProps(primary *spec.Swagger, m *spec.Swagger) []string { - var skipped []string - primary.Extensions, skipped = mergeExtensions(primary.Extensions, m.Extensions) - - // merging details in swagger top properties - if primary.Host == "" { - primary.Host = m.Host - } - if primary.BasePath == "" { - primary.BasePath = m.BasePath - } - if primary.Info == nil { - primary.Info = m.Info - } else if m.Info != nil { - var sk []string - primary.Info.Extensions, sk = mergeExtensions(primary.Info.Extensions, m.Info.Extensions) - skipped = append(skipped, sk...) - if primary.Info.Description == "" { - primary.Info.Description = m.Info.Description - } - if primary.Info.Title == "" { - primary.Info.Description = m.Info.Description - } - if primary.Info.TermsOfService == "" { - primary.Info.TermsOfService = m.Info.TermsOfService - } - if primary.Info.Version == "" { - primary.Info.Version = m.Info.Version - } - - if primary.Info.Contact == nil { - primary.Info.Contact = m.Info.Contact - } else if m.Info.Contact != nil { - if primary.Info.Contact.Name == "" { - primary.Info.Contact.Name = m.Info.Contact.Name - } - if primary.Info.Contact.URL == "" { - primary.Info.Contact.URL = m.Info.Contact.URL - } - if primary.Info.Contact.Email == "" { - primary.Info.Contact.Email = m.Info.Contact.Email - } - } - - if primary.Info.License == nil { - primary.Info.License = m.Info.License - } else if m.Info.License != nil { - if primary.Info.License.Name == "" { - primary.Info.License.Name = m.Info.License.Name - } - if primary.Info.License.URL == "" { - primary.Info.License.URL = m.Info.License.URL - } - } - - } - if primary.ExternalDocs == nil { - primary.ExternalDocs = m.ExternalDocs - } else if m.ExternalDocs != nil { - if primary.ExternalDocs.Description == "" { - primary.ExternalDocs.Description = m.ExternalDocs.Description - } - if primary.ExternalDocs.URL == "" { - primary.ExternalDocs.URL = m.ExternalDocs.URL - } - } - return skipped -} - -func mergeExtensions(primary spec.Extensions, m spec.Extensions) (result spec.Extensions, skipped []string) { - if primary == nil { - result = m - return - } - if m == nil { - result = primary - return - } - result = primary - for k, v := range m { - if _, found := primary[k]; found { - skipped = append(skipped, k) - continue - } - primary[k] = v - } - return -} - -func initPrimary(primary *spec.Swagger) { - if primary.SecurityDefinitions == nil { - primary.SecurityDefinitions = make(map[string]*spec.SecurityScheme) - } - if primary.Security == nil { - primary.Security = make([]map[string][]string, 0, 10) - } - if primary.Produces == nil { - primary.Produces = make([]string, 0, 10) - } - if primary.Consumes == nil { - primary.Consumes = make([]string, 0, 10) - } - if primary.Tags == nil { - primary.Tags = make([]spec.Tag, 0, 10) - } - if primary.Schemes == nil { - primary.Schemes = make([]string, 0, 10) - } - if primary.Paths == nil { - primary.Paths = &spec.Paths{Paths: make(map[string]spec.PathItem)} - } - if primary.Paths.Paths == nil { - primary.Paths.Paths = make(map[string]spec.PathItem) - } - if primary.Definitions == nil { - primary.Definitions = make(spec.Definitions) - } - if primary.Parameters == nil { - primary.Parameters = make(map[string]spec.Parameter) - } - if primary.Responses == nil { - primary.Responses = make(map[string]spec.Response) - } -} diff --git a/vendor/github.com/go-openapi/analysis/schema.go b/vendor/github.com/go-openapi/analysis/schema.go deleted file mode 100644 index 398c7806394d..000000000000 --- a/vendor/github.com/go-openapi/analysis/schema.go +++ /dev/null @@ -1,234 +0,0 @@ -package analysis - -import ( - "fmt" - - "github.com/go-openapi/spec" - "github.com/go-openapi/strfmt" -) - -// SchemaOpts configures the schema analyzer -type SchemaOpts struct { - Schema *spec.Schema - Root interface{} - BasePath string - _ struct{} -} - -// Schema analysis, will classify the schema according to known -// patterns. -func Schema(opts SchemaOpts) (*AnalyzedSchema, error) { - if opts.Schema == nil { - return nil, fmt.Errorf("no schema to analyze") - } - - a := &AnalyzedSchema{ - schema: opts.Schema, - root: opts.Root, - basePath: opts.BasePath, - } - - a.initializeFlags() - a.inferKnownType() - a.inferEnum() - a.inferBaseType() - - if err := a.inferMap(); err != nil { - return nil, err - } - if err := a.inferArray(); err != nil { - return nil, err - } - - a.inferTuple() - - if err := a.inferFromRef(); err != nil { - return nil, err - } - - a.inferSimpleSchema() - return a, nil -} - -// AnalyzedSchema indicates what the schema represents -type AnalyzedSchema struct { - schema *spec.Schema - root interface{} - basePath string - - hasProps bool - hasAllOf bool - hasItems bool - hasAdditionalProps bool - hasAdditionalItems bool - hasRef bool - - IsKnownType bool - IsSimpleSchema bool - IsArray bool - IsSimpleArray bool - IsMap bool - IsSimpleMap bool - IsExtendedObject bool - IsTuple bool - IsTupleWithExtra bool - IsBaseType bool - IsEnum bool -} - -// Inherits copies value fields from other onto this schema -func (a *AnalyzedSchema) inherits(other *AnalyzedSchema) { - if other == nil { - return - } - a.hasProps = other.hasProps - a.hasAllOf = other.hasAllOf - a.hasItems = other.hasItems - a.hasAdditionalItems = other.hasAdditionalItems - a.hasAdditionalProps = other.hasAdditionalProps - a.hasRef = other.hasRef - - a.IsKnownType = other.IsKnownType - a.IsSimpleSchema = other.IsSimpleSchema - a.IsArray = other.IsArray - a.IsSimpleArray = other.IsSimpleArray - a.IsMap = other.IsMap - a.IsSimpleMap = other.IsSimpleMap - a.IsExtendedObject = other.IsExtendedObject - a.IsTuple = other.IsTuple - a.IsTupleWithExtra = other.IsTupleWithExtra - a.IsBaseType = other.IsBaseType - a.IsEnum = other.IsEnum -} - -func (a *AnalyzedSchema) inferFromRef() error { - if a.hasRef { - sch := new(spec.Schema) - sch.Ref = a.schema.Ref - err := spec.ExpandSchema(sch, a.root, nil) - if err != nil { - return err - } - rsch, err := Schema(SchemaOpts{ - Schema: sch, - Root: a.root, - BasePath: a.basePath, - }) - if err != nil { - // NOTE(fredbi): currently the only cause for errors is - // unresolved ref. Since spec.ExpandSchema() expands the - // schema recursively, there is no chance to get there, - // until we add more causes for error in this schema analysis. - return err - } - a.inherits(rsch) - } - return nil -} - -func (a *AnalyzedSchema) inferSimpleSchema() { - a.IsSimpleSchema = a.IsKnownType || a.IsSimpleArray || a.IsSimpleMap -} - -func (a *AnalyzedSchema) inferKnownType() { - tpe := a.schema.Type - format := a.schema.Format - a.IsKnownType = tpe.Contains("boolean") || - tpe.Contains("integer") || - tpe.Contains("number") || - tpe.Contains("string") || - (format != "" && strfmt.Default.ContainsName(format)) || - (a.isObjectType() && !a.hasProps && !a.hasAllOf && !a.hasAdditionalProps && !a.hasAdditionalItems) -} - -func (a *AnalyzedSchema) inferMap() error { - if a.isObjectType() { - hasExtra := a.hasProps || a.hasAllOf - a.IsMap = a.hasAdditionalProps && !hasExtra - a.IsExtendedObject = a.hasAdditionalProps && hasExtra - if a.IsMap { - if a.schema.AdditionalProperties.Schema != nil { - msch, err := Schema(SchemaOpts{ - Schema: a.schema.AdditionalProperties.Schema, - Root: a.root, - BasePath: a.basePath, - }) - if err != nil { - return err - } - a.IsSimpleMap = msch.IsSimpleSchema - } else if a.schema.AdditionalProperties.Allows { - a.IsSimpleMap = true - } - } - } - return nil -} - -func (a *AnalyzedSchema) inferArray() error { - // an array has Items defined as an object schema, otherwise we qualify this JSON array as a tuple - // (yes, even if the Items array contains only one element). - // arrays in JSON schema may be unrestricted (i.e no Items specified). - // Note that arrays in Swagger MUST have Items. Nonetheless, we analyze unrestricted arrays. - // - // NOTE: the spec package misses the distinction between: - // items: [] and items: {}, so we consider both arrays here. - a.IsArray = a.isArrayType() && (a.schema.Items == nil || a.schema.Items.Schemas == nil) - if a.IsArray && a.hasItems { - if a.schema.Items.Schema != nil { - itsch, err := Schema(SchemaOpts{ - Schema: a.schema.Items.Schema, - Root: a.root, - BasePath: a.basePath, - }) - if err != nil { - return err - } - a.IsSimpleArray = itsch.IsSimpleSchema - } - } - if a.IsArray && !a.hasItems { - a.IsSimpleArray = true - } - return nil -} - -func (a *AnalyzedSchema) inferTuple() { - tuple := a.hasItems && a.schema.Items.Schemas != nil - a.IsTuple = tuple && !a.hasAdditionalItems - a.IsTupleWithExtra = tuple && a.hasAdditionalItems -} - -func (a *AnalyzedSchema) inferBaseType() { - if a.isObjectType() { - a.IsBaseType = a.schema.Discriminator != "" - } -} - -func (a *AnalyzedSchema) inferEnum() { - a.IsEnum = len(a.schema.Enum) > 0 -} - -func (a *AnalyzedSchema) initializeFlags() { - a.hasProps = len(a.schema.Properties) > 0 - a.hasAllOf = len(a.schema.AllOf) > 0 - a.hasRef = a.schema.Ref.String() != "" - - a.hasItems = a.schema.Items != nil && - (a.schema.Items.Schema != nil || len(a.schema.Items.Schemas) > 0) - - a.hasAdditionalProps = a.schema.AdditionalProperties != nil && - (a.schema.AdditionalProperties != nil || a.schema.AdditionalProperties.Allows) - - a.hasAdditionalItems = a.schema.AdditionalItems != nil && - (a.schema.AdditionalItems.Schema != nil || a.schema.AdditionalItems.Allows) - -} - -func (a *AnalyzedSchema) isObjectType() bool { - return !a.hasRef && (a.schema.Type == nil || a.schema.Type.Contains("") || a.schema.Type.Contains("object")) -} - -func (a *AnalyzedSchema) isArrayType() bool { - return !a.hasRef && (a.schema.Type != nil && a.schema.Type.Contains("array")) -} diff --git a/vendor/github.com/go-openapi/errors/.golangci.yml b/vendor/github.com/go-openapi/errors/.golangci.yml deleted file mode 100644 index 6badaf1549f8..000000000000 --- a/vendor/github.com/go-openapi/errors/.golangci.yml +++ /dev/null @@ -1,20 +0,0 @@ -linters-settings: - govet: - check-shadowing: true - golint: - min-confidence: 0 - gocyclo: - min-complexity: 30 - maligned: - suggest-new: true - dupl: - threshold: 100 - goconst: - min-len: 2 - min-occurrences: 4 -linters: - enable-all: true - disable: - - maligned - - lll - - gochecknoglobals diff --git a/vendor/github.com/go-openapi/errors/.travis.yml b/vendor/github.com/go-openapi/errors/.travis.yml deleted file mode 100644 index ba8a6d5918fc..000000000000 --- a/vendor/github.com/go-openapi/errors/.travis.yml +++ /dev/null @@ -1,15 +0,0 @@ -after_success: -- bash <(curl -s https://codecov.io/bash) -go: -- 1.11.x -- 1.12.x -install: -- GO111MODULE=off go get -u gotest.tools/gotestsum -env: -- GO111MODULE=on -language: go -notifications: - slack: - secure: gZGp9NaHxi7zawlXJXKY92BGeDR1x0tbIcTyU5nMKLq0fhIaiEBJEeALwZ4VgqsSv3DytSSF5mLH8fevAM3ixE6hxjKQ+lQuf7V/w3btCN1CSWgoua5LOh1kTnqZQtJuRvO4pzoJcT3bJWBsVZ07VGNVzzJEy/zAKCHFqBUCXShw7QemlLBcYWFNqveTlvDIfCzvouoLnPoXwxEpkjxe9uz/ZKZgAnup/fXjC8RFctmgCnkCyvJTk0Y/fZCsufixJrJhshBWTnlrFCzRmgNkz2d+i1Ls3+MJ5EJJ2Tx/A5S63dL49J1f9Kr0AKHADmulSy8JNzIckKwbyFMYUecrsW+Lsu9DhnVMy1jj5pKsJDLRi2iIU3fXTMWbcyQbXjbbnBO2mPdP3Tzme75y4D9fc8hUPeyqVv2BU26NEbQ7EF2pKJ93OXvci7HlwRBgdJa8j6mP2LEDClcPQW00g7N/OZe0cTOMa8L5AwiBlbArwqt9wv6YLJoTG0wpDhzWsFvbCg5bJxe28Yn3fIDD0Lk1I7iSnBbp/5gzF19jmxqvcT8tHRkDL4xfjbENFTZjA5uB4Z4pj4WSyWQILLV/Jwhe3fi9uQwdviFHfj5pnVrmNUiGSOQL672K5wl2c3E9mGwejvsu2dfEz28n7Y/FUnOpY3/cBS0n27JJaerS0zMKNLE= -script: -- gotestsum -f short-verbose -- -race -coverprofile=coverage.txt -covermode=atomic ./... diff --git a/vendor/github.com/go-openapi/errors/CODE_OF_CONDUCT.md b/vendor/github.com/go-openapi/errors/CODE_OF_CONDUCT.md deleted file mode 100644 index 9322b065e37a..000000000000 --- a/vendor/github.com/go-openapi/errors/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,74 +0,0 @@ -# Contributor Covenant Code of Conduct - -## Our Pledge - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, gender identity and expression, level of experience, -nationality, personal appearance, race, religion, or sexual identity and -orientation. - -## Our Standards - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or -advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic - address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a - professional setting - -## Our Responsibilities - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -## Scope - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at ivan+abuse@flanders.co.nz. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, -available at [http://contributor-covenant.org/version/1/4][version] - -[homepage]: http://contributor-covenant.org -[version]: http://contributor-covenant.org/version/1/4/ diff --git a/vendor/github.com/go-openapi/errors/README.md b/vendor/github.com/go-openapi/errors/README.md deleted file mode 100644 index 0ce50b23b2e9..000000000000 --- a/vendor/github.com/go-openapi/errors/README.md +++ /dev/null @@ -1,8 +0,0 @@ -# OpenAPI errors [![Build Status](https://travis-ci.org/go-openapi/errors.svg?branch=master)](https://travis-ci.org/go-openapi/errors) [![codecov](https://codecov.io/gh/go-openapi/errors/branch/master/graph/badge.svg)](https://codecov.io/gh/go-openapi/errors) [![Slack Status](https://slackin.goswagger.io/badge.svg)](https://slackin.goswagger.io) - -[![license](http://img.shields.io/badge/license-Apache%20v2-orange.svg)](https://raw.githubusercontent.com/go-openapi/errors/master/LICENSE) -[![GoDoc](https://godoc.org/github.com/go-openapi/errors?status.svg)](http://godoc.org/github.com/go-openapi/errors) -[![GolangCI](https://golangci.com/badges/github.com/go-openapi/errors.svg)](https://golangci.com) -[![Go Report Card](https://goreportcard.com/badge/github.com/go-openapi/errors)](https://goreportcard.com/report/github.com/go-openapi/errors) - -Shared errors and error interface used throughout the various libraries found in the go-openapi toolkit. diff --git a/vendor/github.com/go-openapi/errors/api.go b/vendor/github.com/go-openapi/errors/api.go deleted file mode 100644 index 7667cee76c9c..000000000000 --- a/vendor/github.com/go-openapi/errors/api.go +++ /dev/null @@ -1,164 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package errors - -import ( - "encoding/json" - "fmt" - "net/http" - "reflect" - "strings" -) - -// DefaultHTTPCode is used when the error Code cannot be used as an HTTP code. -var DefaultHTTPCode = http.StatusUnprocessableEntity - -// Error represents a error interface all swagger framework errors implement -type Error interface { - error - Code() int32 -} - -type apiError struct { - code int32 - message string -} - -func (a *apiError) Error() string { - return a.message -} - -func (a *apiError) Code() int32 { - return a.code -} - -// New creates a new API error with a code and a message -func New(code int32, message string, args ...interface{}) Error { - if len(args) > 0 { - return &apiError{code, fmt.Sprintf(message, args...)} - } - return &apiError{code, message} -} - -// NotFound creates a new not found error -func NotFound(message string, args ...interface{}) Error { - if message == "" { - message = "Not found" - } - return New(http.StatusNotFound, fmt.Sprintf(message, args...)) -} - -// NotImplemented creates a new not implemented error -func NotImplemented(message string) Error { - return New(http.StatusNotImplemented, message) -} - -// MethodNotAllowedError represents an error for when the path matches but the method doesn't -type MethodNotAllowedError struct { - code int32 - Allowed []string - message string -} - -func (m *MethodNotAllowedError) Error() string { - return m.message -} - -// Code the error code -func (m *MethodNotAllowedError) Code() int32 { - return m.code -} - -func errorAsJSON(err Error) []byte { - b, _ := json.Marshal(struct { - Code int32 `json:"code"` - Message string `json:"message"` - }{err.Code(), err.Error()}) - return b -} - -func flattenComposite(errs *CompositeError) *CompositeError { - var res []error - for _, er := range errs.Errors { - switch e := er.(type) { - case *CompositeError: - if len(e.Errors) > 0 { - flat := flattenComposite(e) - if len(flat.Errors) > 0 { - res = append(res, flat.Errors...) - } - } - default: - if e != nil { - res = append(res, e) - } - } - } - return CompositeValidationError(res...) -} - -// MethodNotAllowed creates a new method not allowed error -func MethodNotAllowed(requested string, allow []string) Error { - msg := fmt.Sprintf("method %s is not allowed, but [%s] are", requested, strings.Join(allow, ",")) - return &MethodNotAllowedError{code: http.StatusMethodNotAllowed, Allowed: allow, message: msg} -} - -// ServeError the error handler interface implementation -func ServeError(rw http.ResponseWriter, r *http.Request, err error) { - rw.Header().Set("Content-Type", "application/json") - switch e := err.(type) { - case *CompositeError: - er := flattenComposite(e) - // strips composite errors to first element only - if len(er.Errors) > 0 { - ServeError(rw, r, er.Errors[0]) - } else { - // guard against empty CompositeError (invalid construct) - ServeError(rw, r, nil) - } - case *MethodNotAllowedError: - rw.Header().Add("Allow", strings.Join(err.(*MethodNotAllowedError).Allowed, ",")) - rw.WriteHeader(asHTTPCode(int(e.Code()))) - if r == nil || r.Method != http.MethodHead { - _, _ = rw.Write(errorAsJSON(e)) - } - case Error: - value := reflect.ValueOf(e) - if value.Kind() == reflect.Ptr && value.IsNil() { - rw.WriteHeader(http.StatusInternalServerError) - _, _ = rw.Write(errorAsJSON(New(http.StatusInternalServerError, "Unknown error"))) - return - } - rw.WriteHeader(asHTTPCode(int(e.Code()))) - if r == nil || r.Method != http.MethodHead { - _, _ = rw.Write(errorAsJSON(e)) - } - case nil: - rw.WriteHeader(http.StatusInternalServerError) - _, _ = rw.Write(errorAsJSON(New(http.StatusInternalServerError, "Unknown error"))) - default: - rw.WriteHeader(http.StatusInternalServerError) - if r == nil || r.Method != http.MethodHead { - _, _ = rw.Write(errorAsJSON(New(http.StatusInternalServerError, err.Error()))) - } - } -} - -func asHTTPCode(input int) int { - if input >= 600 { - return DefaultHTTPCode - } - return input -} diff --git a/vendor/github.com/go-openapi/errors/go.mod b/vendor/github.com/go-openapi/errors/go.mod deleted file mode 100644 index 084143001f02..000000000000 --- a/vendor/github.com/go-openapi/errors/go.mod +++ /dev/null @@ -1,6 +0,0 @@ -module github.com/go-openapi/errors - -require ( - github.com/stretchr/objx v0.2.0 // indirect - github.com/stretchr/testify v1.3.0 -) diff --git a/vendor/github.com/go-openapi/errors/go.sum b/vendor/github.com/go-openapi/errors/go.sum deleted file mode 100644 index e7314e279fb5..000000000000 --- a/vendor/github.com/go-openapi/errors/go.sum +++ /dev/null @@ -1,9 +0,0 @@ -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= diff --git a/vendor/github.com/go-openapi/errors/headers.go b/vendor/github.com/go-openapi/errors/headers.go deleted file mode 100644 index 0360c094ea31..000000000000 --- a/vendor/github.com/go-openapi/errors/headers.go +++ /dev/null @@ -1,85 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package errors - -import ( - "fmt" - "net/http" -) - -// Validation represents a failure of a precondition -type Validation struct { - code int32 - Name string - In string - Value interface{} - message string - Values []interface{} -} - -func (e *Validation) Error() string { - return e.message -} - -// Code the error code -func (e *Validation) Code() int32 { - return e.code -} - -// ValidateName produces an error message name for an aliased property -func (e *Validation) ValidateName(name string) *Validation { - if e.Name == "" && name != "" { - e.Name = name - e.message = name + e.message - } - return e -} - -const ( - contentTypeFail = `unsupported media type %q, only %v are allowed` - responseFormatFail = `unsupported media type requested, only %v are available` -) - -// InvalidContentType error for an invalid content type -func InvalidContentType(value string, allowed []string) *Validation { - values := make([]interface{}, 0, len(allowed)) - for _, v := range allowed { - values = append(values, v) - } - return &Validation{ - code: http.StatusUnsupportedMediaType, - Name: "Content-Type", - In: "header", - Value: value, - Values: values, - message: fmt.Sprintf(contentTypeFail, value, allowed), - } -} - -// InvalidResponseFormat error for an unacceptable response format request -func InvalidResponseFormat(value string, allowed []string) *Validation { - values := make([]interface{}, 0, len(allowed)) - for _, v := range allowed { - values = append(values, v) - } - return &Validation{ - code: http.StatusNotAcceptable, - Name: "Accept", - In: "header", - Value: value, - Values: values, - message: fmt.Sprintf(responseFormatFail, allowed), - } -} diff --git a/vendor/github.com/go-openapi/errors/middleware.go b/vendor/github.com/go-openapi/errors/middleware.go deleted file mode 100644 index 6390d4636aa3..000000000000 --- a/vendor/github.com/go-openapi/errors/middleware.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package errors - -import ( - "bytes" - "fmt" - "strings" -) - -// APIVerificationFailed is an error that contains all the missing info for a mismatched section -// between the api registrations and the api spec -type APIVerificationFailed struct { - Section string - MissingSpecification []string - MissingRegistration []string -} - -// -func (v *APIVerificationFailed) Error() string { - buf := bytes.NewBuffer(nil) - - hasRegMissing := len(v.MissingRegistration) > 0 - hasSpecMissing := len(v.MissingSpecification) > 0 - - if hasRegMissing { - buf.WriteString(fmt.Sprintf("missing [%s] %s registrations", strings.Join(v.MissingRegistration, ", "), v.Section)) - } - - if hasRegMissing && hasSpecMissing { - buf.WriteString("\n") - } - - if hasSpecMissing { - buf.WriteString(fmt.Sprintf("missing from spec file [%s] %s", strings.Join(v.MissingSpecification, ", "), v.Section)) - } - - return buf.String() -} diff --git a/vendor/github.com/go-openapi/errors/parsing.go b/vendor/github.com/go-openapi/errors/parsing.go deleted file mode 100644 index 1bae87302a6b..000000000000 --- a/vendor/github.com/go-openapi/errors/parsing.go +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package errors - -import "fmt" - -// ParseError respresents a parsing error -type ParseError struct { - code int32 - Name string - In string - Value string - Reason error - message string -} - -func (e *ParseError) Error() string { - return e.message -} - -// Code returns the http status code for this error -func (e *ParseError) Code() int32 { - return e.code -} - -const ( - parseErrorTemplContent = `parsing %s %s from %q failed, because %s` - parseErrorTemplContentNoIn = `parsing %s from %q failed, because %s` -) - -// NewParseError creates a new parse error -func NewParseError(name, in, value string, reason error) *ParseError { - var msg string - if in == "" { - msg = fmt.Sprintf(parseErrorTemplContentNoIn, name, value, reason) - } else { - msg = fmt.Sprintf(parseErrorTemplContent, name, in, value, reason) - } - return &ParseError{ - code: 400, - Name: name, - In: in, - Value: value, - Reason: reason, - message: msg, - } -} diff --git a/vendor/github.com/go-openapi/loads/.editorconfig b/vendor/github.com/go-openapi/loads/.editorconfig deleted file mode 100644 index 3152da69a5d7..000000000000 --- a/vendor/github.com/go-openapi/loads/.editorconfig +++ /dev/null @@ -1,26 +0,0 @@ -# top-most EditorConfig file -root = true - -# Unix-style newlines with a newline ending every file -[*] -end_of_line = lf -insert_final_newline = true -indent_style = space -indent_size = 2 -trim_trailing_whitespace = true - -# Set default charset -[*.{js,py,go,scala,rb,java,html,css,less,sass,md}] -charset = utf-8 - -# Tab indentation (no size specified) -[*.go] -indent_style = tab - -[*.md] -trim_trailing_whitespace = false - -# Matches the exact files either package.json or .travis.yml -[{package.json,.travis.yml}] -indent_style = space -indent_size = 2 diff --git a/vendor/github.com/go-openapi/loads/.gitignore b/vendor/github.com/go-openapi/loads/.gitignore deleted file mode 100644 index e4f15f17bfc2..000000000000 --- a/vendor/github.com/go-openapi/loads/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -secrets.yml -coverage.out -profile.cov -profile.out diff --git a/vendor/github.com/go-openapi/loads/.golangci.yml b/vendor/github.com/go-openapi/loads/.golangci.yml deleted file mode 100644 index 1932914e6d1a..000000000000 --- a/vendor/github.com/go-openapi/loads/.golangci.yml +++ /dev/null @@ -1,22 +0,0 @@ -linters-settings: - govet: - check-shadowing: true - golint: - min-confidence: 0 - gocyclo: - min-complexity: 30 - maligned: - suggest-new: true - dupl: - threshold: 100 - goconst: - min-len: 2 - min-occurrences: 4 - -linters: - enable-all: true - disable: - - maligned - - lll - - gochecknoglobals - - gochecknoinits diff --git a/vendor/github.com/go-openapi/loads/.travis.yml b/vendor/github.com/go-openapi/loads/.travis.yml deleted file mode 100644 index 8a7e05d911c6..000000000000 --- a/vendor/github.com/go-openapi/loads/.travis.yml +++ /dev/null @@ -1,15 +0,0 @@ -after_success: -- bash <(curl -s https://codecov.io/bash) -go: -- 1.11.x -- 1.12.x -install: -- GO111MODULE=off go get -u gotest.tools/gotestsum -env: -- GO111MODULE=on -language: go -notifications: - slack: - secure: OxkPwVp35qBTUilgWC8xykSj+sGMcj0h8IIOKD+Rflx2schZVlFfdYdyVBM+s9OqeOfvtuvnR9v1Ye2rPKAvcjWdC4LpRGUsgmItZaI6Um8Aj6+K9udCw5qrtZVfOVmRu8LieH//XznWWKdOultUuniW0MLqw5+II87Gd00RWbCGi0hk0PykHe7uK+PDA2BEbqyZ2WKKYCvfB3j+0nrFOHScXqnh0V05l2E83J4+Sgy1fsPy+1WdX58ZlNBG333ibaC1FS79XvKSmTgKRkx3+YBo97u6ZtUmJa5WZjf2OdLG3KIckGWAv6R5xgxeU31N0Ng8L332w/Edpp2O/M2bZwdnKJ8hJQikXIAQbICbr+lTDzsoNzMdEIYcHpJ5hjPbiUl3Bmd+Jnsjf5McgAZDiWIfpCKZ29tPCEkVwRsOCqkyPRMNMzHHmoja495P5jR+ODS7+J8RFg5xgcnOgpP9D4Wlhztlf5WyZMpkLxTUD+bZq2SRf50HfHFXTkfq22zPl3d1eq0yrLwh/Z/fWKkfb6SyysROL8y6s8u3dpFX1YHSg0BR6i913h4aoZw9B2BG27cafLLTwKYsp2dFo1PWl4O6u9giFJIeqwloZHLKKrwh0cBFhB7RH0I58asxkZpCH6uWjJierahmHe7iS+E6i+9oCHkOZ59hmCYNimIs3hM= -script: -- gotestsum -f short-verbose -- -race -timeout=20m -coverprofile=coverage.txt -covermode=atomic ./... diff --git a/vendor/github.com/go-openapi/loads/CODE_OF_CONDUCT.md b/vendor/github.com/go-openapi/loads/CODE_OF_CONDUCT.md deleted file mode 100644 index 9322b065e37a..000000000000 --- a/vendor/github.com/go-openapi/loads/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,74 +0,0 @@ -# Contributor Covenant Code of Conduct - -## Our Pledge - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, gender identity and expression, level of experience, -nationality, personal appearance, race, religion, or sexual identity and -orientation. - -## Our Standards - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or -advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic - address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a - professional setting - -## Our Responsibilities - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -## Scope - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at ivan+abuse@flanders.co.nz. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, -available at [http://contributor-covenant.org/version/1/4][version] - -[homepage]: http://contributor-covenant.org -[version]: http://contributor-covenant.org/version/1/4/ diff --git a/vendor/github.com/go-openapi/loads/README.md b/vendor/github.com/go-openapi/loads/README.md deleted file mode 100644 index 071cf69ab97c..000000000000 --- a/vendor/github.com/go-openapi/loads/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Loads OAI specs [![Build Status](https://travis-ci.org/go-openapi/loads.svg?branch=master)](https://travis-ci.org/go-openapi/loads) [![codecov](https://codecov.io/gh/go-openapi/loads/branch/master/graph/badge.svg)](https://codecov.io/gh/go-openapi/loads) [![Slack Status](https://slackin.goswagger.io/badge.svg)](https://slackin.goswagger.io) - -[![license](http://img.shields.io/badge/license-Apache%20v2-orange.svg)](https://raw.githubusercontent.com/go-openapi/loads/master/LICENSE) [![GoDoc](https://godoc.org/github.com/go-openapi/loads?status.svg)](http://godoc.org/github.com/go-openapi/loads) -[![GolangCI](https://golangci.com/badges/github.com/go-openapi/loads.svg)](https://golangci.com) -[![Go Report Card](https://goreportcard.com/badge/github.com/go-openapi/loads)](https://goreportcard.com/report/github.com/go-openapi/loads) - -Loading of OAI specification documents from local or remote locations. Supports JSON and YAML documents. diff --git a/vendor/github.com/go-openapi/loads/go.mod b/vendor/github.com/go-openapi/loads/go.mod deleted file mode 100644 index 8cf62326f6ce..000000000000 --- a/vendor/github.com/go-openapi/loads/go.mod +++ /dev/null @@ -1,11 +0,0 @@ -module github.com/go-openapi/loads - -require ( - github.com/go-openapi/analysis v0.19.5 - github.com/go-openapi/spec v0.19.3 - github.com/go-openapi/swag v0.19.5 - github.com/stretchr/testify v1.3.0 - gopkg.in/yaml.v2 v2.2.4 -) - -go 1.13 diff --git a/vendor/github.com/go-openapi/loads/go.sum b/vendor/github.com/go-openapi/loads/go.sum deleted file mode 100644 index 6eebff99d9ce..000000000000 --- a/vendor/github.com/go-openapi/loads/go.sum +++ /dev/null @@ -1,98 +0,0 @@ -github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= -github.com/go-openapi/analysis v0.19.5 h1:8b2ZgKfKIUTVQpTb77MoRDIMEIwvDVw40o3aOXdfYzI= -github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU= -github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.19.2 h1:a2kIyV3w+OS3S97zxUndRVD46+FhGOUBDFY7nmu4CsY= -github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= -github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.19.2 h1:A9+F4Dc/MCNB5jibxf6rRvOvR/iFgQdyNx9eIhnGqq0= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3 h1:gihV7YNZK1iK6Tgwwsxo2rJbD1GTbdm72325Bq8FI3w= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.19.2 h1:o20suLFB4Ri0tuzpWtyHlh7E7HnkqTNLq6aR6WVNS1w= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.19.3 h1:0XRyw8kguri6Yw4SxhsQA/atC88yqrk0+G4YhI2wabc= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.19.3 h1:eRfyY5SkaNJCAwmmMcADjY31ow9+N7MCLW7oRkbsINA= -github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= -github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.19.2 h1:jvO6bCMBEilGwMfHhrd61zIID4oIFdwb76V17SM88dE= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63 h1:nTT4s92Dgz2HlrB2NaMgvlfqHH39OgMhA7z3PK7PGD4= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e h1:hB2xlXdHp/pmPZq0y3QnmWAArdw9PqbmotexnWx/FU8= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= -github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -go.mongodb.org/mongo-driver v1.0.3 h1:GKoji1ld3tw2aC+GX1wbr/J2fX13yNacEYoJ8Nhr0yU= -go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.mongodb.org/mongo-driver v1.1.1 h1:Sq1fR+0c58RME5EoqKdjkiQAmPjmfHlZOoRI6fTUOcs= -go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980 h1:dfGZHvZk057jK2MCeWus/TowKpJ8y4AmooUzdBSR9GU= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 h1:k7pJ2yAPLPgbskkFdhRCsA77k2fySZ1zf2zCjvQCiIM= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/vendor/github.com/go-openapi/loads/spec.go b/vendor/github.com/go-openapi/loads/spec.go deleted file mode 100644 index e4b4a3cf7638..000000000000 --- a/vendor/github.com/go-openapi/loads/spec.go +++ /dev/null @@ -1,298 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package loads - -import ( - "bytes" - "encoding/gob" - "encoding/json" - "fmt" - "net/url" - - "github.com/go-openapi/analysis" - "github.com/go-openapi/spec" - "github.com/go-openapi/swag" -) - -// JSONDoc loads a json document from either a file or a remote url -func JSONDoc(path string) (json.RawMessage, error) { - data, err := swag.LoadFromFileOrHTTP(path) - if err != nil { - return nil, err - } - return json.RawMessage(data), nil -} - -// DocLoader represents a doc loader type -type DocLoader func(string) (json.RawMessage, error) - -// DocMatcher represents a predicate to check if a loader matches -type DocMatcher func(string) bool - -var ( - loaders *loader - defaultLoader *loader -) - -func init() { - defaultLoader = &loader{Match: func(_ string) bool { return true }, Fn: JSONDoc} - loaders = defaultLoader - spec.PathLoader = loaders.Fn - AddLoader(swag.YAMLMatcher, swag.YAMLDoc) - - gob.Register(map[string]interface{}{}) - gob.Register([]interface{}{}) - //gob.Register(spec.Refable{}) -} - -// AddLoader for a document -func AddLoader(predicate DocMatcher, load DocLoader) { - prev := loaders - loaders = &loader{ - Match: predicate, - Fn: load, - Next: prev, - } - spec.PathLoader = loaders.Fn -} - -type loader struct { - Fn DocLoader - Match DocMatcher - Next *loader -} - -// JSONSpec loads a spec from a json document -func JSONSpec(path string) (*Document, error) { - data, err := JSONDoc(path) - if err != nil { - return nil, err - } - // convert to json - return Analyzed(data, "") -} - -// Document represents a swagger spec document -type Document struct { - // specAnalyzer - Analyzer *analysis.Spec - spec *spec.Swagger - specFilePath string - origSpec *spec.Swagger - schema *spec.Schema - raw json.RawMessage -} - -// Embedded returns a Document based on embedded specs. No analysis is required -func Embedded(orig, flat json.RawMessage) (*Document, error) { - var origSpec, flatSpec spec.Swagger - if err := json.Unmarshal(orig, &origSpec); err != nil { - return nil, err - } - if err := json.Unmarshal(flat, &flatSpec); err != nil { - return nil, err - } - return &Document{ - raw: orig, - origSpec: &origSpec, - spec: &flatSpec, - }, nil -} - -// Spec loads a new spec document -func Spec(path string) (*Document, error) { - specURL, err := url.Parse(path) - if err != nil { - return nil, err - } - var lastErr error - for l := loaders.Next; l != nil; l = l.Next { - if loaders.Match(specURL.Path) { - b, err2 := loaders.Fn(path) - if err2 != nil { - lastErr = err2 - continue - } - doc, err3 := Analyzed(b, "") - if err3 != nil { - return nil, err3 - } - if doc != nil { - doc.specFilePath = path - } - return doc, nil - } - } - if lastErr != nil { - return nil, lastErr - } - b, err := defaultLoader.Fn(path) - if err != nil { - return nil, err - } - - document, err := Analyzed(b, "") - if document != nil { - document.specFilePath = path - } - - return document, err -} - -// Analyzed creates a new analyzed spec document -func Analyzed(data json.RawMessage, version string) (*Document, error) { - if version == "" { - version = "2.0" - } - if version != "2.0" { - return nil, fmt.Errorf("spec version %q is not supported", version) - } - - raw := data - trimmed := bytes.TrimSpace(data) - if len(trimmed) > 0 { - if trimmed[0] != '{' && trimmed[0] != '[' { - yml, err := swag.BytesToYAMLDoc(trimmed) - if err != nil { - return nil, fmt.Errorf("analyzed: %v", err) - } - d, err := swag.YAMLToJSON(yml) - if err != nil { - return nil, fmt.Errorf("analyzed: %v", err) - } - raw = d - } - } - - swspec := new(spec.Swagger) - if err := json.Unmarshal(raw, swspec); err != nil { - return nil, err - } - - origsqspec, err := cloneSpec(swspec) - if err != nil { - return nil, err - } - - d := &Document{ - Analyzer: analysis.New(swspec), - schema: spec.MustLoadSwagger20Schema(), - spec: swspec, - raw: raw, - origSpec: origsqspec, - } - return d, nil -} - -// Expanded expands the ref fields in the spec document and returns a new spec document -func (d *Document) Expanded(options ...*spec.ExpandOptions) (*Document, error) { - swspec := new(spec.Swagger) - if err := json.Unmarshal(d.raw, swspec); err != nil { - return nil, err - } - - var expandOptions *spec.ExpandOptions - if len(options) > 0 { - expandOptions = options[0] - } else { - expandOptions = &spec.ExpandOptions{ - RelativeBase: d.specFilePath, - } - } - - if err := spec.ExpandSpec(swspec, expandOptions); err != nil { - return nil, err - } - - dd := &Document{ - Analyzer: analysis.New(swspec), - spec: swspec, - specFilePath: d.specFilePath, - schema: spec.MustLoadSwagger20Schema(), - raw: d.raw, - origSpec: d.origSpec, - } - return dd, nil -} - -// BasePath the base path for this spec -func (d *Document) BasePath() string { - return d.spec.BasePath -} - -// Version returns the version of this spec -func (d *Document) Version() string { - return d.spec.Swagger -} - -// Schema returns the swagger 2.0 schema -func (d *Document) Schema() *spec.Schema { - return d.schema -} - -// Spec returns the swagger spec object model -func (d *Document) Spec() *spec.Swagger { - return d.spec -} - -// Host returns the host for the API -func (d *Document) Host() string { - return d.spec.Host -} - -// Raw returns the raw swagger spec as json bytes -func (d *Document) Raw() json.RawMessage { - return d.raw -} - -// OrigSpec yields the original spec -func (d *Document) OrigSpec() *spec.Swagger { - return d.origSpec -} - -// ResetDefinitions gives a shallow copy with the models reset -func (d *Document) ResetDefinitions() *Document { - defs := make(map[string]spec.Schema, len(d.origSpec.Definitions)) - for k, v := range d.origSpec.Definitions { - defs[k] = v - } - - d.spec.Definitions = defs - return d -} - -// Pristine creates a new pristine document instance based on the input data -func (d *Document) Pristine() *Document { - dd, _ := Analyzed(d.Raw(), d.Version()) - return dd -} - -// SpecFilePath returns the file path of the spec if one is defined -func (d *Document) SpecFilePath() string { - return d.specFilePath -} - -func cloneSpec(src *spec.Swagger) (*spec.Swagger, error) { - var b bytes.Buffer - if err := gob.NewEncoder(&b).Encode(src); err != nil { - return nil, err - } - - var dst spec.Swagger - if err := gob.NewDecoder(&b).Decode(&dst); err != nil { - return nil, err - } - return &dst, nil -} diff --git a/vendor/github.com/go-openapi/runtime/.editorconfig b/vendor/github.com/go-openapi/runtime/.editorconfig deleted file mode 100644 index 3152da69a5d7..000000000000 --- a/vendor/github.com/go-openapi/runtime/.editorconfig +++ /dev/null @@ -1,26 +0,0 @@ -# top-most EditorConfig file -root = true - -# Unix-style newlines with a newline ending every file -[*] -end_of_line = lf -insert_final_newline = true -indent_style = space -indent_size = 2 -trim_trailing_whitespace = true - -# Set default charset -[*.{js,py,go,scala,rb,java,html,css,less,sass,md}] -charset = utf-8 - -# Tab indentation (no size specified) -[*.go] -indent_style = tab - -[*.md] -trim_trailing_whitespace = false - -# Matches the exact files either package.json or .travis.yml -[{package.json,.travis.yml}] -indent_style = space -indent_size = 2 diff --git a/vendor/github.com/go-openapi/runtime/.travis.yml b/vendor/github.com/go-openapi/runtime/.travis.yml deleted file mode 100644 index 2fc7b58ff20b..000000000000 --- a/vendor/github.com/go-openapi/runtime/.travis.yml +++ /dev/null @@ -1,15 +0,0 @@ -after_success: -- bash <(curl -s https://codecov.io/bash) -go: -- 1.11.x -- 1.12.x -install: -- GO111MODULE=off go get -u gotest.tools/gotestsum -env: -- GO111MODULE=on -language: go -notifications: - slack: - secure: EmObnQuM9Mw8J9vpFaKKHqSMN4Wsr/A9+v7ewAD5cEhA0T1P4m7MbJMiJOhxUhj/X+BFh2DamW+P2lT8mybj5wg8wnkQ2BteKA8Tawi6f9PRw2NRheO8tAi8o/npLnlmet0kc93mn+oLuqHw36w4+j5mkOl2FghkfGiUVhwrhkCP7KXQN+3TU87e+/HzQumlJ3nsE+6terVxkH3PmaUTsS5ONaODZfuxFpfb7RsoEl3skHf6d+tr+1nViLxxly7558Nc33C+W1mr0qiEvMLZ+kJ/CpGWBJ6CUJM3jm6hNe2eMuIPwEK2hxZob8c7n22VPap4K6a0bBRoydoDXaba+2sD7Ym6ivDO/DVyL44VeBBLyIiIBylDGQdZH+6SoWm90Qe/i7tnY/T5Ao5igT8f3cfQY1c3EsTfqmlDfrhmACBmwSlgkdVBLTprHL63JMY24LWmh4jhxsmMRZhCL4dze8su1w6pLN/pD1pGHtKYCEVbdTmaM3PblNRFf12XB7qosmQsgUndH4Vq3bTbU0s1pKjeDhRyLvFzvR0TBbo0pDLEoF1A/i5GVFWa7yLZNUDudQERRh7qv/xBl2excIaQ1sV4DSVm7bAE9l6Kp+yeHQJW2uN6Y3X8wu9gB9nv9l5HBze7wh8KE6PyWAOLYYqZg9/sAtsv/2GcQqXcKFF1zcA= -script: -- gotestsum -f short-verbose -- -race -timeout=20m -coverprofile=coverage.txt -covermode=atomic ./... diff --git a/vendor/github.com/go-openapi/runtime/CODE_OF_CONDUCT.md b/vendor/github.com/go-openapi/runtime/CODE_OF_CONDUCT.md deleted file mode 100644 index 9322b065e37a..000000000000 --- a/vendor/github.com/go-openapi/runtime/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,74 +0,0 @@ -# Contributor Covenant Code of Conduct - -## Our Pledge - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, gender identity and expression, level of experience, -nationality, personal appearance, race, religion, or sexual identity and -orientation. - -## Our Standards - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or -advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic - address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a - professional setting - -## Our Responsibilities - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -## Scope - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at ivan+abuse@flanders.co.nz. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, -available at [http://contributor-covenant.org/version/1/4][version] - -[homepage]: http://contributor-covenant.org -[version]: http://contributor-covenant.org/version/1/4/ diff --git a/vendor/github.com/go-openapi/runtime/README.md b/vendor/github.com/go-openapi/runtime/README.md deleted file mode 100644 index 5b1ec6494541..000000000000 --- a/vendor/github.com/go-openapi/runtime/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# runtime [![Build Status](https://travis-ci.org/go-openapi/runtime.svg?branch=client-context)](https://travis-ci.org/go-openapi/runtime) [![codecov](https://codecov.io/gh/go-openapi/runtime/branch/master/graph/badge.svg)](https://codecov.io/gh/go-openapi/runtime) [![Slack Status](https://slackin.goswagger.io/badge.svg)](https://slackin.goswagger.io) - -[![license](http://img.shields.io/badge/license-Apache%20v2-orange.svg)](https://raw.githubusercontent.com/go-openapi/runtime/master/LICENSE) [![GoDoc](https://godoc.org/github.com/go-openapi/runtime?status.svg)](http://godoc.org/github.com/go-openapi/runtime) - -# golang Open-API toolkit - runtime - -The runtime component for use in codegeneration or as untyped usage. diff --git a/vendor/github.com/go-openapi/runtime/bytestream.go b/vendor/github.com/go-openapi/runtime/bytestream.go deleted file mode 100644 index 4459025b9279..000000000000 --- a/vendor/github.com/go-openapi/runtime/bytestream.go +++ /dev/null @@ -1,155 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import ( - "bytes" - "encoding" - "errors" - "fmt" - "io" - "reflect" - - "github.com/go-openapi/swag" -) - -func defaultCloser() error { return nil } - -type byteStreamOpt func(opts *byteStreamOpts) - -// ClosesStream when the bytestream consumer or producer is finished -func ClosesStream(opts *byteStreamOpts) { - opts.Close = true -} - -type byteStreamOpts struct { - Close bool -} - -// ByteStreamConsumer creates a consmer for byte streams, -// takes a Writer/BinaryUnmarshaler interface or binary slice by reference, -// and reads from the provided reader -func ByteStreamConsumer(opts ...byteStreamOpt) Consumer { - var vals byteStreamOpts - for _, opt := range opts { - opt(&vals) - } - - return ConsumerFunc(func(reader io.Reader, data interface{}) error { - if reader == nil { - return errors.New("ByteStreamConsumer requires a reader") // early exit - } - - close := defaultCloser - if vals.Close { - if cl, ok := reader.(io.Closer); ok { - close = cl.Close - } - } - defer close() - - if wrtr, ok := data.(io.Writer); ok { - _, err := io.Copy(wrtr, reader) - return err - } - - buf := new(bytes.Buffer) - _, err := buf.ReadFrom(reader) - if err != nil { - return err - } - b := buf.Bytes() - - if bu, ok := data.(encoding.BinaryUnmarshaler); ok { - return bu.UnmarshalBinary(b) - } - - if t := reflect.TypeOf(data); data != nil && t.Kind() == reflect.Ptr { - v := reflect.Indirect(reflect.ValueOf(data)) - if t = v.Type(); t.Kind() == reflect.Slice && t.Elem().Kind() == reflect.Uint8 { - v.SetBytes(b) - return nil - } - } - - return fmt.Errorf("%v (%T) is not supported by the ByteStreamConsumer, %s", - data, data, "can be resolved by supporting Writer/BinaryUnmarshaler interface") - }) -} - -// ByteStreamProducer creates a producer for byte streams, -// takes a Reader/BinaryMarshaler interface or binary slice, -// and writes to a writer (essentially a pipe) -func ByteStreamProducer(opts ...byteStreamOpt) Producer { - var vals byteStreamOpts - for _, opt := range opts { - opt(&vals) - } - return ProducerFunc(func(writer io.Writer, data interface{}) error { - if writer == nil { - return errors.New("ByteStreamProducer requires a writer") // early exit - } - close := defaultCloser - if vals.Close { - if cl, ok := writer.(io.Closer); ok { - close = cl.Close - } - } - defer close() - - if rc, ok := data.(io.ReadCloser); ok { - defer rc.Close() - } - - if rdr, ok := data.(io.Reader); ok { - _, err := io.Copy(writer, rdr) - return err - } - - if bm, ok := data.(encoding.BinaryMarshaler); ok { - bytes, err := bm.MarshalBinary() - if err != nil { - return err - } - - _, err = writer.Write(bytes) - return err - } - - if data != nil { - if e, ok := data.(error); ok { - _, err := writer.Write([]byte(e.Error())) - return err - } - - v := reflect.Indirect(reflect.ValueOf(data)) - if t := v.Type(); t.Kind() == reflect.Slice && t.Elem().Kind() == reflect.Uint8 { - _, err := writer.Write(v.Bytes()) - return err - } - if t := v.Type(); t.Kind() == reflect.Struct || t.Kind() == reflect.Slice { - b, err := swag.WriteJSON(data) - if err != nil { - return err - } - _, err = writer.Write(b) - return err - } - } - - return fmt.Errorf("%v (%T) is not supported by the ByteStreamProducer, %s", - data, data, "can be resolved by supporting Reader/BinaryMarshaler interface") - }) -} diff --git a/vendor/github.com/go-openapi/runtime/client_auth_info.go b/vendor/github.com/go-openapi/runtime/client_auth_info.go deleted file mode 100644 index c6c97d9a7c34..000000000000 --- a/vendor/github.com/go-openapi/runtime/client_auth_info.go +++ /dev/null @@ -1,30 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import "github.com/go-openapi/strfmt" - -// A ClientAuthInfoWriterFunc converts a function to a request writer interface -type ClientAuthInfoWriterFunc func(ClientRequest, strfmt.Registry) error - -// AuthenticateRequest adds authentication data to the request -func (fn ClientAuthInfoWriterFunc) AuthenticateRequest(req ClientRequest, reg strfmt.Registry) error { - return fn(req, reg) -} - -// A ClientAuthInfoWriter implementor knows how to write authentication info to a request -type ClientAuthInfoWriter interface { - AuthenticateRequest(ClientRequest, strfmt.Registry) error -} diff --git a/vendor/github.com/go-openapi/runtime/client_operation.go b/vendor/github.com/go-openapi/runtime/client_operation.go deleted file mode 100644 index fa21eacf3301..000000000000 --- a/vendor/github.com/go-openapi/runtime/client_operation.go +++ /dev/null @@ -1,41 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import ( - "context" - "net/http" -) - -// ClientOperation represents the context for a swagger operation to be submitted to the transport -type ClientOperation struct { - ID string - Method string - PathPattern string - ProducesMediaTypes []string - ConsumesMediaTypes []string - Schemes []string - AuthInfo ClientAuthInfoWriter - Params ClientRequestWriter - Reader ClientResponseReader - Context context.Context - Client *http.Client -} - -// A ClientTransport implementor knows how to submit Request objects to some destination -type ClientTransport interface { - //Submit(string, RequestWriter, ResponseReader, AuthInfoWriter) (interface{}, error) - Submit(*ClientOperation) (interface{}, error) -} diff --git a/vendor/github.com/go-openapi/runtime/client_request.go b/vendor/github.com/go-openapi/runtime/client_request.go deleted file mode 100644 index 904196ae3e6e..000000000000 --- a/vendor/github.com/go-openapi/runtime/client_request.go +++ /dev/null @@ -1,103 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import ( - "io" - "io/ioutil" - "net/http" - "net/url" - "time" - - "github.com/go-openapi/strfmt" -) - -// ClientRequestWriterFunc converts a function to a request writer interface -type ClientRequestWriterFunc func(ClientRequest, strfmt.Registry) error - -// WriteToRequest adds data to the request -func (fn ClientRequestWriterFunc) WriteToRequest(req ClientRequest, reg strfmt.Registry) error { - return fn(req, reg) -} - -// ClientRequestWriter is an interface for things that know how to write to a request -type ClientRequestWriter interface { - WriteToRequest(ClientRequest, strfmt.Registry) error -} - -// ClientRequest is an interface for things that know how to -// add information to a swagger client request -type ClientRequest interface { - SetHeaderParam(string, ...string) error - - GetHeaderParams() http.Header - - SetQueryParam(string, ...string) error - - SetFormParam(string, ...string) error - - SetPathParam(string, string) error - - GetQueryParams() url.Values - - SetFileParam(string, ...NamedReadCloser) error - - SetBodyParam(interface{}) error - - SetTimeout(time.Duration) error - - GetMethod() string - - GetPath() string - - GetBody() []byte - - GetBodyParam() interface{} - - GetFileParam() map[string][]NamedReadCloser -} - -// NamedReadCloser represents a named ReadCloser interface -type NamedReadCloser interface { - io.ReadCloser - Name() string -} - -// NamedReader creates a NamedReadCloser for use as file upload -func NamedReader(name string, rdr io.Reader) NamedReadCloser { - rc, ok := rdr.(io.ReadCloser) - if !ok { - rc = ioutil.NopCloser(rdr) - } - return &namedReadCloser{ - name: name, - cr: rc, - } -} - -type namedReadCloser struct { - name string - cr io.ReadCloser -} - -func (n *namedReadCloser) Close() error { - return n.cr.Close() -} -func (n *namedReadCloser) Read(p []byte) (int, error) { - return n.cr.Read(p) -} -func (n *namedReadCloser) Name() string { - return n.name -} diff --git a/vendor/github.com/go-openapi/runtime/client_response.go b/vendor/github.com/go-openapi/runtime/client_response.go deleted file mode 100644 index 729e18b2283a..000000000000 --- a/vendor/github.com/go-openapi/runtime/client_response.go +++ /dev/null @@ -1,63 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import ( - "fmt" - "io" -) - -// A ClientResponse represents a client response -// This bridges between responses obtained from different transports -type ClientResponse interface { - Code() int - Message() string - GetHeader(string) string - Body() io.ReadCloser -} - -// A ClientResponseReaderFunc turns a function into a ClientResponseReader interface implementation -type ClientResponseReaderFunc func(ClientResponse, Consumer) (interface{}, error) - -// ReadResponse reads the response -func (read ClientResponseReaderFunc) ReadResponse(resp ClientResponse, consumer Consumer) (interface{}, error) { - return read(resp, consumer) -} - -// A ClientResponseReader is an interface for things want to read a response. -// An application of this is to create structs from response values -type ClientResponseReader interface { - ReadResponse(ClientResponse, Consumer) (interface{}, error) -} - -// NewAPIError creates a new API error -func NewAPIError(opName string, payload interface{}, code int) *APIError { - return &APIError{ - OperationName: opName, - Response: payload, - Code: code, - } -} - -// APIError wraps an error model and captures the status code -type APIError struct { - OperationName string - Response interface{} - Code int -} - -func (a *APIError) Error() string { - return fmt.Sprintf("%s (status %d): %+v ", a.OperationName, a.Code, a.Response) -} diff --git a/vendor/github.com/go-openapi/runtime/constants.go b/vendor/github.com/go-openapi/runtime/constants.go deleted file mode 100644 index a4de897adcdf..000000000000 --- a/vendor/github.com/go-openapi/runtime/constants.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -const ( - // HeaderContentType represents a http content-type header, it's value is supposed to be a mime type - HeaderContentType = "Content-Type" - - // HeaderTransferEncoding represents a http transfer-encoding header. - HeaderTransferEncoding = "Transfer-Encoding" - - // HeaderAccept the Accept header - HeaderAccept = "Accept" - - charsetKey = "charset" - - // DefaultMime the default fallback mime type - DefaultMime = "application/octet-stream" - // JSONMime the json mime type - JSONMime = "application/json" - // YAMLMime the yaml mime type - YAMLMime = "application/x-yaml" - // XMLMime the xml mime type - XMLMime = "application/xml" - // TextMime the text mime type - TextMime = "text/plain" - // HTMLMime the html mime type - HTMLMime = "text/html" - // CSVMime the csv mime type - CSVMime = "text/csv" - // MultipartFormMime the multipart form mime type - MultipartFormMime = "multipart/form-data" - // URLencodedFormMime the url encoded form mime type - URLencodedFormMime = "application/x-www-form-urlencoded" -) diff --git a/vendor/github.com/go-openapi/runtime/csv.go b/vendor/github.com/go-openapi/runtime/csv.go deleted file mode 100644 index d807bd915b44..000000000000 --- a/vendor/github.com/go-openapi/runtime/csv.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import ( - "bytes" - "encoding/csv" - "errors" - "io" -) - -// CSVConsumer creates a new CSV consumer -func CSVConsumer() Consumer { - return ConsumerFunc(func(reader io.Reader, data interface{}) error { - if reader == nil { - return errors.New("CSVConsumer requires a reader") - } - - csvReader := csv.NewReader(reader) - writer, ok := data.(io.Writer) - if !ok { - return errors.New("data type must be io.Writer") - } - csvWriter := csv.NewWriter(writer) - records, err := csvReader.ReadAll() - if err != nil { - return err - } - for _, r := range records { - if err := csvWriter.Write(r); err != nil { - return err - } - } - csvWriter.Flush() - return nil - }) -} - -// CSVProducer creates a new CSV producer -func CSVProducer() Producer { - return ProducerFunc(func(writer io.Writer, data interface{}) error { - if writer == nil { - return errors.New("CSVProducer requires a writer") - } - - dataBytes, ok := data.([]byte) - if !ok { - return errors.New("data type must be byte array") - } - - csvReader := csv.NewReader(bytes.NewBuffer(dataBytes)) - records, err := csvReader.ReadAll() - if err != nil { - return err - } - csvWriter := csv.NewWriter(writer) - for _, r := range records { - if err := csvWriter.Write(r); err != nil { - return err - } - } - csvWriter.Flush() - return nil - }) -} diff --git a/vendor/github.com/go-openapi/runtime/discard.go b/vendor/github.com/go-openapi/runtime/discard.go deleted file mode 100644 index 0d390cfd64c0..000000000000 --- a/vendor/github.com/go-openapi/runtime/discard.go +++ /dev/null @@ -1,9 +0,0 @@ -package runtime - -import "io" - -// DiscardConsumer does absolutely nothing, it's a black hole. -var DiscardConsumer = ConsumerFunc(func(_ io.Reader, _ interface{}) error { return nil }) - -// DiscardProducer does absolutely nothing, it's a black hole. -var DiscardProducer = ProducerFunc(func(_ io.Writer, _ interface{}) error { return nil }) diff --git a/vendor/github.com/go-openapi/runtime/go.mod b/vendor/github.com/go-openapi/runtime/go.mod deleted file mode 100644 index ddf6f1613af5..000000000000 --- a/vendor/github.com/go-openapi/runtime/go.mod +++ /dev/null @@ -1,16 +0,0 @@ -module github.com/go-openapi/runtime - -require ( - github.com/docker/go-units v0.4.0 - github.com/go-openapi/analysis v0.19.2 - github.com/go-openapi/errors v0.19.2 - github.com/go-openapi/loads v0.19.2 - github.com/go-openapi/spec v0.19.2 - github.com/go-openapi/strfmt v0.19.0 - github.com/go-openapi/swag v0.19.2 - github.com/go-openapi/validate v0.19.2 - github.com/stretchr/testify v1.3.0 - golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56 // indirect - golang.org/x/tools v0.0.0-20190617190820-da514acc4774 // indirect - gopkg.in/yaml.v2 v2.2.2 -) diff --git a/vendor/github.com/go-openapi/runtime/go.sum b/vendor/github.com/go-openapi/runtime/go.sum deleted file mode 100644 index bdb97c3a8a7a..000000000000 --- a/vendor/github.com/go-openapi/runtime/go.sum +++ /dev/null @@ -1,133 +0,0 @@ -github.com/PuerkitoBio/purell v1.1.0 h1:rmGxhojJlM0tuKtfdvliR84CFHljx9ag64t2xmVkjK4= -github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf h1:eg0MeVzsP1G42dRafH3vf+al2vQIJU0YHX+1Tw87oco= -github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/docker/go-units v0.3.3 h1:Xk8S3Xj5sLGlG5g67hJmYMmUgXv5N4PhkjJHHqrwnTk= -github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw= -github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8 h1:DujepqpGd1hyOd7aW59XpK7Qymp8iy83xq74fLr21is= -github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= -github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= -github.com/go-openapi/analysis v0.17.2 h1:eYp14J1o8TTSCzndHBtsNuckikV1PfZOSnx4BcBeu0c= -github.com/go-openapi/analysis v0.17.2/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= -github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= -github.com/go-openapi/analysis v0.19.2 h1:ophLETFestFZHk3ji7niPEL4d466QjW+0Tdg5VyDq7E= -github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk= -github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.17.2 h1:azEQ8Fnx0jmtFF2fxsnmd6I0x6rsweUF63qqSO1NmKk= -github.com/go-openapi/errors v0.17.2/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.19.2 h1:a2kIyV3w+OS3S97zxUndRVD46+FhGOUBDFY7nmu4CsY= -github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= -github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.17.2 h1:3ekBy41gar/iJi2KSh/au/PrC2vpLr85upF/UZmm3W0= -github.com/go-openapi/jsonpointer v0.17.2/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.19.2 h1:A9+F4Dc/MCNB5jibxf6rRvOvR/iFgQdyNx9eIhnGqq0= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.17.2 h1:lF3z7AH8dd0IKXc1zEBi1dj0B4XgVb5cVjn39dCK3Ls= -github.com/go-openapi/jsonreference v0.17.2/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.19.2 h1:o20suLFB4Ri0tuzpWtyHlh7E7HnkqTNLq6aR6WVNS1w= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.17.2 h1:tEXYu6Xc0pevpzzQx5ghrMN9F7IVpN/+u4iD3rkYE5o= -github.com/go-openapi/loads v0.17.2/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.19.2 h1:rf5ArTHmIJxyV5Oiks+Su0mUens1+AjpkPoWr5xFRcI= -github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs= -github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA= -github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64= -github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.17.2 h1:eb2NbuCnoe8cWAxhtK6CfMWUYmiFEZJ9Hx3Z2WRwJ5M= -github.com/go-openapi/spec v0.17.2/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.19.2 h1:SStNd1jRcYtfKCN7R0laGNs80WYYvn5CbBjM2sOmCrE= -github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY= -github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.17.2 h1:2KDns36DMHXG9/iYkOjiX+/8fKK9GCU5ELZ+J6qcRVA= -github.com/go-openapi/strfmt v0.17.2/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.19.0 h1:0Dn9qy1G9+UJfRU7TR8bmdGxb4uifB7HNrJjOnV0yPk= -github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY= -github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.17.2 h1:K/ycE/XTUDFltNHSO32cGRUhrVGJD64o8WgAIZNyc3k= -github.com/go-openapi/swag v0.17.2/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.19.2 h1:jvO6bCMBEilGwMfHhrd61zIID4oIFdwb76V17SM88dE= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/validate v0.17.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= -github.com/go-openapi/validate v0.17.2 h1:lwFfiS4sv5DvOrsYDsYq4N7UU8ghXiYtPJ+VcQnC3Xg= -github.com/go-openapi/validate v0.17.2/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= -github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= -github.com/go-openapi/validate v0.19.2 h1:ky5l57HjyVRrsJfd2+Ro5Z9PjGuKbsmftwyMtk8H7js= -github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329 h1:2gxZ0XQIU/5z3Z3bUBu+FXuk2pFbkN6tcwi/pjyaDic= -github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe h1:W/GaMY0y69G4cFlmsC6B9sbuo2fP8OFP1ABjt4kPz+w= -github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63 h1:nTT4s92Dgz2HlrB2NaMgvlfqHH39OgMhA7z3PK7PGD4= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181201002055-351d144fa1fc h1:a3CU5tJYVj92DY2LaA1kUkrsqD5/3mLDhx2NcNqyW+0= -golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53 h1:kcXqo9vE6fsZY5X5Rd7R1l7fTgnWaDCVmln65REefiE= -golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980 h1:dfGZHvZk057jK2MCeWus/TowKpJ8y4AmooUzdBSR9GU= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/vendor/github.com/go-openapi/runtime/interfaces.go b/vendor/github.com/go-openapi/runtime/interfaces.go deleted file mode 100644 index 65de0aa44b96..000000000000 --- a/vendor/github.com/go-openapi/runtime/interfaces.go +++ /dev/null @@ -1,103 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import ( - "io" - "net/http" - - "github.com/go-openapi/strfmt" -) - -// OperationHandlerFunc an adapter for a function to the OperationHandler interface -type OperationHandlerFunc func(interface{}) (interface{}, error) - -// Handle implements the operation handler interface -func (s OperationHandlerFunc) Handle(data interface{}) (interface{}, error) { - return s(data) -} - -// OperationHandler a handler for a swagger operation -type OperationHandler interface { - Handle(interface{}) (interface{}, error) -} - -// ConsumerFunc represents a function that can be used as a consumer -type ConsumerFunc func(io.Reader, interface{}) error - -// Consume consumes the reader into the data parameter -func (fn ConsumerFunc) Consume(reader io.Reader, data interface{}) error { - return fn(reader, data) -} - -// Consumer implementations know how to bind the values on the provided interface to -// data provided by the request body -type Consumer interface { - // Consume performs the binding of request values - Consume(io.Reader, interface{}) error -} - -// ProducerFunc represents a function that can be used as a producer -type ProducerFunc func(io.Writer, interface{}) error - -// Produce produces the response for the provided data -func (f ProducerFunc) Produce(writer io.Writer, data interface{}) error { - return f(writer, data) -} - -// Producer implementations know how to turn the provided interface into a valid -// HTTP response -type Producer interface { - // Produce writes to the http response - Produce(io.Writer, interface{}) error -} - -// AuthenticatorFunc turns a function into an authenticator -type AuthenticatorFunc func(interface{}) (bool, interface{}, error) - -// Authenticate authenticates the request with the provided data -func (f AuthenticatorFunc) Authenticate(params interface{}) (bool, interface{}, error) { - return f(params) -} - -// Authenticator represents an authentication strategy -// implementations of Authenticator know how to authenticate the -// request data and translate that into a valid principal object or an error -type Authenticator interface { - Authenticate(interface{}) (bool, interface{}, error) -} - -// AuthorizerFunc turns a function into an authorizer -type AuthorizerFunc func(*http.Request, interface{}) error - -// Authorize authorizes the processing of the request for the principal -func (f AuthorizerFunc) Authorize(r *http.Request, principal interface{}) error { - return f(r, principal) -} - -// Authorizer represents an authorization strategy -// implementations of Authorizer know how to authorize the principal object -// using the request data and returns error if unauthorized -type Authorizer interface { - Authorize(*http.Request, interface{}) error -} - -// Validatable types implementing this interface allow customizing their validation -// this will be used instead of the reflective validation based on the spec document. -// the implementations are assumed to have been generated by the swagger tool so they should -// contain all the validations obtained from the spec -type Validatable interface { - Validate(strfmt.Registry) error -} diff --git a/vendor/github.com/go-openapi/runtime/request.go b/vendor/github.com/go-openapi/runtime/request.go deleted file mode 100644 index 9e51b42b59d0..000000000000 --- a/vendor/github.com/go-openapi/runtime/request.go +++ /dev/null @@ -1,139 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import ( - "bufio" - "io" - "net/http" - "strings" - - "github.com/go-openapi/swag" -) - -// CanHaveBody returns true if this method can have a body -func CanHaveBody(method string) bool { - mn := strings.ToUpper(method) - return mn == "POST" || mn == "PUT" || mn == "PATCH" || mn == "DELETE" -} - -// IsSafe returns true if this is a request with a safe method -func IsSafe(r *http.Request) bool { - mn := strings.ToUpper(r.Method) - return mn == "GET" || mn == "HEAD" -} - -// AllowsBody returns true if the request allows for a body -func AllowsBody(r *http.Request) bool { - mn := strings.ToUpper(r.Method) - return mn != "HEAD" -} - -// HasBody returns true if this method needs a content-type -func HasBody(r *http.Request) bool { - // happy case: we have a content length set - if r.ContentLength > 0 { - return true - } - - if r.Header.Get(http.CanonicalHeaderKey("content-length")) != "" { - // in this case, no Transfer-Encoding should be present - // we have a header set but it was explicitly set to 0, so we assume no body - return false - } - - rdr := newPeekingReader(r.Body) - r.Body = rdr - return rdr.HasContent() -} - -func newPeekingReader(r io.ReadCloser) *peekingReader { - if r == nil { - return nil - } - return &peekingReader{ - underlying: bufio.NewReader(r), - orig: r, - } -} - -type peekingReader struct { - underlying interface { - Buffered() int - Peek(int) ([]byte, error) - Read([]byte) (int, error) - } - orig io.ReadCloser -} - -func (p *peekingReader) HasContent() bool { - if p == nil { - return false - } - if p.underlying.Buffered() > 0 { - return true - } - b, err := p.underlying.Peek(1) - if err != nil { - return false - } - return len(b) > 0 -} - -func (p *peekingReader) Read(d []byte) (int, error) { - if p == nil { - return 0, io.EOF - } - return p.underlying.Read(d) -} - -func (p *peekingReader) Close() error { - p.underlying = nil - if p.orig != nil { - return p.orig.Close() - } - return nil -} - -// JSONRequest creates a new http request with json headers set -func JSONRequest(method, urlStr string, body io.Reader) (*http.Request, error) { - req, err := http.NewRequest(method, urlStr, body) - if err != nil { - return nil, err - } - req.Header.Add(HeaderContentType, JSONMime) - req.Header.Add(HeaderAccept, JSONMime) - return req, nil -} - -// Gettable for things with a method GetOK(string) (data string, hasKey bool, hasValue bool) -type Gettable interface { - GetOK(string) ([]string, bool, bool) -} - -// ReadSingleValue reads a single value from the source -func ReadSingleValue(values Gettable, name string) string { - vv, _, hv := values.GetOK(name) - if hv { - return vv[len(vv)-1] - } - return "" -} - -// ReadCollectionValue reads a collection value from a string data source -func ReadCollectionValue(values Gettable, name, collectionFormat string) []string { - v := ReadSingleValue(values, name) - return swag.SplitByFormat(v, collectionFormat) -} diff --git a/vendor/github.com/go-openapi/runtime/statuses.go b/vendor/github.com/go-openapi/runtime/statuses.go deleted file mode 100644 index 3b011a0bff19..000000000000 --- a/vendor/github.com/go-openapi/runtime/statuses.go +++ /dev/null @@ -1,90 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -// Statuses lists the most common HTTP status codes to default message -// taken from https://httpstatuses.com/ -var Statuses = map[int]string{ - 100: "Continue", - 101: "Switching Protocols", - 102: "Processing", - 103: "Checkpoint", - 122: "URI too long", - 200: "OK", - 201: "Created", - 202: "Accepted", - 203: "Request Processed", - 204: "No Content", - 205: "Reset Content", - 206: "Partial Content", - 207: "Multi-Status", - 208: "Already Reported", - 226: "IM Used", - 300: "Multiple Choices", - 301: "Moved Permanently", - 302: "Found", - 303: "See Other", - 304: "Not Modified", - 305: "Use Proxy", - 306: "Switch Proxy", - 307: "Temporary Redirect", - 308: "Permanent Redirect", - 400: "Bad Request", - 401: "Unauthorized", - 402: "Payment Required", - 403: "Forbidden", - 404: "Not Found", - 405: "Method Not Allowed", - 406: "Not Acceptable", - 407: "Proxy Authentication Required", - 408: "Request Timeout", - 409: "Conflict", - 410: "Gone", - 411: "Length Required", - 412: "Precondition Failed", - 413: "Request Entity Too Large", - 414: "Request-URI Too Long", - 415: "Unsupported Media Type", - 416: "Request Range Not Satisfiable", - 417: "Expectation Failed", - 418: "I'm a teapot", - 420: "Enhance Your Calm", - 422: "Unprocessable Entity", - 423: "Locked", - 424: "Failed Dependency", - 426: "Upgrade Required", - 428: "Precondition Required", - 429: "Too Many Requests", - 431: "Request Header Fields Too Large", - 444: "No Response", - 449: "Retry With", - 450: "Blocked by Windows Parental Controls", - 451: "Wrong Exchange Server", - 499: "Client Closed Request", - 500: "Internal Server Error", - 501: "Not Implemented", - 502: "Bad Gateway", - 503: "Service Unavailable", - 504: "Gateway Timeout", - 505: "HTTP Version Not Supported", - 506: "Variant Also Negotiates", - 507: "Insufficient Storage", - 508: "Loop Detected", - 509: "Bandwidth Limit Exceeded", - 510: "Not Extended", - 511: "Network Authentication Required", - 598: "Network read timeout error", - 599: "Network connect timeout error", -} diff --git a/vendor/github.com/go-openapi/runtime/text.go b/vendor/github.com/go-openapi/runtime/text.go deleted file mode 100644 index c7fd04c3c5c1..000000000000 --- a/vendor/github.com/go-openapi/runtime/text.go +++ /dev/null @@ -1,117 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import ( - "bytes" - "encoding" - "errors" - "fmt" - "io" - "reflect" - - "github.com/go-openapi/swag" -) - -// TextConsumer creates a new text consumer -func TextConsumer() Consumer { - return ConsumerFunc(func(reader io.Reader, data interface{}) error { - if reader == nil { - return errors.New("TextConsumer requires a reader") // early exit - } - - buf := new(bytes.Buffer) - _, err := buf.ReadFrom(reader) - if err != nil { - return err - } - b := buf.Bytes() - - // If the buffer is empty, no need to unmarshal it, which causes a panic. - if len(b) == 0 { - data = "" - return nil - } - - if tu, ok := data.(encoding.TextUnmarshaler); ok { - err := tu.UnmarshalText(b) - if err != nil { - return fmt.Errorf("text consumer: %v", err) - } - - return nil - } - - t := reflect.TypeOf(data) - if data != nil && t.Kind() == reflect.Ptr { - v := reflect.Indirect(reflect.ValueOf(data)) - if t.Elem().Kind() == reflect.String { - v.SetString(string(b)) - return nil - } - } - - return fmt.Errorf("%v (%T) is not supported by the TextConsumer, %s", - data, data, "can be resolved by supporting TextUnmarshaler interface") - }) -} - -// TextProducer creates a new text producer -func TextProducer() Producer { - return ProducerFunc(func(writer io.Writer, data interface{}) error { - if writer == nil { - return errors.New("TextProducer requires a writer") // early exit - } - - if data == nil { - return errors.New("no data given to produce text from") - } - - if tm, ok := data.(encoding.TextMarshaler); ok { - txt, err := tm.MarshalText() - if err != nil { - return fmt.Errorf("text producer: %v", err) - } - _, err = writer.Write(txt) - return err - } - - if str, ok := data.(error); ok { - _, err := writer.Write([]byte(str.Error())) - return err - } - - if str, ok := data.(fmt.Stringer); ok { - _, err := writer.Write([]byte(str.String())) - return err - } - - v := reflect.Indirect(reflect.ValueOf(data)) - if t := v.Type(); t.Kind() == reflect.Struct || t.Kind() == reflect.Slice { - b, err := swag.WriteJSON(data) - if err != nil { - return err - } - _, err = writer.Write(b) - return err - } - if v.Kind() != reflect.String { - return fmt.Errorf("%T is not a supported type by the TextProducer", data) - } - - _, err := writer.Write([]byte(v.String())) - return err - }) -} diff --git a/vendor/github.com/go-openapi/runtime/values.go b/vendor/github.com/go-openapi/runtime/values.go deleted file mode 100644 index 11f5732af4e3..000000000000 --- a/vendor/github.com/go-openapi/runtime/values.go +++ /dev/null @@ -1,19 +0,0 @@ -package runtime - -// Values typically represent parameters on a http request. -type Values map[string][]string - -// GetOK returns the values collection for the given key. -// When the key is present in the map it will return true for hasKey. -// When the value is not empty it will return true for hasValue. -func (v Values) GetOK(key string) (value []string, hasKey bool, hasValue bool) { - value, hasKey = v[key] - if !hasKey { - return - } - if len(value) == 0 { - return - } - hasValue = true - return -} diff --git a/vendor/github.com/go-openapi/runtime/xml.go b/vendor/github.com/go-openapi/runtime/xml.go deleted file mode 100644 index 821c7393dfbb..000000000000 --- a/vendor/github.com/go-openapi/runtime/xml.go +++ /dev/null @@ -1,36 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package runtime - -import ( - "encoding/xml" - "io" -) - -// XMLConsumer creates a new XML consumer -func XMLConsumer() Consumer { - return ConsumerFunc(func(reader io.Reader, data interface{}) error { - dec := xml.NewDecoder(reader) - return dec.Decode(data) - }) -} - -// XMLProducer creates a new XML producer -func XMLProducer() Producer { - return ProducerFunc(func(writer io.Writer, data interface{}) error { - enc := xml.NewEncoder(writer) - return enc.Encode(data) - }) -} diff --git a/vendor/github.com/go-openapi/strfmt/.editorconfig b/vendor/github.com/go-openapi/strfmt/.editorconfig deleted file mode 100644 index 3152da69a5d7..000000000000 --- a/vendor/github.com/go-openapi/strfmt/.editorconfig +++ /dev/null @@ -1,26 +0,0 @@ -# top-most EditorConfig file -root = true - -# Unix-style newlines with a newline ending every file -[*] -end_of_line = lf -insert_final_newline = true -indent_style = space -indent_size = 2 -trim_trailing_whitespace = true - -# Set default charset -[*.{js,py,go,scala,rb,java,html,css,less,sass,md}] -charset = utf-8 - -# Tab indentation (no size specified) -[*.go] -indent_style = tab - -[*.md] -trim_trailing_whitespace = false - -# Matches the exact files either package.json or .travis.yml -[{package.json,.travis.yml}] -indent_style = space -indent_size = 2 diff --git a/vendor/github.com/go-openapi/strfmt/.golangci.yml b/vendor/github.com/go-openapi/strfmt/.golangci.yml deleted file mode 100644 index f260ce7e5cd1..000000000000 --- a/vendor/github.com/go-openapi/strfmt/.golangci.yml +++ /dev/null @@ -1,30 +0,0 @@ -linters-settings: - govet: - check-shadowing: true - golint: - min-confidence: 0 - gocyclo: - min-complexity: 31 - maligned: - suggest-new: true - dupl: - threshold: 100 - goconst: - min-len: 2 - min-occurrences: 4 - -linters: - enable-all: true - disable: - - maligned - - lll - - gochecknoinits - - gochecknoglobals - -issues: - exclude-rules: - - path: bson.go - text: "should be .*ObjectID" - linters: - - golint - diff --git a/vendor/github.com/go-openapi/strfmt/.travis.yml b/vendor/github.com/go-openapi/strfmt/.travis.yml deleted file mode 100644 index eb962aebcda8..000000000000 --- a/vendor/github.com/go-openapi/strfmt/.travis.yml +++ /dev/null @@ -1,15 +0,0 @@ -after_success: -- bash <(curl -s https://codecov.io/bash) -go: -- 1.11.x -- 1.12.x -install: -- GO111MODULE=off go get -u gotest.tools/gotestsum -language: go -env: -- GO111MODULE=on -notifications: - slack: - secure: zE5AtIYTpYfQPnTzP+EaQPN7JKtfFAGv6PrJqoIZLOXa8B6zGb6+J1JRNNxWi7faWbyJOxa4FSSsuPsKZMycUK6wlLFIdhDxwqeo7Ew8r6rdZKdfUHQggfNS9wO79ARoNYUDHtmnaBUS+eWSM1YqSc4i99QxyyfuURLOeAaA/q14YbdlTlaw3lrZ0qT92ot1FnVGNOx064zuHtFeUf+jAVRMZ6Q3rvqllwIlPszE6rmHGXBt2VoJxRaBetdwd7FgkcYw9FPXKHhadwC7/75ZAdmxIukhxNMw4Tr5NuPcqNcnbYLenDP7B3lssGVIrP4BRSqekS1d/tqvdvnnFWHMwrNCkSnSc065G5+qWTlXKAemIclgiXXqE2furBNLm05MDdG8fn5epS0UNarkjD+zX336RiqwBlOX4KbF+vPyqcO98CsN0lnd+H6loc9reiTHs37orFFpQ+309av9be2GGsHUsRB9ssIyrewmhAccOmkRtr2dVTZJNFQwa5Kph5TNJuTjnZEwG/xUkEX2YSfwShOsb062JWiflV6PJdnl80pc9Tn7D5sO5Bf9DbijGRJwwP+YiiJtwtr+vsvS+n4sM0b5eqm4UoRo+JJO8ffoJtHS7ItuyRbVQCwEPJ4221WLcf5PquEEDdAPwR+K4Gj8qTXqTDdxOiES1xFUKVgmzhI= -script: -- gotestsum -f short-verbose -- -race -coverprofile=coverage.txt -covermode=atomic ./... diff --git a/vendor/github.com/go-openapi/strfmt/CODE_OF_CONDUCT.md b/vendor/github.com/go-openapi/strfmt/CODE_OF_CONDUCT.md deleted file mode 100644 index 9322b065e37a..000000000000 --- a/vendor/github.com/go-openapi/strfmt/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,74 +0,0 @@ -# Contributor Covenant Code of Conduct - -## Our Pledge - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, gender identity and expression, level of experience, -nationality, personal appearance, race, religion, or sexual identity and -orientation. - -## Our Standards - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or -advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic - address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a - professional setting - -## Our Responsibilities - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -## Scope - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at ivan+abuse@flanders.co.nz. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, -available at [http://contributor-covenant.org/version/1/4][version] - -[homepage]: http://contributor-covenant.org -[version]: http://contributor-covenant.org/version/1/4/ diff --git a/vendor/github.com/go-openapi/strfmt/README.md b/vendor/github.com/go-openapi/strfmt/README.md deleted file mode 100644 index 87357cd024c7..000000000000 --- a/vendor/github.com/go-openapi/strfmt/README.md +++ /dev/null @@ -1,73 +0,0 @@ -# Strfmt [![Build Status](https://travis-ci.org/go-openapi/strfmt.svg?branch=master)](https://travis-ci.org/go-openapi/strfmt) [![codecov](https://codecov.io/gh/go-openapi/strfmt/branch/master/graph/badge.svg)](https://codecov.io/gh/go-openapi/strfmt) [![Slack Status](https://slackin.goswagger.io/badge.svg)](https://slackin.goswagger.io) - -[![license](http://img.shields.io/badge/license-Apache%20v2-orange.svg)](https://raw.githubusercontent.com/go-openapi/strfmt/master/LICENSE) -[![GoDoc](https://godoc.org/github.com/go-openapi/strfmt?status.svg)](http://godoc.org/github.com/go-openapi/strfmt) -[![GolangCI](https://golangci.com/badges/github.com/go-openapi/strfmt.svg)](https://golangci.com) -[![Go Report Card](https://goreportcard.com/badge/github.com/go-openapi/strfmt)](https://goreportcard.com/report/github.com/go-openapi/strfmt) - -This package exposes a registry of data types to support string formats in the go-openapi toolkit. - -strfmt represents a well known string format such as credit card or email. The go toolkit for OpenAPI specifications knows how to deal with those. - -## Supported data formats -go-openapi/strfmt follows the swagger 2.0 specification with the following formats -defined [here](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types). - -It also provides convenient extensions to go-openapi users. - -- [x] JSON-schema draft 4 formats - - date-time - - email - - hostname - - ipv4 - - ipv6 - - uri -- [x] swagger 2.0 format extensions - - binary - - byte (e.g. base64 encoded string) - - date (e.g. "1970-01-01") - - password -- [x] go-openapi custom format extensions - - bsonobjectid (BSON objectID) - - creditcard - - duration (e.g. "3 weeks", "1ms") - - hexcolor (e.g. "#FFFFFF") - - isbn, isbn10, isbn13 - - mac (e.g "01:02:03:04:05:06") - - rgbcolor (e.g. "rgb(100,100,100)") - - ssn - - uuid, uuid3, uuid4, uuid5 - - cidr (e.g. "192.0.2.1/24", "2001:db8:a0b:12f0::1/32") - -> NOTE: as the name stands for, this package is intended to support string formatting only. -> It does not provide validation for numerical values with swagger format extension for JSON types "number" or -> "integer" (e.g. float, double, int32...). - -## Format types -Types defined in strfmt expose marshaling and validation capabilities. - -List of defined types: -- Base64 -- CreditCard -- Date -- DateTime -- Duration -- Email -- HexColor -- Hostname -- IPv4 -- IPv6 -- CIDR -- ISBN -- ISBN10 -- ISBN13 -- MAC -- ObjectId -- Password -- RGBColor -- SSN -- URI -- UUID -- UUID3 -- UUID4 -- UUID5 diff --git a/vendor/github.com/go-openapi/strfmt/go.mod b/vendor/github.com/go-openapi/strfmt/go.mod deleted file mode 100644 index 78c8489b20d0..000000000000 --- a/vendor/github.com/go-openapi/strfmt/go.mod +++ /dev/null @@ -1,13 +0,0 @@ -module github.com/go-openapi/strfmt - -require ( - github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a - github.com/go-openapi/errors v0.19.2 - github.com/go-stack/stack v1.8.0 // indirect - github.com/google/go-cmp v0.3.0 // indirect - github.com/google/uuid v1.1.1 - github.com/mitchellh/mapstructure v1.1.2 - github.com/stretchr/testify v1.3.0 - github.com/tidwall/pretty v1.0.0 // indirect - go.mongodb.org/mongo-driver v1.0.3 -) diff --git a/vendor/github.com/go-openapi/strfmt/go.sum b/vendor/github.com/go-openapi/strfmt/go.sum deleted file mode 100644 index e53dd37c10a9..000000000000 --- a/vendor/github.com/go-openapi/strfmt/go.sum +++ /dev/null @@ -1,25 +0,0 @@ -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/go-openapi/errors v0.19.2 h1:a2kIyV3w+OS3S97zxUndRVD46+FhGOUBDFY7nmu4CsY= -github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= -github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= -github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -go.mongodb.org/mongo-driver v1.0.3 h1:GKoji1ld3tw2aC+GX1wbr/J2fX13yNacEYoJ8Nhr0yU= -go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= diff --git a/vendor/github.com/go-openapi/validate/.editorconfig b/vendor/github.com/go-openapi/validate/.editorconfig deleted file mode 100644 index 3152da69a5d7..000000000000 --- a/vendor/github.com/go-openapi/validate/.editorconfig +++ /dev/null @@ -1,26 +0,0 @@ -# top-most EditorConfig file -root = true - -# Unix-style newlines with a newline ending every file -[*] -end_of_line = lf -insert_final_newline = true -indent_style = space -indent_size = 2 -trim_trailing_whitespace = true - -# Set default charset -[*.{js,py,go,scala,rb,java,html,css,less,sass,md}] -charset = utf-8 - -# Tab indentation (no size specified) -[*.go] -indent_style = tab - -[*.md] -trim_trailing_whitespace = false - -# Matches the exact files either package.json or .travis.yml -[{package.json,.travis.yml}] -indent_style = space -indent_size = 2 diff --git a/vendor/github.com/go-openapi/validate/.golangci.yml b/vendor/github.com/go-openapi/validate/.golangci.yml deleted file mode 100644 index dc8178c809db..000000000000 --- a/vendor/github.com/go-openapi/validate/.golangci.yml +++ /dev/null @@ -1,28 +0,0 @@ -linters-settings: - govet: - check-shadowing: true - golint: - min-confidence: 0 - gocyclo: - min-complexity: 50 - maligned: - suggest-new: true - dupl: - threshold: 100 - goconst: - min-len: 2 - min-occurrences: 3 - -linters: - enable-all: true - disable: - - maligned - - lll - - godox - - gocognit - - whitespace - - wsl - - funlen - - gochecknoglobals - - gochecknoinits - - scopelint diff --git a/vendor/github.com/go-openapi/validate/.travis.yml b/vendor/github.com/go-openapi/validate/.travis.yml deleted file mode 100644 index dd3a4b29fdc1..000000000000 --- a/vendor/github.com/go-openapi/validate/.travis.yml +++ /dev/null @@ -1,19 +0,0 @@ -after_success: -- bash <(curl -s https://codecov.io/bash) -go: -- 1.11.x -- 1.12.x -install: -- GO111MODULE=off go get -u gotest.tools/gotestsum -env: -- GO111MODULE=on -language: go -notifications: - slack: - secure: EmObnQuM9Mw8J9vpFaKKHqSMN4Wsr/A9+v7ewAD5cEhA0T1P4m7MbJMiJOhxUhj/X+BFh2DamW+P2lT8mybj5wg8wnkQ2BteKA8Tawi6f9PRw2NRheO8tAi8o/npLnlmet0kc93mn+oLuqHw36w4+j5mkOl2FghkfGiUVhwrhkCP7KXQN+3TU87e+/HzQumlJ3nsE+6terVxkH3PmaUTsS5ONaODZfuxFpfb7RsoEl3skHf6d+tr+1nViLxxly7558Nc33C+W1mr0qiEvMLZ+kJ/CpGWBJ6CUJM3jm6hNe2eMuIPwEK2hxZob8c7n22VPap4K6a0bBRoydoDXaba+2sD7Ym6ivDO/DVyL44VeBBLyIiIBylDGQdZH+6SoWm90Qe/i7tnY/T5Ao5igT8f3cfQY1c3EsTfqmlDfrhmACBmwSlgkdVBLTprHL63JMY24LWmh4jhxsmMRZhCL4dze8su1w6pLN/pD1pGHtKYCEVbdTmaM3PblNRFf12XB7qosmQsgUndH4Vq3bTbU0s1pKjeDhRyLvFzvR0TBbo0pDLEoF1A/i5GVFWa7yLZNUDudQERRh7qv/xBl2excIaQ1sV4DSVm7bAE9l6Kp+yeHQJW2uN6Y3X8wu9gB9nv9l5HBze7wh8KE6PyWAOLYYqZg9/sAtsv/2GcQqXcKFF1zcA= -script: -- gotestsum -f short-verbose -- -race ./... -- gotestsum -f short-verbose -- -timeout=20m -coverprofile=coverage.txt -covermode=atomic -args -enable-long ./... -- gotestsum -f short-verbose -- -timeout=30m -args -enable-go-swagger ./... -- go get -u github.com/go-openapi/runtime@master -- gotestsum -f short-verbose -- -timeout=30m github.com/go-openapi/runtime/... diff --git a/vendor/github.com/go-openapi/validate/CODE_OF_CONDUCT.md b/vendor/github.com/go-openapi/validate/CODE_OF_CONDUCT.md deleted file mode 100644 index 9322b065e37a..000000000000 --- a/vendor/github.com/go-openapi/validate/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,74 +0,0 @@ -# Contributor Covenant Code of Conduct - -## Our Pledge - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, gender identity and expression, level of experience, -nationality, personal appearance, race, religion, or sexual identity and -orientation. - -## Our Standards - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or -advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic - address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a - professional setting - -## Our Responsibilities - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -## Scope - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at ivan+abuse@flanders.co.nz. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, -available at [http://contributor-covenant.org/version/1/4][version] - -[homepage]: http://contributor-covenant.org -[version]: http://contributor-covenant.org/version/1/4/ diff --git a/vendor/github.com/go-openapi/validate/README.md b/vendor/github.com/go-openapi/validate/README.md deleted file mode 100644 index 08fb352bcf36..000000000000 --- a/vendor/github.com/go-openapi/validate/README.md +++ /dev/null @@ -1,6 +0,0 @@ -# Validation helpers [![Build Status](https://travis-ci.org/go-openapi/validate.svg?branch=master)](https://travis-ci.org/go-openapi/validate) [![codecov](https://codecov.io/gh/go-openapi/validate/branch/master/graph/badge.svg)](https://codecov.io/gh/go-openapi/validate) [![Slack Status](https://slackin.goswagger.io/badge.svg)](https://slackin.goswagger.io) - -[![license](http://img.shields.io/badge/license-Apache%20v2-orange.svg)](https://raw.githubusercontent.com/go-openapi/validate/master/LICENSE) -[![GoDoc](https://godoc.org/github.com/go-openapi/validate?status.svg)](http://godoc.org/github.com/go-openapi/validate) -[![GolangCI](https://golangci.com/badges/github.com/go-openapi/validate.svg)](https://golangci.com) -[![Go Report Card](https://goreportcard.com/badge/github.com/go-openapi/validate)](https://goreportcard.com/report/github.com/go-openapi/validate) diff --git a/vendor/github.com/go-openapi/validate/default_validator.go b/vendor/github.com/go-openapi/validate/default_validator.go deleted file mode 100644 index 26d54b7c23b2..000000000000 --- a/vendor/github.com/go-openapi/validate/default_validator.go +++ /dev/null @@ -1,281 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package validate - -import ( - "fmt" - "strings" - - "github.com/go-openapi/spec" -) - -// defaultValidator validates default values in a spec. -// According to Swagger spec, default values MUST validate their schema. -type defaultValidator struct { - SpecValidator *SpecValidator - visitedSchemas map[string]bool -} - -// resetVisited resets the internal state of visited schemas -func (d *defaultValidator) resetVisited() { - d.visitedSchemas = map[string]bool{} -} - -func isVisited(path string, visitedSchemas map[string]bool) bool { - found := visitedSchemas[path] - if !found { - // search for overlapping paths - frags := strings.Split(path, ".") - if len(frags) < 2 { - // shortcut exit on smaller paths - return found - } - last := len(frags) - 1 - var currentFragStr, parent string - for i := range frags { - if i == 0 { - currentFragStr = frags[last] - } else { - currentFragStr = strings.Join([]string{frags[last-i], currentFragStr}, ".") - } - if i < last { - parent = strings.Join(frags[0:last-i], ".") - } else { - parent = "" - } - if strings.HasSuffix(parent, currentFragStr) { - found = true - break - } - } - } - return found -} - -// beingVisited asserts a schema is being visited -func (d *defaultValidator) beingVisited(path string) { - d.visitedSchemas[path] = true -} - -// isVisited tells if a path has already been visited -func (d *defaultValidator) isVisited(path string) bool { - return isVisited(path, d.visitedSchemas) -} - -// Validate validates the default values declared in the swagger spec -func (d *defaultValidator) Validate() (errs *Result) { - errs = new(Result) - if d == nil || d.SpecValidator == nil { - return errs - } - d.resetVisited() - errs.Merge(d.validateDefaultValueValidAgainstSchema()) // error - - return errs -} - -func (d *defaultValidator) validateDefaultValueValidAgainstSchema() *Result { - // every default value that is specified must validate against the schema for that property - // headers, items, parameters, schema - - res := new(Result) - s := d.SpecValidator - - for method, pathItem := range s.analyzer.Operations() { - for path, op := range pathItem { - // parameters - for _, param := range paramHelp.safeExpandedParamsFor(path, method, op.ID, res, s) { - if param.Default != nil && param.Required { - res.AddWarnings(requiredHasDefaultMsg(param.Name, param.In)) - } - - // reset explored schemas to get depth-first recursive-proof exploration - d.resetVisited() - - // Check simple parameters first - // default values provided must validate against their inline definition (no explicit schema) - if param.Default != nil && param.Schema == nil { - // check param default value is valid - red := NewParamValidator(¶m, s.KnownFormats).Validate(param.Default) - if red.HasErrorsOrWarnings() { - res.AddErrors(defaultValueDoesNotValidateMsg(param.Name, param.In)) - res.Merge(red) - } - } - - // Recursively follows Items and Schemas - if param.Items != nil { - red := d.validateDefaultValueItemsAgainstSchema(param.Name, param.In, ¶m, param.Items) - if red.HasErrorsOrWarnings() { - res.AddErrors(defaultValueItemsDoesNotValidateMsg(param.Name, param.In)) - res.Merge(red) - } - } - - if param.Schema != nil { - // Validate default value against schema - red := d.validateDefaultValueSchemaAgainstSchema(param.Name, param.In, param.Schema) - if red.HasErrorsOrWarnings() { - res.AddErrors(defaultValueDoesNotValidateMsg(param.Name, param.In)) - res.Merge(red) - } - } - } - - if op.Responses != nil { - if op.Responses.Default != nil { - // Same constraint on default Response - res.Merge(d.validateDefaultInResponse(op.Responses.Default, jsonDefault, path, 0, op.ID)) - } - // Same constraint on regular Responses - if op.Responses.StatusCodeResponses != nil { // Safeguard - for code, r := range op.Responses.StatusCodeResponses { - res.Merge(d.validateDefaultInResponse(&r, "response", path, code, op.ID)) - } - } - } else if op.ID != "" { - // Empty op.ID means there is no meaningful operation: no need to report a specific message - res.AddErrors(noValidResponseMsg(op.ID)) - } - } - } - if s.spec.Spec().Definitions != nil { // Safeguard - // reset explored schemas to get depth-first recursive-proof exploration - d.resetVisited() - for nm, sch := range s.spec.Spec().Definitions { - res.Merge(d.validateDefaultValueSchemaAgainstSchema(fmt.Sprintf("definitions.%s", nm), "body", &sch)) - } - } - return res -} - -func (d *defaultValidator) validateDefaultInResponse(resp *spec.Response, responseType, path string, responseCode int, operationID string) *Result { - s := d.SpecValidator - - response, res := responseHelp.expandResponseRef(resp, path, s) - if !res.IsValid() { - return res - } - - responseName, responseCodeAsStr := responseHelp.responseMsgVariants(responseType, responseCode) - - // nolint: dupl - if response.Headers != nil { // Safeguard - for nm, h := range response.Headers { - // reset explored schemas to get depth-first recursive-proof exploration - d.resetVisited() - - if h.Default != nil { - red := NewHeaderValidator(nm, &h, s.KnownFormats).Validate(h.Default) - if red.HasErrorsOrWarnings() { - res.AddErrors(defaultValueHeaderDoesNotValidateMsg(operationID, nm, responseName)) - res.Merge(red) - } - } - - // Headers have inline definition, like params - if h.Items != nil { - red := d.validateDefaultValueItemsAgainstSchema(nm, "header", &h, h.Items) - if red.HasErrorsOrWarnings() { - res.AddErrors(defaultValueHeaderItemsDoesNotValidateMsg(operationID, nm, responseName)) - res.Merge(red) - } - } - - if _, err := compileRegexp(h.Pattern); err != nil { - res.AddErrors(invalidPatternInHeaderMsg(operationID, nm, responseName, h.Pattern, err)) - } - - // Headers don't have schema - } - } - if response.Schema != nil { - // reset explored schemas to get depth-first recursive-proof exploration - d.resetVisited() - - red := d.validateDefaultValueSchemaAgainstSchema(responseCodeAsStr, "response", response.Schema) - if red.HasErrorsOrWarnings() { - // Additional message to make sure the context of the error is not lost - res.AddErrors(defaultValueInDoesNotValidateMsg(operationID, responseName)) - res.Merge(red) - } - } - return res -} - -func (d *defaultValidator) validateDefaultValueSchemaAgainstSchema(path, in string, schema *spec.Schema) *Result { - if schema == nil || d.isVisited(path) { - // Avoids recursing if we are already done with that check - return nil - } - d.beingVisited(path) - res := new(Result) - s := d.SpecValidator - - if schema.Default != nil { - res.Merge(NewSchemaValidator(schema, s.spec.Spec(), path+".default", s.KnownFormats, SwaggerSchema(true)).Validate(schema.Default)) - } - if schema.Items != nil { - if schema.Items.Schema != nil { - res.Merge(d.validateDefaultValueSchemaAgainstSchema(path+".items.default", in, schema.Items.Schema)) - } - // Multiple schemas in items - if schema.Items.Schemas != nil { // Safeguard - for i, sch := range schema.Items.Schemas { - res.Merge(d.validateDefaultValueSchemaAgainstSchema(fmt.Sprintf("%s.items[%d].default", path, i), in, &sch)) - } - } - } - if _, err := compileRegexp(schema.Pattern); err != nil { - res.AddErrors(invalidPatternInMsg(path, in, schema.Pattern)) - } - if schema.AdditionalItems != nil && schema.AdditionalItems.Schema != nil { - // NOTE: we keep validating values, even though additionalItems is not supported by Swagger 2.0 (and 3.0 as well) - res.Merge(d.validateDefaultValueSchemaAgainstSchema(fmt.Sprintf("%s.additionalItems", path), in, schema.AdditionalItems.Schema)) - } - for propName, prop := range schema.Properties { - res.Merge(d.validateDefaultValueSchemaAgainstSchema(path+"."+propName, in, &prop)) - } - for propName, prop := range schema.PatternProperties { - res.Merge(d.validateDefaultValueSchemaAgainstSchema(path+"."+propName, in, &prop)) - } - if schema.AdditionalProperties != nil && schema.AdditionalProperties.Schema != nil { - res.Merge(d.validateDefaultValueSchemaAgainstSchema(fmt.Sprintf("%s.additionalProperties", path), in, schema.AdditionalProperties.Schema)) - } - if schema.AllOf != nil { - for i, aoSch := range schema.AllOf { - res.Merge(d.validateDefaultValueSchemaAgainstSchema(fmt.Sprintf("%s.allOf[%d]", path, i), in, &aoSch)) - } - } - return res -} - -// TODO: Temporary duplicated code. Need to refactor with examples -// nolint: dupl -func (d *defaultValidator) validateDefaultValueItemsAgainstSchema(path, in string, root interface{}, items *spec.Items) *Result { - res := new(Result) - s := d.SpecValidator - if items != nil { - if items.Default != nil { - res.Merge(newItemsValidator(path, in, items, root, s.KnownFormats).Validate(0, items.Default)) - } - if items.Items != nil { - res.Merge(d.validateDefaultValueItemsAgainstSchema(path+"[0].default", in, root, items.Items)) - } - if _, err := compileRegexp(items.Pattern); err != nil { - res.AddErrors(invalidPatternInMsg(path, in, items.Pattern)) - } - } - return res -} diff --git a/vendor/github.com/go-openapi/validate/doc.go b/vendor/github.com/go-openapi/validate/doc.go deleted file mode 100644 index f5ca9a5d580c..000000000000 --- a/vendor/github.com/go-openapi/validate/doc.go +++ /dev/null @@ -1,85 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -/* -Package validate provides methods to validate a swagger specification, -as well as tools to validate data against their schema. - -This package follows Swagger 2.0. specification (aka OpenAPI 2.0). Reference -can be found here: https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md. - -Validating a specification - -Validates a spec document (from JSON or YAML) against the JSON schema for swagger, -then checks a number of extra rules that can't be expressed in JSON schema. - -Entry points: - - Spec() - - NewSpecValidator() - - SpecValidator.Validate() - -Reported as errors: - [x] definition can't declare a property that's already defined by one of its ancestors - [x] definition's ancestor can't be a descendant of the same model - [x] path uniqueness: each api path should be non-verbatim (account for path param names) unique per method - [x] each security reference should contain only unique scopes - [x] each security scope in a security definition should be unique - [x] parameters in path must be unique - [x] each path parameter must correspond to a parameter placeholder and vice versa - [x] each referenceable definition must have references - [x] each definition property listed in the required array must be defined in the properties of the model - [x] each parameter should have a unique `name` and `type` combination - [x] each operation should have only 1 parameter of type body - [x] each reference must point to a valid object - [x] every default value that is specified must validate against the schema for that property - [x] items property is required for all schemas/definitions of type `array` - [x] path parameters must be declared a required - [x] headers must not contain $ref - [x] schema and property examples provided must validate against their respective object's schema - [x] examples provided must validate their schema - -Reported as warnings: - [x] path parameters should not contain any of [{,},\w] - [x] empty path - [x] unused definitions - [x] unsupported validation of examples on non-JSON media types - [x] examples in response without schema - [x] readOnly properties should not be required - -Validating a schema - -The schema validation toolkit validates data against JSON-schema-draft 04 schema. - -It is tested against the full json-schema-testing-suite (https://github.com/json-schema-org/JSON-Schema-Test-Suite), -except for the optional part (bignum, ECMA regexp, ...). - -It supports the complete JSON-schema vocabulary, including keywords not supported by Swagger (e.g. additionalItems, ...) - -Entry points: - - AgainstSchema() - - ... - -Known limitations - -With the current version of this package, the following aspects of swagger are not yet supported: - [ ] errors and warnings are not reported with key/line number in spec - [ ] default values and examples on responses only support application/json producer type - [ ] invalid numeric constraints (such as Minimum, etc..) are not checked except for default and example values - [ ] rules for collectionFormat are not implemented - [ ] no validation rule for polymorphism support (discriminator) [not done here] - [ ] valid js ECMA regexp not supported by Go regexp engine are considered invalid - [ ] arbitrary large numbers are not supported: max is math.MaxFloat64 - -*/ -package validate diff --git a/vendor/github.com/go-openapi/validate/example_validator.go b/vendor/github.com/go-openapi/validate/example_validator.go deleted file mode 100644 index 130359175131..000000000000 --- a/vendor/github.com/go-openapi/validate/example_validator.go +++ /dev/null @@ -1,270 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package validate - -import ( - "fmt" - - "github.com/go-openapi/spec" -) - -// ExampleValidator validates example values defined in a spec -type exampleValidator struct { - SpecValidator *SpecValidator - visitedSchemas map[string]bool -} - -// resetVisited resets the internal state of visited schemas -func (ex *exampleValidator) resetVisited() { - ex.visitedSchemas = map[string]bool{} -} - -// beingVisited asserts a schema is being visited -func (ex *exampleValidator) beingVisited(path string) { - ex.visitedSchemas[path] = true -} - -// isVisited tells if a path has already been visited -func (ex *exampleValidator) isVisited(path string) bool { - return isVisited(path, ex.visitedSchemas) -} - -// Validate validates the example values declared in the swagger spec -// Example values MUST conform to their schema. -// -// With Swagger 2.0, examples are supported in: -// - schemas -// - individual property -// - responses -// -func (ex *exampleValidator) Validate() (errs *Result) { - errs = new(Result) - if ex == nil || ex.SpecValidator == nil { - return errs - } - ex.resetVisited() - errs.Merge(ex.validateExampleValueValidAgainstSchema()) // error - - - return errs -} - -func (ex *exampleValidator) validateExampleValueValidAgainstSchema() *Result { - // every example value that is specified must validate against the schema for that property - // in: schemas, properties, object, items - // not in: headers, parameters without schema - - res := new(Result) - s := ex.SpecValidator - - for method, pathItem := range s.analyzer.Operations() { - for path, op := range pathItem { - // parameters - for _, param := range paramHelp.safeExpandedParamsFor(path, method, op.ID, res, s) { - - // As of swagger 2.0, Examples are not supported in simple parameters - // However, it looks like it is supported by go-openapi - - // reset explored schemas to get depth-first recursive-proof exploration - ex.resetVisited() - - // Check simple parameters first - // default values provided must validate against their inline definition (no explicit schema) - if param.Example != nil && param.Schema == nil { - // check param default value is valid - red := NewParamValidator(¶m, s.KnownFormats).Validate(param.Example) - if red.HasErrorsOrWarnings() { - res.AddWarnings(exampleValueDoesNotValidateMsg(param.Name, param.In)) - res.MergeAsWarnings(red) - } - } - - // Recursively follows Items and Schemas - if param.Items != nil { - red := ex.validateExampleValueItemsAgainstSchema(param.Name, param.In, ¶m, param.Items) - if red.HasErrorsOrWarnings() { - res.AddWarnings(exampleValueItemsDoesNotValidateMsg(param.Name, param.In)) - res.Merge(red) - } - } - - if param.Schema != nil { - // Validate example value against schema - red := ex.validateExampleValueSchemaAgainstSchema(param.Name, param.In, param.Schema) - if red.HasErrorsOrWarnings() { - res.AddWarnings(exampleValueDoesNotValidateMsg(param.Name, param.In)) - res.Merge(red) - } - } - } - - if op.Responses != nil { - if op.Responses.Default != nil { - // Same constraint on default Response - res.Merge(ex.validateExampleInResponse(op.Responses.Default, jsonDefault, path, 0, op.ID)) - } - // Same constraint on regular Responses - if op.Responses.StatusCodeResponses != nil { // Safeguard - for code, r := range op.Responses.StatusCodeResponses { - res.Merge(ex.validateExampleInResponse(&r, "response", path, code, op.ID)) - } - } - } else if op.ID != "" { - // Empty op.ID means there is no meaningful operation: no need to report a specific message - res.AddErrors(noValidResponseMsg(op.ID)) - } - } - } - if s.spec.Spec().Definitions != nil { // Safeguard - // reset explored schemas to get depth-first recursive-proof exploration - ex.resetVisited() - for nm, sch := range s.spec.Spec().Definitions { - res.Merge(ex.validateExampleValueSchemaAgainstSchema(fmt.Sprintf("definitions.%s", nm), "body", &sch)) - } - } - return res -} - -func (ex *exampleValidator) validateExampleInResponse(resp *spec.Response, responseType, path string, responseCode int, operationID string) *Result { - s := ex.SpecValidator - - response, res := responseHelp.expandResponseRef(resp, path, s) - if !res.IsValid() { // Safeguard - return res - } - - responseName, responseCodeAsStr := responseHelp.responseMsgVariants(responseType, responseCode) - - // nolint: dupl - if response.Headers != nil { // Safeguard - for nm, h := range response.Headers { - // reset explored schemas to get depth-first recursive-proof exploration - ex.resetVisited() - - if h.Example != nil { - red := NewHeaderValidator(nm, &h, s.KnownFormats).Validate(h.Example) - if red.HasErrorsOrWarnings() { - res.AddWarnings(exampleValueHeaderDoesNotValidateMsg(operationID, nm, responseName)) - res.MergeAsWarnings(red) - } - } - - // Headers have inline definition, like params - if h.Items != nil { - red := ex.validateExampleValueItemsAgainstSchema(nm, "header", &h, h.Items) - if red.HasErrorsOrWarnings() { - res.AddWarnings(exampleValueHeaderItemsDoesNotValidateMsg(operationID, nm, responseName)) - res.MergeAsWarnings(red) - } - } - - if _, err := compileRegexp(h.Pattern); err != nil { - res.AddErrors(invalidPatternInHeaderMsg(operationID, nm, responseName, h.Pattern, err)) - } - - // Headers don't have schema - } - } - if response.Schema != nil { - // reset explored schemas to get depth-first recursive-proof exploration - ex.resetVisited() - - red := ex.validateExampleValueSchemaAgainstSchema(responseCodeAsStr, "response", response.Schema) - if red.HasErrorsOrWarnings() { - // Additional message to make sure the context of the error is not lost - res.AddWarnings(exampleValueInDoesNotValidateMsg(operationID, responseName)) - res.Merge(red) - } - } - - if response.Examples != nil { - if response.Schema != nil { - if example, ok := response.Examples["application/json"]; ok { - res.MergeAsWarnings(NewSchemaValidator(response.Schema, s.spec.Spec(), path+".examples", s.KnownFormats, SwaggerSchema(true)).Validate(example)) - } else { - // TODO: validate other media types too - res.AddWarnings(examplesMimeNotSupportedMsg(operationID, responseName)) - } - } else { - res.AddWarnings(examplesWithoutSchemaMsg(operationID, responseName)) - } - } - return res -} - -func (ex *exampleValidator) validateExampleValueSchemaAgainstSchema(path, in string, schema *spec.Schema) *Result { - if schema == nil || ex.isVisited(path) { - // Avoids recursing if we are already done with that check - return nil - } - ex.beingVisited(path) - s := ex.SpecValidator - res := new(Result) - - if schema.Example != nil { - res.MergeAsWarnings(NewSchemaValidator(schema, s.spec.Spec(), path+".example", s.KnownFormats, SwaggerSchema(true)).Validate(schema.Example)) - } - if schema.Items != nil { - if schema.Items.Schema != nil { - res.Merge(ex.validateExampleValueSchemaAgainstSchema(path+".items.example", in, schema.Items.Schema)) - } - // Multiple schemas in items - if schema.Items.Schemas != nil { // Safeguard - for i, sch := range schema.Items.Schemas { - res.Merge(ex.validateExampleValueSchemaAgainstSchema(fmt.Sprintf("%s.items[%d].example", path, i), in, &sch)) - } - } - } - if _, err := compileRegexp(schema.Pattern); err != nil { - res.AddErrors(invalidPatternInMsg(path, in, schema.Pattern)) - } - if schema.AdditionalItems != nil && schema.AdditionalItems.Schema != nil { - // NOTE: we keep validating values, even though additionalItems is unsupported in Swagger 2.0 (and 3.0 as well) - res.Merge(ex.validateExampleValueSchemaAgainstSchema(fmt.Sprintf("%s.additionalItems", path), in, schema.AdditionalItems.Schema)) - } - for propName, prop := range schema.Properties { - res.Merge(ex.validateExampleValueSchemaAgainstSchema(path+"."+propName, in, &prop)) - } - for propName, prop := range schema.PatternProperties { - res.Merge(ex.validateExampleValueSchemaAgainstSchema(path+"."+propName, in, &prop)) - } - if schema.AdditionalProperties != nil && schema.AdditionalProperties.Schema != nil { - res.Merge(ex.validateExampleValueSchemaAgainstSchema(fmt.Sprintf("%s.additionalProperties", path), in, schema.AdditionalProperties.Schema)) - } - if schema.AllOf != nil { - for i, aoSch := range schema.AllOf { - res.Merge(ex.validateExampleValueSchemaAgainstSchema(fmt.Sprintf("%s.allOf[%d]", path, i), in, &aoSch)) - } - } - return res -} - -// TODO: Temporary duplicated code. Need to refactor with examples -// nolint: dupl -func (ex *exampleValidator) validateExampleValueItemsAgainstSchema(path, in string, root interface{}, items *spec.Items) *Result { - res := new(Result) - s := ex.SpecValidator - if items != nil { - if items.Example != nil { - res.MergeAsWarnings(newItemsValidator(path, in, items, root, s.KnownFormats).Validate(0, items.Example)) - } - if items.Items != nil { - res.Merge(ex.validateExampleValueItemsAgainstSchema(path+"[0].example", in, root, items.Items)) - } - if _, err := compileRegexp(items.Pattern); err != nil { - res.AddErrors(invalidPatternInMsg(path, in, items.Pattern)) - } - } - return res -} diff --git a/vendor/github.com/go-openapi/validate/go.mod b/vendor/github.com/go-openapi/validate/go.mod deleted file mode 100644 index 2d59ddbafab7..000000000000 --- a/vendor/github.com/go-openapi/validate/go.mod +++ /dev/null @@ -1,20 +0,0 @@ -module github.com/go-openapi/validate - -require ( - github.com/go-openapi/analysis v0.19.5 - github.com/go-openapi/errors v0.19.2 - github.com/go-openapi/jsonpointer v0.19.3 - github.com/go-openapi/jsonreference v0.19.3 // indirect - github.com/go-openapi/loads v0.19.4 - github.com/go-openapi/runtime v0.19.4 - github.com/go-openapi/spec v0.19.3 - github.com/go-openapi/strfmt v0.19.3 - github.com/go-openapi/swag v0.19.5 - github.com/mailru/easyjson v0.7.0 // indirect - github.com/stretchr/testify v1.4.0 - github.com/vektah/gqlparser v1.1.2 - go.mongodb.org/mongo-driver v1.1.2 // indirect - gopkg.in/yaml.v2 v2.2.4 -) - -go 1.13 diff --git a/vendor/github.com/go-openapi/validate/go.sum b/vendor/github.com/go-openapi/validate/go.sum deleted file mode 100644 index 0e9c75c1f2af..000000000000 --- a/vendor/github.com/go-openapi/validate/go.sum +++ /dev/null @@ -1,156 +0,0 @@ -github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/agnivade/levenshtein v1.0.1 h1:3oJU7J3FGFmyhn8KHjmVaZCN5hxTr7GxgRue+sxIXdQ= -github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= -github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= -github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8 h1:DujepqpGd1hyOd7aW59XpK7Qymp8iy83xq74fLr21is= -github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= -github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= -github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= -github.com/go-openapi/analysis v0.19.2 h1:ophLETFestFZHk3ji7niPEL4d466QjW+0Tdg5VyDq7E= -github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk= -github.com/go-openapi/analysis v0.19.5 h1:8b2ZgKfKIUTVQpTb77MoRDIMEIwvDVw40o3aOXdfYzI= -github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU= -github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.19.2 h1:a2kIyV3w+OS3S97zxUndRVD46+FhGOUBDFY7nmu4CsY= -github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= -github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.19.2 h1:A9+F4Dc/MCNB5jibxf6rRvOvR/iFgQdyNx9eIhnGqq0= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3 h1:gihV7YNZK1iK6Tgwwsxo2rJbD1GTbdm72325Bq8FI3w= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.19.2 h1:o20suLFB4Ri0tuzpWtyHlh7E7HnkqTNLq6aR6WVNS1w= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/jsonreference v0.19.3 h1:5cxNfTy0UVC3X8JL5ymxzyoUZmo8iZb+jeTWn7tUa8o= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.19.0 h1:wCOBNscACI8L93tt5tvB2zOMkJ098XCw3fP0BY2ybDA= -github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.19.2 h1:rf5ArTHmIJxyV5Oiks+Su0mUens1+AjpkPoWr5xFRcI= -github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs= -github.com/go-openapi/loads v0.19.3 h1:jwIoahqCmaA5OBoc/B+1+Mu2L0Gr8xYQnbeyQEo/7b0= -github.com/go-openapi/loads v0.19.3/go.mod h1:YVfqhUCdahYwR3f3iiwQLhicVRvLlU/WO5WPaZvcvSI= -github.com/go-openapi/loads v0.19.4 h1:5I4CCSqoWzT+82bBkNIvmLc0UOsoKKQ4Fz+3VxOB7SY= -github.com/go-openapi/loads v0.19.4/go.mod h1:zZVHonKd8DXyxyw4yfnVjPzBjIQcLt0CCsn0N0ZrQsk= -github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA= -github.com/go-openapi/runtime v0.19.0 h1:sU6pp4dSV2sGlNKKyHxZzi1m1kG4WnYtWcJ+HYbygjE= -github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64= -github.com/go-openapi/runtime v0.19.4 h1:csnOgcgAiuGoM/Po7PEpKDoNulCcF3FGbSnbHfxgjMI= -github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4= -github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.19.2 h1:SStNd1jRcYtfKCN7R0laGNs80WYYvn5CbBjM2sOmCrE= -github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY= -github.com/go-openapi/spec v0.19.3 h1:0XRyw8kguri6Yw4SxhsQA/atC88yqrk0+G4YhI2wabc= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.19.0 h1:0Dn9qy1G9+UJfRU7TR8bmdGxb4uifB7HNrJjOnV0yPk= -github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY= -github.com/go-openapi/strfmt v0.19.3 h1:eRfyY5SkaNJCAwmmMcADjY31ow9+N7MCLW7oRkbsINA= -github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= -github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.19.2 h1:jvO6bCMBEilGwMfHhrd61zIID4oIFdwb76V17SM88dE= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= -github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA= -github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63 h1:nTT4s92Dgz2HlrB2NaMgvlfqHH39OgMhA7z3PK7PGD4= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e h1:hB2xlXdHp/pmPZq0y3QnmWAArdw9PqbmotexnWx/FU8= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.0 h1:aizVhC/NAAcKWb+5QsU1iNOZb4Yws5UO2I+aIprQITM= -github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= -github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= -github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -github.com/vektah/gqlparser v1.1.2 h1:ZsyLGn7/7jDNI+y4SEhI4yAxRChlv15pUHMjijT+e68= -github.com/vektah/gqlparser v1.1.2/go.mod h1:1ycwN7Ij5njmMkPPAOaRFY4rET2Enx7IkVv3vaXspKw= -go.mongodb.org/mongo-driver v1.0.3 h1:GKoji1ld3tw2aC+GX1wbr/J2fX13yNacEYoJ8Nhr0yU= -go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.mongodb.org/mongo-driver v1.1.1 h1:Sq1fR+0c58RME5EoqKdjkiQAmPjmfHlZOoRI6fTUOcs= -go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.mongodb.org/mongo-driver v1.1.2 h1:jxcFYjlkl8xaERsgLo+RNquI0epW6zuy/ZRQs6jnrFA= -go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980 h1:dfGZHvZk057jK2MCeWus/TowKpJ8y4AmooUzdBSR9GU= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 h1:k7pJ2yAPLPgbskkFdhRCsA77k2fySZ1zf2zCjvQCiIM= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191014212845-da9a3fd4c582 h1:p9xBe/w/OzkeYVKm234g55gMdD1nSIooTir5kV11kfA= -golang.org/x/net v0.0.0-20191014212845-da9a3fd4c582/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190125232054-d66bd3c5d5a6/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/vendor/github.com/go-openapi/validate/helpers.go b/vendor/github.com/go-openapi/validate/helpers.go deleted file mode 100644 index 4b77a0004741..000000000000 --- a/vendor/github.com/go-openapi/validate/helpers.go +++ /dev/null @@ -1,324 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package validate - -// TODO: define this as package validate/internal -// This must be done while keeping CI intact with all tests and test coverage - -import ( - "reflect" - "strconv" - "strings" - - "github.com/go-openapi/errors" - "github.com/go-openapi/spec" -) - -const ( - swaggerBody = "body" - swaggerExample = "example" - swaggerExamples = "examples" -) - -const ( - objectType = "object" - arrayType = "array" - stringType = "string" - integerType = "integer" - numberType = "number" - booleanType = "boolean" - fileType = "file" - nullType = "null" -) - -const ( - jsonProperties = "properties" - jsonItems = "items" - jsonType = "type" - //jsonSchema = "schema" - jsonDefault = "default" -) - -const ( - stringFormatDate = "date" - stringFormatDateTime = "date-time" - stringFormatPassword = "password" - stringFormatByte = "byte" - //stringFormatBinary = "binary" - stringFormatCreditCard = "creditcard" - stringFormatDuration = "duration" - stringFormatEmail = "email" - stringFormatHexColor = "hexcolor" - stringFormatHostname = "hostname" - stringFormatIPv4 = "ipv4" - stringFormatIPv6 = "ipv6" - stringFormatISBN = "isbn" - stringFormatISBN10 = "isbn10" - stringFormatISBN13 = "isbn13" - stringFormatMAC = "mac" - stringFormatBSONObjectID = "bsonobjectid" - stringFormatRGBColor = "rgbcolor" - stringFormatSSN = "ssn" - stringFormatURI = "uri" - stringFormatUUID = "uuid" - stringFormatUUID3 = "uuid3" - stringFormatUUID4 = "uuid4" - stringFormatUUID5 = "uuid5" - - integerFormatInt32 = "int32" - integerFormatInt64 = "int64" - integerFormatUInt32 = "uint32" - integerFormatUInt64 = "uint64" - - numberFormatFloat32 = "float32" - numberFormatFloat64 = "float64" - numberFormatFloat = "float" - numberFormatDouble = "double" -) - -// Helpers available at the package level -var ( - pathHelp *pathHelper - valueHelp *valueHelper - errorHelp *errorHelper - paramHelp *paramHelper - responseHelp *responseHelper -) - -type errorHelper struct { - // A collection of unexported helpers for error construction -} - -func (h *errorHelper) sErr(err errors.Error) *Result { - // Builds a Result from standard errors.Error - return &Result{Errors: []error{err}} -} - -func (h *errorHelper) addPointerError(res *Result, err error, ref string, fromPath string) *Result { - // Provides more context on error messages - // reported by the jsoinpointer package by altering the passed Result - if err != nil { - res.AddErrors(cannotResolveRefMsg(fromPath, ref, err)) - } - return res -} - -type pathHelper struct { - // A collection of unexported helpers for path validation -} - -func (h *pathHelper) stripParametersInPath(path string) string { - // Returns a path stripped from all path parameters, with multiple or trailing slashes removed. - // - // Stripping is performed on a slash-separated basis, e.g '/a{/b}' remains a{/b} and not /a. - // - Trailing "/" make a difference, e.g. /a/ !~ /a (ex: canary/bitbucket.org/swagger.json) - // - presence or absence of a parameter makes a difference, e.g. /a/{log} !~ /a/ (ex: canary/kubernetes/swagger.json) - - // Regexp to extract parameters from path, with surrounding {}. - // NOTE: important non-greedy modifier - rexParsePathParam := mustCompileRegexp(`{[^{}]+?}`) - strippedSegments := []string{} - - for _, segment := range strings.Split(path, "/") { - strippedSegments = append(strippedSegments, rexParsePathParam.ReplaceAllString(segment, "X")) - } - return strings.Join(strippedSegments, "/") -} - -func (h *pathHelper) extractPathParams(path string) (params []string) { - // Extracts all params from a path, with surrounding "{}" - rexParsePathParam := mustCompileRegexp(`{[^{}]+?}`) - - for _, segment := range strings.Split(path, "/") { - for _, v := range rexParsePathParam.FindAllStringSubmatch(segment, -1) { - params = append(params, v...) - } - } - return -} - -type valueHelper struct { - // A collection of unexported helpers for value validation -} - -func (h *valueHelper) asInt64(val interface{}) int64 { - // Number conversion function for int64, without error checking - // (implements an implicit type upgrade). - v := reflect.ValueOf(val) - switch v.Kind() { - case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: - return v.Int() - case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: - return int64(v.Uint()) - case reflect.Float32, reflect.Float64: - return int64(v.Float()) - default: - //panic("Non numeric value in asInt64()") - return 0 - } -} - -func (h *valueHelper) asUint64(val interface{}) uint64 { - // Number conversion function for uint64, without error checking - // (implements an implicit type upgrade). - v := reflect.ValueOf(val) - switch v.Kind() { - case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: - return uint64(v.Int()) - case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: - return v.Uint() - case reflect.Float32, reflect.Float64: - return uint64(v.Float()) - default: - //panic("Non numeric value in asUint64()") - return 0 - } -} - -// Same for unsigned floats -func (h *valueHelper) asFloat64(val interface{}) float64 { - // Number conversion function for float64, without error checking - // (implements an implicit type upgrade). - v := reflect.ValueOf(val) - switch v.Kind() { - case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: - return float64(v.Int()) - case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: - return float64(v.Uint()) - case reflect.Float32, reflect.Float64: - return v.Float() - default: - //panic("Non numeric value in asFloat64()") - return 0 - } -} - -type paramHelper struct { - // A collection of unexported helpers for parameters resolution -} - -func (h *paramHelper) safeExpandedParamsFor(path, method, operationID string, res *Result, s *SpecValidator) (params []spec.Parameter) { - operation, ok := s.analyzer.OperationFor(method, path) - if ok { - // expand parameters first if necessary - resolvedParams := []spec.Parameter{} - for _, ppr := range operation.Parameters { - resolvedParam, red := h.resolveParam(path, method, operationID, &ppr, s) - res.Merge(red) - if resolvedParam != nil { - resolvedParams = append(resolvedParams, *resolvedParam) - } - } - // remove params with invalid expansion from Slice - operation.Parameters = resolvedParams - - for _, ppr := range s.analyzer.SafeParamsFor(method, path, - func(p spec.Parameter, err error) bool { - // since params have already been expanded, there are few causes for error - res.AddErrors(someParametersBrokenMsg(path, method, operationID)) - // original error from analyzer - res.AddErrors(err) - return true - }) { - params = append(params, ppr) - } - } - return -} - -func (h *paramHelper) resolveParam(path, method, operationID string, param *spec.Parameter, s *SpecValidator) (*spec.Parameter, *Result) { - // Ensure parameter is expanded - var err error - res := new(Result) - isRef := param.Ref.String() != "" - if s.spec.SpecFilePath() == "" { - err = spec.ExpandParameterWithRoot(param, s.spec.Spec(), nil) - } else { - err = spec.ExpandParameter(param, s.spec.SpecFilePath()) - - } - if err != nil { // Safeguard - // NOTE: we may enter enter here when the whole parameter is an unresolved $ref - refPath := strings.Join([]string{"\"" + path + "\"", method}, ".") - errorHelp.addPointerError(res, err, param.Ref.String(), refPath) - return nil, res - } - res.Merge(h.checkExpandedParam(param, param.Name, param.In, operationID, isRef)) - return param, res -} - -func (h *paramHelper) checkExpandedParam(pr *spec.Parameter, path, in, operation string, isRef bool) *Result { - // Secure parameter structure after $ref resolution - res := new(Result) - simpleZero := spec.SimpleSchema{} - // Try to explain why... best guess - switch { - case pr.In == swaggerBody && (pr.SimpleSchema != simpleZero && pr.SimpleSchema.Type != objectType): - if isRef { - // Most likely, a $ref with a sibling is an unwanted situation: in itself this is a warning... - // but we detect it because of the following error: - // schema took over Parameter for an unexplained reason - res.AddWarnings(refShouldNotHaveSiblingsMsg(path, operation)) - } - res.AddErrors(invalidParameterDefinitionMsg(path, in, operation)) - case pr.In != swaggerBody && pr.Schema != nil: - if isRef { - res.AddWarnings(refShouldNotHaveSiblingsMsg(path, operation)) - } - res.AddErrors(invalidParameterDefinitionAsSchemaMsg(path, in, operation)) - case (pr.In == swaggerBody && pr.Schema == nil) || (pr.In != swaggerBody && pr.SimpleSchema == simpleZero): - // Other unexpected mishaps - res.AddErrors(invalidParameterDefinitionMsg(path, in, operation)) - } - return res -} - -type responseHelper struct { - // A collection of unexported helpers for response resolution -} - -func (r *responseHelper) expandResponseRef( - response *spec.Response, - path string, s *SpecValidator) (*spec.Response, *Result) { - // Ensure response is expanded - var err error - res := new(Result) - if s.spec.SpecFilePath() == "" { - // there is no physical document to resolve $ref in response - err = spec.ExpandResponseWithRoot(response, s.spec.Spec(), nil) - } else { - err = spec.ExpandResponse(response, s.spec.SpecFilePath()) - } - if err != nil { // Safeguard - // NOTE: we may enter here when the whole response is an unresolved $ref. - errorHelp.addPointerError(res, err, response.Ref.String(), path) - return nil, res - } - return response, res -} - -func (r *responseHelper) responseMsgVariants( - responseType string, - responseCode int) (responseName, responseCodeAsStr string) { - // Path variants for messages - if responseType == jsonDefault { - responseCodeAsStr = jsonDefault - responseName = "default response" - } else { - responseCodeAsStr = strconv.Itoa(responseCode) - responseName = "response " + responseCodeAsStr - } - return -} diff --git a/vendor/github.com/go-openapi/validate/result.go b/vendor/github.com/go-openapi/validate/result.go deleted file mode 100644 index 8f5f935e5d14..000000000000 --- a/vendor/github.com/go-openapi/validate/result.go +++ /dev/null @@ -1,486 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package validate - -import ( - "fmt" - "reflect" - "strings" - - "github.com/go-openapi/errors" - "github.com/go-openapi/spec" -) - -// Result represents a validation result set, composed of -// errors and warnings. -// -// It is used to keep track of all detected errors and warnings during -// the validation of a specification. -// -// Matchcount is used to determine -// which errors are relevant in the case of AnyOf, OneOf -// schema validation. Results from the validation branch -// with most matches get eventually selected. -// -// TODO: keep path of key originating the error -type Result struct { - Errors []error - Warnings []error - MatchCount int - - // the object data - data interface{} - - // Schemata for the root object - rootObjectSchemata schemata - // Schemata for object fields - fieldSchemata []fieldSchemata - // Schemata for slice items - itemSchemata []itemSchemata - - cachedFieldSchemta map[FieldKey][]*spec.Schema - cachedItemSchemata map[ItemKey][]*spec.Schema -} - -// FieldKey is a pair of an object and a field, usable as a key for a map. -type FieldKey struct { - object reflect.Value // actually a map[string]interface{}, but the latter cannot be a key - field string -} - -// ItemKey is a pair of a slice and an index, usable as a key for a map. -type ItemKey struct { - slice reflect.Value // actually a []interface{}, but the latter cannot be a key - index int -} - -// NewFieldKey returns a pair of an object and field usable as a key of a map. -func NewFieldKey(obj map[string]interface{}, field string) FieldKey { - return FieldKey{object: reflect.ValueOf(obj), field: field} -} - -// Object returns the underlying object of this key. -func (fk *FieldKey) Object() map[string]interface{} { - return fk.object.Interface().(map[string]interface{}) -} - -// Field returns the underlying field of this key. -func (fk *FieldKey) Field() string { - return fk.field -} - -// NewItemKey returns a pair of a slice and index usable as a key of a map. -func NewItemKey(slice interface{}, i int) ItemKey { - return ItemKey{slice: reflect.ValueOf(slice), index: i} -} - -// Slice returns the underlying slice of this key. -func (ik *ItemKey) Slice() []interface{} { - return ik.slice.Interface().([]interface{}) -} - -// Index returns the underlying index of this key. -func (ik *ItemKey) Index() int { - return ik.index -} - -type fieldSchemata struct { - obj map[string]interface{} - field string - schemata schemata -} - -type itemSchemata struct { - slice reflect.Value - index int - schemata schemata -} - -// Merge merges this result with the other one(s), preserving match counts etc. -func (r *Result) Merge(others ...*Result) *Result { - for _, other := range others { - if other == nil { - continue - } - r.mergeWithoutRootSchemata(other) - r.rootObjectSchemata.Append(other.rootObjectSchemata) - } - return r -} - -// Data returns the original data object used for validation. Mutating this renders -// the result invalid. -func (r *Result) Data() interface{} { - return r.data -} - -// RootObjectSchemata returns the schemata which apply to the root object. -func (r *Result) RootObjectSchemata() []*spec.Schema { - return r.rootObjectSchemata.Slice() -} - -// FieldSchemata returns the schemata which apply to fields in objects. -// nolint: dupl -func (r *Result) FieldSchemata() map[FieldKey][]*spec.Schema { - if r.cachedFieldSchemta != nil { - return r.cachedFieldSchemta - } - - ret := make(map[FieldKey][]*spec.Schema, len(r.fieldSchemata)) - for _, fs := range r.fieldSchemata { - key := NewFieldKey(fs.obj, fs.field) - if fs.schemata.one != nil { - ret[key] = append(ret[key], fs.schemata.one) - } else if len(fs.schemata.multiple) > 0 { - ret[key] = append(ret[key], fs.schemata.multiple...) - } - } - r.cachedFieldSchemta = ret - return ret -} - -// ItemSchemata returns the schemata which apply to items in slices. -// nolint: dupl -func (r *Result) ItemSchemata() map[ItemKey][]*spec.Schema { - if r.cachedItemSchemata != nil { - return r.cachedItemSchemata - } - - ret := make(map[ItemKey][]*spec.Schema, len(r.itemSchemata)) - for _, ss := range r.itemSchemata { - key := NewItemKey(ss.slice, ss.index) - if ss.schemata.one != nil { - ret[key] = append(ret[key], ss.schemata.one) - } else if len(ss.schemata.multiple) > 0 { - ret[key] = append(ret[key], ss.schemata.multiple...) - } - } - r.cachedItemSchemata = ret - return ret -} - -func (r *Result) resetCaches() { - r.cachedFieldSchemta = nil - r.cachedItemSchemata = nil -} - -// mergeForField merges other into r, assigning other's root schemata to the given Object and field name. -// nolint: unparam -func (r *Result) mergeForField(obj map[string]interface{}, field string, other *Result) *Result { - if other == nil { - return r - } - r.mergeWithoutRootSchemata(other) - - if other.rootObjectSchemata.Len() > 0 { - if r.fieldSchemata == nil { - r.fieldSchemata = make([]fieldSchemata, len(obj)) - } - r.fieldSchemata = append(r.fieldSchemata, fieldSchemata{ - obj: obj, - field: field, - schemata: other.rootObjectSchemata, - }) - } - - return r -} - -// mergeForSlice merges other into r, assigning other's root schemata to the given slice and index. -// nolint: unparam -func (r *Result) mergeForSlice(slice reflect.Value, i int, other *Result) *Result { - if other == nil { - return r - } - r.mergeWithoutRootSchemata(other) - - if other.rootObjectSchemata.Len() > 0 { - if r.itemSchemata == nil { - r.itemSchemata = make([]itemSchemata, slice.Len()) - } - r.itemSchemata = append(r.itemSchemata, itemSchemata{ - slice: slice, - index: i, - schemata: other.rootObjectSchemata, - }) - } - - return r -} - -// addRootObjectSchemata adds the given schemata for the root object of the result. -// The slice schemata might be reused. I.e. do not modify it after being added to a result. -func (r *Result) addRootObjectSchemata(s *spec.Schema) { - r.rootObjectSchemata.Append(schemata{one: s}) -} - -// addPropertySchemata adds the given schemata for the object and field. -// The slice schemata might be reused. I.e. do not modify it after being added to a result. -func (r *Result) addPropertySchemata(obj map[string]interface{}, fld string, schema *spec.Schema) { - if r.fieldSchemata == nil { - r.fieldSchemata = make([]fieldSchemata, 0, len(obj)) - } - r.fieldSchemata = append(r.fieldSchemata, fieldSchemata{obj: obj, field: fld, schemata: schemata{one: schema}}) -} - -/* -// addSliceSchemata adds the given schemata for the slice and index. -// The slice schemata might be reused. I.e. do not modify it after being added to a result. -func (r *Result) addSliceSchemata(slice reflect.Value, i int, schema *spec.Schema) { - if r.itemSchemata == nil { - r.itemSchemata = make([]itemSchemata, 0, slice.Len()) - } - r.itemSchemata = append(r.itemSchemata, itemSchemata{slice: slice, index: i, schemata: schemata{one: schema}}) -} -*/ - -// mergeWithoutRootSchemata merges other into r, ignoring the rootObject schemata. -func (r *Result) mergeWithoutRootSchemata(other *Result) { - r.resetCaches() - r.AddErrors(other.Errors...) - r.AddWarnings(other.Warnings...) - r.MatchCount += other.MatchCount - - if other.fieldSchemata != nil { - if r.fieldSchemata == nil { - r.fieldSchemata = other.fieldSchemata - } else { - r.fieldSchemata = append(r.fieldSchemata, other.fieldSchemata...) - } - } - - if other.itemSchemata != nil { - if r.itemSchemata == nil { - r.itemSchemata = other.itemSchemata - } else { - r.itemSchemata = append(r.itemSchemata, other.itemSchemata...) - } - } -} - -// MergeAsErrors merges this result with the other one(s), preserving match counts etc. -// -// Warnings from input are merged as Errors in the returned merged Result. -func (r *Result) MergeAsErrors(others ...*Result) *Result { - for _, other := range others { - if other != nil { - r.resetCaches() - r.AddErrors(other.Errors...) - r.AddErrors(other.Warnings...) - r.MatchCount += other.MatchCount - } - } - return r -} - -// MergeAsWarnings merges this result with the other one(s), preserving match counts etc. -// -// Errors from input are merged as Warnings in the returned merged Result. -func (r *Result) MergeAsWarnings(others ...*Result) *Result { - for _, other := range others { - if other != nil { - r.resetCaches() - r.AddWarnings(other.Errors...) - r.AddWarnings(other.Warnings...) - r.MatchCount += other.MatchCount - } - } - return r -} - -// AddErrors adds errors to this validation result (if not already reported). -// -// Since the same check may be passed several times while exploring the -// spec structure (via $ref, ...) reported messages are kept -// unique. -func (r *Result) AddErrors(errors ...error) { - for _, e := range errors { - found := false - if e != nil { - for _, isReported := range r.Errors { - if e.Error() == isReported.Error() { - found = true - break - } - } - if !found { - r.Errors = append(r.Errors, e) - } - } - } -} - -// AddWarnings adds warnings to this validation result (if not already reported). -func (r *Result) AddWarnings(warnings ...error) { - for _, e := range warnings { - found := false - if e != nil { - for _, isReported := range r.Warnings { - if e.Error() == isReported.Error() { - found = true - break - } - } - if !found { - r.Warnings = append(r.Warnings, e) - } - } - } -} - -func (r *Result) keepRelevantErrors() *Result { - // TODO: this one is going to disapear... - // keepRelevantErrors strips a result from standard errors and keeps - // the ones which are supposedly more accurate. - // - // The original result remains unaffected (creates a new instance of Result). - // This method is used to work around the "matchCount" filter which would otherwise - // strip our result from some accurate error reporting from lower level validators. - // - // NOTE: this implementation with a placeholder (IMPORTANT!) is neither clean nor - // very efficient. On the other hand, relying on go-openapi/errors to manipulate - // codes would require to change a lot here. So, for the moment, let's go with - // placeholders. - strippedErrors := []error{} - for _, e := range r.Errors { - if strings.HasPrefix(e.Error(), "IMPORTANT!") { - strippedErrors = append(strippedErrors, fmt.Errorf(strings.TrimPrefix(e.Error(), "IMPORTANT!"))) - } - } - strippedWarnings := []error{} - for _, e := range r.Warnings { - if strings.HasPrefix(e.Error(), "IMPORTANT!") { - strippedWarnings = append(strippedWarnings, fmt.Errorf(strings.TrimPrefix(e.Error(), "IMPORTANT!"))) - } - } - strippedResult := new(Result) - strippedResult.Errors = strippedErrors - strippedResult.Warnings = strippedWarnings - return strippedResult -} - -// IsValid returns true when this result is valid. -// -// Returns true on a nil *Result. -func (r *Result) IsValid() bool { - if r == nil { - return true - } - return len(r.Errors) == 0 -} - -// HasErrors returns true when this result is invalid. -// -// Returns false on a nil *Result. -func (r *Result) HasErrors() bool { - if r == nil { - return false - } - return !r.IsValid() -} - -// HasWarnings returns true when this result contains warnings. -// -// Returns false on a nil *Result. -func (r *Result) HasWarnings() bool { - if r == nil { - return false - } - return len(r.Warnings) > 0 -} - -// HasErrorsOrWarnings returns true when this result contains -// either errors or warnings. -// -// Returns false on a nil *Result. -func (r *Result) HasErrorsOrWarnings() bool { - if r == nil { - return false - } - return len(r.Errors) > 0 || len(r.Warnings) > 0 -} - -// Inc increments the match count -func (r *Result) Inc() { - r.MatchCount++ -} - -// AsError renders this result as an error interface -// -// TODO: reporting / pretty print with path ordered and indented -func (r *Result) AsError() error { - if r.IsValid() { - return nil - } - return errors.CompositeValidationError(r.Errors...) -} - -// schemata is an arbitrary number of schemata. It does a distinction between zero, -// one and many schemata to avoid slice allocations. -type schemata struct { - // one is set if there is exactly one schema. In that case multiple must be nil. - one *spec.Schema - // multiple is an arbitrary number of schemas. If it is set, one must be nil. - multiple []*spec.Schema -} - -func (s *schemata) Len() int { - if s.one != nil { - return 1 - } - return len(s.multiple) -} - -func (s *schemata) Slice() []*spec.Schema { - if s == nil { - return nil - } - if s.one != nil { - return []*spec.Schema{s.one} - } - return s.multiple -} - -// appendSchemata appends the schemata in other to s. It mutated s in-place. -func (s *schemata) Append(other schemata) { - if other.one == nil && len(other.multiple) == 0 { - return - } - if s.one == nil && len(s.multiple) == 0 { - *s = other - return - } - - if s.one != nil { - if other.one != nil { - s.multiple = []*spec.Schema{s.one, other.one} - } else { - t := make([]*spec.Schema, 0, 1+len(other.multiple)) - s.multiple = append(append(t, s.one), other.multiple...) - } - s.one = nil - } else { - if other.one != nil { - s.multiple = append(s.multiple, other.one) - } else { - if cap(s.multiple) >= len(s.multiple)+len(other.multiple) { - s.multiple = append(s.multiple, other.multiple...) - } else { - t := make([]*spec.Schema, 0, len(s.multiple)+len(other.multiple)) - s.multiple = append(append(t, s.multiple...), other.multiple...) - } - } - } -} diff --git a/vendor/github.com/go-openapi/validate/schema_option.go b/vendor/github.com/go-openapi/validate/schema_option.go deleted file mode 100644 index 4b4879de8b1f..000000000000 --- a/vendor/github.com/go-openapi/validate/schema_option.go +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package validate - -// SchemaValidatorOptions defines optional rules for schema validation -type SchemaValidatorOptions struct { - EnableObjectArrayTypeCheck bool - EnableArrayMustHaveItemsCheck bool -} - -// Option sets optional rules for schema validation -type Option func(*SchemaValidatorOptions) - -// EnableObjectArrayTypeCheck activates the swagger rule: an items must be in type: array -func EnableObjectArrayTypeCheck(enable bool) Option { - return func(svo *SchemaValidatorOptions) { - svo.EnableObjectArrayTypeCheck = enable - } -} - -// EnableArrayMustHaveItemsCheck activates the swagger rule: an array must have items defined -func EnableArrayMustHaveItemsCheck(enable bool) Option { - return func(svo *SchemaValidatorOptions) { - svo.EnableArrayMustHaveItemsCheck = enable - } -} - -// SwaggerSchema activates swagger schema validation rules -func SwaggerSchema(enable bool) Option { - return func(svo *SchemaValidatorOptions) { - svo.EnableObjectArrayTypeCheck = enable - svo.EnableArrayMustHaveItemsCheck = enable - } -} - -// Options returns current options -func (svo SchemaValidatorOptions) Options() []Option { - return []Option{ - EnableObjectArrayTypeCheck(svo.EnableObjectArrayTypeCheck), - EnableArrayMustHaveItemsCheck(svo.EnableArrayMustHaveItemsCheck), - } -} diff --git a/vendor/github.com/go-openapi/validate/spec.go b/vendor/github.com/go-openapi/validate/spec.go deleted file mode 100644 index ce8ba17ca0e4..000000000000 --- a/vendor/github.com/go-openapi/validate/spec.go +++ /dev/null @@ -1,787 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package validate - -import ( - "encoding/json" - "fmt" - "sort" - "strings" - - "github.com/go-openapi/analysis" - "github.com/go-openapi/errors" - "github.com/go-openapi/jsonpointer" - "github.com/go-openapi/loads" - "github.com/go-openapi/spec" - "github.com/go-openapi/strfmt" -) - -// Spec validates an OpenAPI 2.0 specification document. -// -// Returns an error flattening in a single standard error, all validation messages. -// -// - TODO: $ref should not have siblings -// - TODO: make sure documentation reflects all checks and warnings -// - TODO: check on discriminators -// - TODO: explicit message on unsupported keywords (better than "forbidden property"...) -// - TODO: full list of unresolved refs -// - TODO: validate numeric constraints (issue#581): this should be handled like defaults and examples -// - TODO: option to determine if we validate for go-swagger or in a more general context -// - TODO: check on required properties to support anyOf, allOf, oneOf -// -// NOTE: SecurityScopes are maps: no need to check uniqueness -// -func Spec(doc *loads.Document, formats strfmt.Registry) error { - errs, _ /*warns*/ := NewSpecValidator(doc.Schema(), formats).Validate(doc) - if errs.HasErrors() { - return errors.CompositeValidationError(errs.Errors...) - } - return nil -} - -// SpecValidator validates a swagger 2.0 spec -type SpecValidator struct { - schema *spec.Schema // swagger 2.0 schema - spec *loads.Document - analyzer *analysis.Spec - expanded *loads.Document - KnownFormats strfmt.Registry - Options Opts // validation options -} - -// NewSpecValidator creates a new swagger spec validator instance -func NewSpecValidator(schema *spec.Schema, formats strfmt.Registry) *SpecValidator { - return &SpecValidator{ - schema: schema, - KnownFormats: formats, - Options: defaultOpts, - } -} - -// Validate validates the swagger spec -func (s *SpecValidator) Validate(data interface{}) (*Result, *Result) { - var sd *loads.Document - errs, warnings := new(Result), new(Result) - - if v, ok := data.(*loads.Document); ok { - sd = v - } - if sd == nil { - errs.AddErrors(invalidDocumentMsg()) - return errs, warnings // no point in continuing - } - s.spec = sd - s.analyzer = analysis.New(sd.Spec()) - - // Swagger schema validator - schv := NewSchemaValidator(s.schema, nil, "", s.KnownFormats, SwaggerSchema(true)) - var obj interface{} - - // Raw spec unmarshalling errors - if err := json.Unmarshal(sd.Raw(), &obj); err != nil { - // NOTE: under normal conditions, the *load.Document has been already unmarshalled - // So this one is just a paranoid check on the behavior of the spec package - panic(InvalidDocumentError) - } - - defer func() { - // errs holds all errors and warnings, - // warnings only warnings - errs.MergeAsWarnings(warnings) - warnings.AddErrors(errs.Warnings...) - }() - - errs.Merge(schv.Validate(obj)) // error - - // There may be a point in continuing to try and determine more accurate errors - if !s.Options.ContinueOnErrors && errs.HasErrors() { - return errs, warnings // no point in continuing - } - - errs.Merge(s.validateReferencesValid()) // error - - // There may be a point in continuing to try and determine more accurate errors - if !s.Options.ContinueOnErrors && errs.HasErrors() { - return errs, warnings // no point in continuing - } - - errs.Merge(s.validateDuplicateOperationIDs()) - errs.Merge(s.validateDuplicatePropertyNames()) // error - - errs.Merge(s.validateParameters()) // error - - errs.Merge(s.validateItems()) // error - - - // Properties in required definition MUST validate their schema - // Properties SHOULD NOT be declared as both required and readOnly (warning) - errs.Merge(s.validateRequiredDefinitions()) // error and warning - - // There may be a point in continuing to try and determine more accurate errors - if !s.Options.ContinueOnErrors && errs.HasErrors() { - return errs, warnings // no point in continuing - } - - // Values provided as default MUST validate their schema - df := &defaultValidator{SpecValidator: s} - errs.Merge(df.Validate()) - - // Values provided as examples MUST validate their schema - // Value provided as examples in a response without schema generate a warning - // Known limitations: examples in responses for mime type not application/json are ignored (warning) - ex := &exampleValidator{SpecValidator: s} - errs.Merge(ex.Validate()) - - errs.Merge(s.validateNonEmptyPathParamNames()) - - //errs.Merge(s.validateRefNoSibling()) // warning only - errs.Merge(s.validateReferenced()) // warning only - - return errs, warnings -} - -func (s *SpecValidator) validateNonEmptyPathParamNames() *Result { - res := new(Result) - if s.spec.Spec().Paths == nil { - // There is no Paths object: error - res.AddErrors(noValidPathMsg()) - } else { - if s.spec.Spec().Paths.Paths == nil { - // Paths may be empty: warning - res.AddWarnings(noValidPathMsg()) - } else { - for k := range s.spec.Spec().Paths.Paths { - if strings.Contains(k, "{}") { - res.AddErrors(emptyPathParameterMsg(k)) - } - } - } - } - return res -} - -func (s *SpecValidator) validateDuplicateOperationIDs() *Result { - // OperationID, if specified, must be unique across the board - res := new(Result) - known := make(map[string]int) - for _, v := range s.analyzer.OperationIDs() { - if v != "" { - known[v]++ - } - } - for k, v := range known { - if v > 1 { - res.AddErrors(nonUniqueOperationIDMsg(k, v)) - } - } - return res -} - -type dupProp struct { - Name string - Definition string -} - -func (s *SpecValidator) validateDuplicatePropertyNames() *Result { - // definition can't declare a property that's already defined by one of its ancestors - res := new(Result) - for k, sch := range s.spec.Spec().Definitions { - if len(sch.AllOf) == 0 { - continue - } - - knownanc := map[string]struct{}{ - "#/definitions/" + k: {}, - } - - ancs, rec := s.validateCircularAncestry(k, sch, knownanc) - if rec != nil && (rec.HasErrors() || !rec.HasWarnings()) { - res.Merge(rec) - } - if len(ancs) > 0 { - res.AddErrors(circularAncestryDefinitionMsg(k, ancs)) - return res - } - - knowns := make(map[string]struct{}) - dups, rep := s.validateSchemaPropertyNames(k, sch, knowns) - if rep != nil && (rep.HasErrors() || rep.HasWarnings()) { - res.Merge(rep) - } - if len(dups) > 0 { - var pns []string - for _, v := range dups { - pns = append(pns, v.Definition+"."+v.Name) - } - res.AddErrors(duplicatePropertiesMsg(k, pns)) - } - - } - return res -} - -func (s *SpecValidator) resolveRef(ref *spec.Ref) (*spec.Schema, error) { - if s.spec.SpecFilePath() != "" { - return spec.ResolveRefWithBase(s.spec.Spec(), ref, &spec.ExpandOptions{RelativeBase: s.spec.SpecFilePath()}) - } - // NOTE: it looks like with the new spec resolver, this code is now unrecheable - return spec.ResolveRef(s.spec.Spec(), ref) -} - -func (s *SpecValidator) validateSchemaPropertyNames(nm string, sch spec.Schema, knowns map[string]struct{}) ([]dupProp, *Result) { - var dups []dupProp - - schn := nm - schc := &sch - res := new(Result) - - for schc.Ref.String() != "" { - // gather property names - reso, err := s.resolveRef(&schc.Ref) - if err != nil { - errorHelp.addPointerError(res, err, schc.Ref.String(), nm) - return dups, res - } - schc = reso - schn = sch.Ref.String() - } - - if len(schc.AllOf) > 0 { - for _, chld := range schc.AllOf { - dup, rep := s.validateSchemaPropertyNames(schn, chld, knowns) - if rep != nil && (rep.HasErrors() || rep.HasWarnings()) { - res.Merge(rep) - } - dups = append(dups, dup...) - } - return dups, res - } - - for k := range schc.Properties { - _, ok := knowns[k] - if ok { - dups = append(dups, dupProp{Name: k, Definition: schn}) - } else { - knowns[k] = struct{}{} - } - } - - return dups, res -} - -func (s *SpecValidator) validateCircularAncestry(nm string, sch spec.Schema, knowns map[string]struct{}) ([]string, *Result) { - res := new(Result) - - if sch.Ref.String() == "" && len(sch.AllOf) == 0 { // Safeguard. We should not be able to actually get there - return nil, res - } - var ancs []string - - schn := nm - schc := &sch - - for schc.Ref.String() != "" { - reso, err := s.resolveRef(&schc.Ref) - if err != nil { - errorHelp.addPointerError(res, err, schc.Ref.String(), nm) - return ancs, res - } - schc = reso - schn = sch.Ref.String() - } - - if schn != nm && schn != "" { - if _, ok := knowns[schn]; ok { - ancs = append(ancs, schn) - } - knowns[schn] = struct{}{} - - if len(ancs) > 0 { - return ancs, res - } - } - - if len(schc.AllOf) > 0 { - for _, chld := range schc.AllOf { - if chld.Ref.String() != "" || len(chld.AllOf) > 0 { - anc, rec := s.validateCircularAncestry(schn, chld, knowns) - if rec != nil && (rec.HasErrors() || !rec.HasWarnings()) { - res.Merge(rec) - } - ancs = append(ancs, anc...) - if len(ancs) > 0 { - return ancs, res - } - } - } - } - return ancs, res -} - -func (s *SpecValidator) validateItems() *Result { - // validate parameter, items, schema and response objects for presence of item if type is array - res := new(Result) - - for method, pi := range s.analyzer.Operations() { - for path, op := range pi { - for _, param := range paramHelp.safeExpandedParamsFor(path, method, op.ID, res, s) { - - if param.TypeName() == arrayType && param.ItemsTypeName() == "" { - res.AddErrors(arrayInParamRequiresItemsMsg(param.Name, op.ID)) - continue - } - if param.In != swaggerBody { - if param.Items != nil { - items := param.Items - for items.TypeName() == arrayType { - if items.ItemsTypeName() == "" { - res.AddErrors(arrayInParamRequiresItemsMsg(param.Name, op.ID)) - break - } - items = items.Items - } - } - } else { - // In: body - if param.Schema != nil { - res.Merge(s.validateSchemaItems(*param.Schema, fmt.Sprintf("body param %q", param.Name), op.ID)) - } - } - } - - var responses []spec.Response - if op.Responses != nil { - if op.Responses.Default != nil { - responses = append(responses, *op.Responses.Default) - } - if op.Responses.StatusCodeResponses != nil { - for _, v := range op.Responses.StatusCodeResponses { - responses = append(responses, v) - } - } - } - - for _, resp := range responses { - // Response headers with array - for hn, hv := range resp.Headers { - if hv.TypeName() == arrayType && hv.ItemsTypeName() == "" { - res.AddErrors(arrayInHeaderRequiresItemsMsg(hn, op.ID)) - } - } - if resp.Schema != nil { - res.Merge(s.validateSchemaItems(*resp.Schema, "response body", op.ID)) - } - } - } - } - return res -} - -// Verifies constraints on array type -func (s *SpecValidator) validateSchemaItems(schema spec.Schema, prefix, opID string) *Result { - res := new(Result) - if !schema.Type.Contains(arrayType) { - return res - } - - if schema.Items == nil || schema.Items.Len() == 0 { - res.AddErrors(arrayRequiresItemsMsg(prefix, opID)) - return res - } - - if schema.Items.Schema != nil { - schema = *schema.Items.Schema - if _, err := compileRegexp(schema.Pattern); err != nil { - res.AddErrors(invalidItemsPatternMsg(prefix, opID, schema.Pattern)) - } - - res.Merge(s.validateSchemaItems(schema, prefix, opID)) - } - return res -} - -func (s *SpecValidator) validatePathParamPresence(path string, fromPath, fromOperation []string) *Result { - // Each defined operation path parameters must correspond to a named element in the API's path pattern. - // (For example, you cannot have a path parameter named id for the following path /pets/{petId} but you must have a path parameter named petId.) - res := new(Result) - for _, l := range fromPath { - var matched bool - for _, r := range fromOperation { - if l == "{"+r+"}" { - matched = true - break - } - } - if !matched { - res.AddErrors(noParameterInPathMsg(l)) - } - } - - for _, p := range fromOperation { - var matched bool - for _, r := range fromPath { - if "{"+p+"}" == r { - matched = true - break - } - } - if !matched { - res.AddErrors(pathParamNotInPathMsg(path, p)) - } - } - - return res -} - -func (s *SpecValidator) validateReferenced() *Result { - var res Result - res.MergeAsWarnings(s.validateReferencedParameters()) - res.MergeAsWarnings(s.validateReferencedResponses()) - res.MergeAsWarnings(s.validateReferencedDefinitions()) - return &res -} - -// nolint: dupl -func (s *SpecValidator) validateReferencedParameters() *Result { - // Each referenceable definition should have references. - params := s.spec.Spec().Parameters - if len(params) == 0 { - return nil - } - - expected := make(map[string]struct{}) - for k := range params { - expected["#/parameters/"+jsonpointer.Escape(k)] = struct{}{} - } - for _, k := range s.analyzer.AllParameterReferences() { - delete(expected, k) - } - - if len(expected) == 0 { - return nil - } - result := new(Result) - for k := range expected { - result.AddWarnings(unusedParamMsg(k)) - } - return result -} - -// nolint: dupl -func (s *SpecValidator) validateReferencedResponses() *Result { - // Each referenceable definition should have references. - responses := s.spec.Spec().Responses - if len(responses) == 0 { - return nil - } - - expected := make(map[string]struct{}) - for k := range responses { - expected["#/responses/"+jsonpointer.Escape(k)] = struct{}{} - } - for _, k := range s.analyzer.AllResponseReferences() { - delete(expected, k) - } - - if len(expected) == 0 { - return nil - } - result := new(Result) - for k := range expected { - result.AddWarnings(unusedResponseMsg(k)) - } - return result -} - -// nolint: dupl -func (s *SpecValidator) validateReferencedDefinitions() *Result { - // Each referenceable definition must have references. - defs := s.spec.Spec().Definitions - if len(defs) == 0 { - return nil - } - - expected := make(map[string]struct{}) - for k := range defs { - expected["#/definitions/"+jsonpointer.Escape(k)] = struct{}{} - } - for _, k := range s.analyzer.AllDefinitionReferences() { - delete(expected, k) - } - - if len(expected) == 0 { - return nil - } - - result := new(Result) - for k := range expected { - result.AddWarnings(unusedDefinitionMsg(k)) - } - return result -} - -func (s *SpecValidator) validateRequiredDefinitions() *Result { - // Each property listed in the required array must be defined in the properties of the model - res := new(Result) - -DEFINITIONS: - for d, schema := range s.spec.Spec().Definitions { - if schema.Required != nil { // Safeguard - for _, pn := range schema.Required { - red := s.validateRequiredProperties(pn, d, &schema) - res.Merge(red) - if !red.IsValid() && !s.Options.ContinueOnErrors { - break DEFINITIONS // there is an error, let's stop that bleeding - } - } - } - } - return res -} - -func (s *SpecValidator) validateRequiredProperties(path, in string, v *spec.Schema) *Result { - // Takes care of recursive property definitions, which may be nested in additionalProperties schemas - res := new(Result) - propertyMatch := false - patternMatch := false - additionalPropertiesMatch := false - isReadOnly := false - - // Regular properties - if _, ok := v.Properties[path]; ok { - propertyMatch = true - isReadOnly = v.Properties[path].ReadOnly - } - - // NOTE: patternProperties are not supported in swagger. Even though, we continue validation here - // We check all defined patterns: if one regexp is invalid, croaks an error - for pp, pv := range v.PatternProperties { - re, err := compileRegexp(pp) - if err != nil { - res.AddErrors(invalidPatternMsg(pp, in)) - } else if re.MatchString(path) { - patternMatch = true - if !propertyMatch { - isReadOnly = pv.ReadOnly - } - } - } - - if !(propertyMatch || patternMatch) { - if v.AdditionalProperties != nil { - if v.AdditionalProperties.Allows && v.AdditionalProperties.Schema == nil { - additionalPropertiesMatch = true - } else if v.AdditionalProperties.Schema != nil { - // additionalProperties as schema are upported in swagger - // recursively validates additionalProperties schema - // TODO : anyOf, allOf, oneOf like in schemaPropsValidator - red := s.validateRequiredProperties(path, in, v.AdditionalProperties.Schema) - if red.IsValid() { - additionalPropertiesMatch = true - if !propertyMatch && !patternMatch { - isReadOnly = v.AdditionalProperties.Schema.ReadOnly - } - } - res.Merge(red) - } - } - } - - if !(propertyMatch || patternMatch || additionalPropertiesMatch) { - res.AddErrors(requiredButNotDefinedMsg(path, in)) - } - - if isReadOnly { - res.AddWarnings(readOnlyAndRequiredMsg(in, path)) - } - return res -} - -func (s *SpecValidator) validateParameters() *Result { - // - for each method, path is unique, regardless of path parameters - // e.g. GET:/petstore/{id}, GET:/petstore/{pet}, GET:/petstore are - // considered duplicate paths - // - each parameter should have a unique `name` and `type` combination - // - each operation should have only 1 parameter of type body - // - there must be at most 1 parameter in body - // - parameters with pattern property must specify valid patterns - // - $ref in parameters must resolve - // - path param must be required - res := new(Result) - rexGarbledPathSegment := mustCompileRegexp(`.*[{}\s]+.*`) - for method, pi := range s.analyzer.Operations() { - methodPaths := make(map[string]map[string]string) - for path, op := range pi { - pathToAdd := pathHelp.stripParametersInPath(path) - - // Warn on garbled path afer param stripping - if rexGarbledPathSegment.MatchString(pathToAdd) { - res.AddWarnings(pathStrippedParamGarbledMsg(pathToAdd)) - } - - // Check uniqueness of stripped paths - if _, found := methodPaths[method][pathToAdd]; found { - - // Sort names for stable, testable output - if strings.Compare(path, methodPaths[method][pathToAdd]) < 0 { - res.AddErrors(pathOverlapMsg(path, methodPaths[method][pathToAdd])) - } else { - res.AddErrors(pathOverlapMsg(methodPaths[method][pathToAdd], path)) - } - } else { - if _, found := methodPaths[method]; !found { - methodPaths[method] = map[string]string{} - } - methodPaths[method][pathToAdd] = path //Original non stripped path - - } - - var bodyParams []string - var paramNames []string - var hasForm, hasBody bool - - // Check parameters names uniqueness for operation - // TODO: should be done after param expansion - res.Merge(s.checkUniqueParams(path, method, op)) - - for _, pr := range paramHelp.safeExpandedParamsFor(path, method, op.ID, res, s) { - // Validate pattern regexp for parameters with a Pattern property - if _, err := compileRegexp(pr.Pattern); err != nil { - res.AddErrors(invalidPatternInParamMsg(op.ID, pr.Name, pr.Pattern)) - } - - // There must be at most one parameter in body: list them all - if pr.In == swaggerBody { - bodyParams = append(bodyParams, fmt.Sprintf("%q", pr.Name)) - hasBody = true - } - - if pr.In == "path" { - paramNames = append(paramNames, pr.Name) - // Path declared in path must have the required: true property - if !pr.Required { - res.AddErrors(pathParamRequiredMsg(op.ID, pr.Name)) - } - } - - if pr.In == "formData" { - hasForm = true - } - - if !(pr.Type == numberType || pr.Type == integerType) && - (pr.Maximum != nil || pr.Minimum != nil || pr.MultipleOf != nil) { - // A non-numeric parameter has validation keywords for numeric instances (number and integer) - res.AddWarnings(parameterValidationTypeMismatchMsg(pr.Name, path, pr.Type)) - } - - if !(pr.Type == stringType) && - // A non-string parameter has validation keywords for strings - (pr.MaxLength != nil || pr.MinLength != nil || pr.Pattern != "") { - res.AddWarnings(parameterValidationTypeMismatchMsg(pr.Name, path, pr.Type)) - } - - if !(pr.Type == arrayType) && - // A non-array parameter has validation keywords for arrays - (pr.MaxItems != nil || pr.MinItems != nil || pr.UniqueItems) { - res.AddWarnings(parameterValidationTypeMismatchMsg(pr.Name, path, pr.Type)) - } - } - - // In:formData and In:body are mutually exclusive - if hasBody && hasForm { - res.AddErrors(bothFormDataAndBodyMsg(op.ID)) - } - // There must be at most one body param - // Accurately report situations when more than 1 body param is declared (possibly unnamed) - if len(bodyParams) > 1 { - sort.Strings(bodyParams) - res.AddErrors(multipleBodyParamMsg(op.ID, bodyParams)) - } - - // Check uniqueness of parameters in path - paramsInPath := pathHelp.extractPathParams(path) - for i, p := range paramsInPath { - for j, q := range paramsInPath { - if p == q && i > j { - res.AddErrors(pathParamNotUniqueMsg(path, p, q)) - break - } - } - } - - // Warns about possible malformed params in path - rexGarbledParam := mustCompileRegexp(`{.*[{}\s]+.*}`) - for _, p := range paramsInPath { - if rexGarbledParam.MatchString(p) { - res.AddWarnings(pathParamGarbledMsg(path, p)) - } - } - - // Match params from path vs params from params section - res.Merge(s.validatePathParamPresence(path, paramsInPath, paramNames)) - } - } - return res -} - -func (s *SpecValidator) validateReferencesValid() *Result { - // each reference must point to a valid object - res := new(Result) - for _, r := range s.analyzer.AllRefs() { - if !r.IsValidURI(s.spec.SpecFilePath()) { // Safeguard - spec should always yield a valid URI - res.AddErrors(invalidRefMsg(r.String())) - } - } - if !res.HasErrors() { - // NOTE: with default settings, loads.Document.Expanded() - // stops on first error. Anyhow, the expand option to continue - // on errors fails to report errors at all. - exp, err := s.spec.Expanded() - if err != nil { - res.AddErrors(unresolvedReferencesMsg(err)) - } - s.expanded = exp - } - return res -} - -func (s *SpecValidator) checkUniqueParams(path, method string, op *spec.Operation) *Result { - // Check for duplicate parameters declaration in param section. - // Each parameter should have a unique `name` and `type` combination - // NOTE: this could be factorized in analysis (when constructing the params map) - // However, there are some issues with such a factorization: - // - analysis does not seem to fully expand params - // - param keys may be altered by x-go-name - res := new(Result) - pnames := make(map[string]struct{}) - - if op.Parameters != nil { // Safeguard - for _, ppr := range op.Parameters { - var ok bool - pr, red := paramHelp.resolveParam(path, method, op.ID, &ppr, s) - res.Merge(red) - - if pr != nil && pr.Name != "" { // params with empty name does no participate the check - key := fmt.Sprintf("%s#%s", pr.In, pr.Name) - - if _, ok = pnames[key]; ok { - res.AddErrors(duplicateParamNameMsg(pr.In, pr.Name, op.ID)) - } - pnames[key] = struct{}{} - } - } - } - return res -} - -// SetContinueOnErrors sets the ContinueOnErrors option for this validator. -func (s *SpecValidator) SetContinueOnErrors(c bool) { - s.Options.ContinueOnErrors = c -} diff --git a/vendor/github.com/go-openapi/validate/spec_messages.go b/vendor/github.com/go-openapi/validate/spec_messages.go deleted file mode 100644 index 1a5892aee4dc..000000000000 --- a/vendor/github.com/go-openapi/validate/spec_messages.go +++ /dev/null @@ -1,360 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package validate - -import ( - "net/http" - - "github.com/go-openapi/errors" -) - -// Error messages related to spec validation and returned as results. -const ( - // ArrayRequiresItemsError ... - ArrayRequiresItemsError = "%s for %q is a collection without an element type (array requires items definition)" - - // ArrayInParamRequiresItemsError ... - ArrayInParamRequiresItemsError = "param %q for %q is a collection without an element type (array requires item definition)" - - // ArrayInHeaderRequiresItemsError ... - ArrayInHeaderRequiresItemsError = "header %q for %q is a collection without an element type (array requires items definition)" - - // BothFormDataAndBodyError indicates that an operation specifies both a body and a formData parameter, which is forbidden - BothFormDataAndBodyError = "operation %q has both formData and body parameters. Only one such In: type may be used for a given operation" - - // CannotResolveRefError when a $ref could not be resolved - CannotResolveReferenceError = "could not resolve reference in %s to $ref %s: %v" - - // CircularAncestryDefinitionError ... - CircularAncestryDefinitionError = "definition %q has circular ancestry: %v" - - // DefaultValueDoesNotValidateError results from an invalid default value provided - DefaultValueDoesNotValidateError = "default value for %s in %s does not validate its schema" - - // DefaultValueItemsDoesNotValidateError results from an invalid default value provided for Items - DefaultValueItemsDoesNotValidateError = "default value for %s.items in %s does not validate its schema" - - // DefaultValueHeaderDoesNotValidateError results from an invalid default value provided in header - DefaultValueHeaderDoesNotValidateError = "in operation %q, default value in header %s for %s does not validate its schema" - - // DefaultValueHeaderItemsDoesNotValidateError results from an invalid default value provided in header.items - DefaultValueHeaderItemsDoesNotValidateError = "in operation %q, default value in header.items %s for %s does not validate its schema" - - // DefaultValueInDoesNotValidateError ... - DefaultValueInDoesNotValidateError = "in operation %q, default value in %s does not validate its schema" - - // DuplicateParamNameError ... - DuplicateParamNameError = "duplicate parameter name %q for %q in operation %q" - - // DuplicatePropertiesError ... - DuplicatePropertiesError = "definition %q contains duplicate properties: %v" - - // ExampleValueDoesNotValidateError results from an invalid example value provided - ExampleValueDoesNotValidateError = "example value for %s in %s does not validate its schema" - - // ExampleValueItemsDoesNotValidateError results from an invalid example value provided for Items - ExampleValueItemsDoesNotValidateError = "example value for %s.items in %s does not validate its schema" - - // ExampleValueHeaderDoesNotValidateError results from an invalid example value provided in header - ExampleValueHeaderDoesNotValidateError = "in operation %q, example value in header %s for %s does not validate its schema" - - // ExampleValueHeaderItemsDoesNotValidateError results from an invalid example value provided in header.items - ExampleValueHeaderItemsDoesNotValidateError = "in operation %q, example value in header.items %s for %s does not validate its schema" - - // ExampleValueInDoesNotValidateError ... - ExampleValueInDoesNotValidateError = "in operation %q, example value in %s does not validate its schema" - - // EmptyPathParameterError means that a path parameter was found empty (e.g. "{}") - EmptyPathParameterError = "%q contains an empty path parameter" - - // InvalidDocumentError states that spec validation only processes spec.Document objects - InvalidDocumentError = "spec validator can only validate spec.Document objects" - - // InvalidItemsPatternError indicates an Items definition with invalid pattern - InvalidItemsPatternError = "%s for %q has invalid items pattern: %q" - - // InvalidParameterDefinitionError indicates an error detected on a parameter definition - InvalidParameterDefinitionError = "invalid definition for parameter %s in %s in operation %q" - - // InvalidParameterDefinitionAsSchemaError indicates an error detected on a parameter definition, which was mistaken with a schema definition. - // Most likely, this situation is encountered whenever a $ref has been added as a sibling of the parameter definition. - InvalidParameterDefinitionAsSchemaError = "invalid definition as Schema for parameter %s in %s in operation %q" - - // InvalidPatternError ... - InvalidPatternError = "pattern %q is invalid in %s" - - // InvalidPatternInError indicates an invalid pattern in a schema or items definition - InvalidPatternInError = "%s in %s has invalid pattern: %q" - - // InvalidPatternInHeaderError indicates a header definition with an invalid pattern - InvalidPatternInHeaderError = "in operation %q, header %s for %s has invalid pattern %q: %v" - - // InvalidPatternInParamError ... - InvalidPatternInParamError = "operation %q has invalid pattern in param %q: %q" - - // InvalidReferenceError indicates that a $ref property could not be resolved - InvalidReferenceError = "invalid ref %q" - - // InvalidResponseDefinitionAsSchemaError indicates an error detected on a response definition, which was mistaken with a schema definition. - // Most likely, this situation is encountered whenever a $ref has been added as a sibling of the response definition. - InvalidResponseDefinitionAsSchemaError = "invalid definition as Schema for response %s in %s" - - // MultipleBodyParamError indicates that an operation specifies multiple parameter with in: body - MultipleBodyParamError = "operation %q has more than 1 body param: %v" - - // NonUniqueOperationIDError indicates that the same operationId has been specified several times - NonUniqueOperationIDError = "%q is defined %d times" - - // NoParameterInPathError indicates that a path was found without any parameter - NoParameterInPathError = "path param %q has no parameter definition" - - // NoValidPathErrorOrWarning indicates that no single path could be validated. If Paths is empty, this message is only a warning. - NoValidPathErrorOrWarning = "spec has no valid path defined" - - // NoValidResponseError indicates that no valid response description could be found for an operation - NoValidResponseError = "operation %q has no valid response" - - // PathOverlapError ... - PathOverlapError = "path %s overlaps with %s" - - // PathParamNotInPathError indicates that a parameter specified with in: path was not found in the path specification - PathParamNotInPathError = "path param %q is not present in path %q" - - // PathParamNotUniqueError ... - PathParamNotUniqueError = "params in path %q must be unique: %q conflicts with %q" - - // PathParamNotRequiredError ... - PathParamRequiredError = "in operation %q,path param %q must be declared as required" - - // RefNotAllowedInHeaderError indicates a $ref was found in a header definition, which is not allowed by Swagger - RefNotAllowedInHeaderError = "IMPORTANT!in %q: $ref are not allowed in headers. In context for header %q%s" - - // RequiredButNotDefinedError ... - RequiredButNotDefinedError = "%q is present in required but not defined as property in definition %q" - - // SomeParametersBrokenError indicates that some parameters could not be resolved, which might result in partial checks to be carried on - SomeParametersBrokenError = "some parameters definitions are broken in %q.%s. Cannot carry on full checks on parameters for operation %s" - - // UnresolvedReferencesError indicates that at least one $ref could not be resolved - UnresolvedReferencesError = "some references could not be resolved in spec. First found: %v" -) - -// Warning messages related to spec validation and returned as results -const ( - // ExamplesWithoutSchemaWarning indicates that examples are provided for a response,but not schema to validate the example against - ExamplesWithoutSchemaWarning = "Examples provided without schema in operation %q, %s" - - // ExamplesMimeNotSupportedWarning indicates that examples are provided with a mime type different than application/json, which - // the validator dos not support yetl - ExamplesMimeNotSupportedWarning = "No validation attempt for examples for media types other than application/json, in operation %q, %s" - - // PathParamGarbledWarning ... - PathParamGarbledWarning = "in path %q, param %q contains {,} or white space. Albeit not stricly illegal, this is probably no what you want" - - // ParamValidationTypeMismatch indicates that parameter has validation which does not match its type - ParamValidationTypeMismatch = "validation keywords of parameter %q in path %q don't match its type %s" - - // PathStrippedParamGarbledWarning ... - PathStrippedParamGarbledWarning = "path stripped from path parameters %s contains {,} or white space. This is probably no what you want." - - // ReadOnlyAndRequiredWarning ... - ReadOnlyAndRequiredWarning = "Required property %s in %q should not be marked as both required and readOnly" - - // RefShouldNotHaveSiblingsWarning indicates that a $ref was found with a sibling definition. This results in the $ref taking over its siblings, - // which is most likely not wanted. - RefShouldNotHaveSiblingsWarning = "$ref property should have no sibling in %q.%s" - - // RequiredHasDefaultWarning indicates that a required parameter property should not have a default - RequiredHasDefaultWarning = "%s in %s has a default value and is required as parameter" - - // UnusedDefinitionWarning ... - UnusedDefinitionWarning = "definition %q is not used anywhere" - - // UnusedParamWarning ... - UnusedParamWarning = "parameter %q is not used anywhere" - - // UnusedResponseWarning ... - UnusedResponseWarning = "response %q is not used anywhere" -) - -// Additional error codes -const ( - // InternalErrorCode reports an internal technical error - InternalErrorCode = http.StatusInternalServerError - // NotFoundErrorCode indicates that a resource (e.g. a $ref) could not be found - NotFoundErrorCode = http.StatusNotFound -) - -func invalidDocumentMsg() errors.Error { - return errors.New(InternalErrorCode, InvalidDocumentError) -} -func invalidRefMsg(path string) errors.Error { - return errors.New(NotFoundErrorCode, InvalidReferenceError, path) -} -func unresolvedReferencesMsg(err error) errors.Error { - return errors.New(errors.CompositeErrorCode, UnresolvedReferencesError, err) -} -func noValidPathMsg() errors.Error { - return errors.New(errors.CompositeErrorCode, NoValidPathErrorOrWarning) -} -func emptyPathParameterMsg(path string) errors.Error { - return errors.New(errors.CompositeErrorCode, EmptyPathParameterError, path) -} -func nonUniqueOperationIDMsg(path string, i int) errors.Error { - return errors.New(errors.CompositeErrorCode, NonUniqueOperationIDError, path, i) -} -func circularAncestryDefinitionMsg(path string, args interface{}) errors.Error { - return errors.New(errors.CompositeErrorCode, CircularAncestryDefinitionError, path, args) -} -func duplicatePropertiesMsg(path string, args interface{}) errors.Error { - return errors.New(errors.CompositeErrorCode, DuplicatePropertiesError, path, args) -} -func pathParamNotInPathMsg(path, param string) errors.Error { - return errors.New(errors.CompositeErrorCode, PathParamNotInPathError, param, path) -} -func arrayRequiresItemsMsg(path, operation string) errors.Error { - return errors.New(errors.CompositeErrorCode, ArrayRequiresItemsError, path, operation) -} -func arrayInParamRequiresItemsMsg(path, operation string) errors.Error { - return errors.New(errors.CompositeErrorCode, ArrayInParamRequiresItemsError, path, operation) -} -func arrayInHeaderRequiresItemsMsg(path, operation string) errors.Error { - return errors.New(errors.CompositeErrorCode, ArrayInHeaderRequiresItemsError, path, operation) -} -func invalidItemsPatternMsg(path, operation, pattern string) errors.Error { - return errors.New(errors.CompositeErrorCode, InvalidItemsPatternError, path, operation, pattern) -} -func invalidPatternMsg(pattern, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, InvalidPatternError, pattern, path) -} -func requiredButNotDefinedMsg(path, definition string) errors.Error { - return errors.New(errors.CompositeErrorCode, RequiredButNotDefinedError, path, definition) -} -func pathParamGarbledMsg(path, param string) errors.Error { - return errors.New(errors.CompositeErrorCode, PathParamGarbledWarning, path, param) -} -func pathStrippedParamGarbledMsg(path string) errors.Error { - return errors.New(errors.CompositeErrorCode, PathStrippedParamGarbledWarning, path) -} -func pathOverlapMsg(path, arg string) errors.Error { - return errors.New(errors.CompositeErrorCode, PathOverlapError, path, arg) -} -func invalidPatternInParamMsg(operation, param, pattern string) errors.Error { - return errors.New(errors.CompositeErrorCode, InvalidPatternInParamError, operation, param, pattern) -} -func pathParamRequiredMsg(operation, param string) errors.Error { - return errors.New(errors.CompositeErrorCode, PathParamRequiredError, operation, param) -} -func bothFormDataAndBodyMsg(operation string) errors.Error { - return errors.New(errors.CompositeErrorCode, BothFormDataAndBodyError, operation) -} -func multipleBodyParamMsg(operation string, args interface{}) errors.Error { - return errors.New(errors.CompositeErrorCode, MultipleBodyParamError, operation, args) -} -func pathParamNotUniqueMsg(path, param, arg string) errors.Error { - return errors.New(errors.CompositeErrorCode, PathParamNotUniqueError, path, param, arg) -} -func duplicateParamNameMsg(path, param, operation string) errors.Error { - return errors.New(errors.CompositeErrorCode, DuplicateParamNameError, param, path, operation) -} -func unusedParamMsg(arg string) errors.Error { - return errors.New(errors.CompositeErrorCode, UnusedParamWarning, arg) -} -func unusedDefinitionMsg(arg string) errors.Error { - return errors.New(errors.CompositeErrorCode, UnusedDefinitionWarning, arg) -} -func unusedResponseMsg(arg string) errors.Error { - return errors.New(errors.CompositeErrorCode, UnusedResponseWarning, arg) -} -func readOnlyAndRequiredMsg(path, param string) errors.Error { - return errors.New(errors.CompositeErrorCode, ReadOnlyAndRequiredWarning, param, path) -} -func noParameterInPathMsg(param string) errors.Error { - return errors.New(errors.CompositeErrorCode, NoParameterInPathError, param) -} -func requiredHasDefaultMsg(param, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, RequiredHasDefaultWarning, param, path) -} -func defaultValueDoesNotValidateMsg(param, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, DefaultValueDoesNotValidateError, param, path) -} -func defaultValueItemsDoesNotValidateMsg(param, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, DefaultValueItemsDoesNotValidateError, param, path) -} -func noValidResponseMsg(operation string) errors.Error { - return errors.New(errors.CompositeErrorCode, NoValidResponseError, operation) -} -func defaultValueHeaderDoesNotValidateMsg(operation, header, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, DefaultValueHeaderDoesNotValidateError, operation, header, path) -} -func defaultValueHeaderItemsDoesNotValidateMsg(operation, header, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, DefaultValueHeaderItemsDoesNotValidateError, operation, header, path) -} -func invalidPatternInHeaderMsg(operation, header, path, pattern string, args interface{}) errors.Error { - return errors.New(errors.CompositeErrorCode, InvalidPatternInHeaderError, operation, header, path, pattern, args) -} -func invalidPatternInMsg(path, in, pattern string) errors.Error { - return errors.New(errors.CompositeErrorCode, InvalidPatternInError, path, in, pattern) -} -func defaultValueInDoesNotValidateMsg(operation, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, DefaultValueInDoesNotValidateError, operation, path) -} -func exampleValueDoesNotValidateMsg(param, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, ExampleValueDoesNotValidateError, param, path) -} -func exampleValueItemsDoesNotValidateMsg(param, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, ExampleValueItemsDoesNotValidateError, param, path) -} -func exampleValueHeaderDoesNotValidateMsg(operation, header, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, ExampleValueHeaderDoesNotValidateError, operation, header, path) -} -func exampleValueHeaderItemsDoesNotValidateMsg(operation, header, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, ExampleValueHeaderItemsDoesNotValidateError, operation, header, path) -} -func exampleValueInDoesNotValidateMsg(operation, path string) errors.Error { - return errors.New(errors.CompositeErrorCode, ExampleValueInDoesNotValidateError, operation, path) -} -func examplesWithoutSchemaMsg(operation, response string) errors.Error { - return errors.New(errors.CompositeErrorCode, ExamplesWithoutSchemaWarning, operation, response) -} -func examplesMimeNotSupportedMsg(operation, response string) errors.Error { - return errors.New(errors.CompositeErrorCode, ExamplesMimeNotSupportedWarning, operation, response) -} -func refNotAllowedInHeaderMsg(path, header, ref string) errors.Error { - return errors.New(errors.CompositeErrorCode, RefNotAllowedInHeaderError, path, header, ref) -} -func cannotResolveRefMsg(path, ref string, err error) errors.Error { - return errors.New(errors.CompositeErrorCode, CannotResolveReferenceError, path, ref, err) -} -func invalidParameterDefinitionMsg(path, method, operationID string) errors.Error { - return errors.New(errors.CompositeErrorCode, InvalidParameterDefinitionError, path, method, operationID) -} -func invalidParameterDefinitionAsSchemaMsg(path, method, operationID string) errors.Error { - return errors.New(errors.CompositeErrorCode, InvalidParameterDefinitionAsSchemaError, path, method, operationID) -} -func parameterValidationTypeMismatchMsg(param, path, typ string) errors.Error { - return errors.New(errors.CompositeErrorCode, ParamValidationTypeMismatch, param, path, typ) -} - -// disabled -//func invalidResponseDefinitionAsSchemaMsg(path, method string) errors.Error { -// return errors.New(errors.CompositeErrorCode, InvalidResponseDefinitionAsSchemaError, path, method) -//} -func someParametersBrokenMsg(path, method, operationID string) errors.Error { - return errors.New(errors.CompositeErrorCode, SomeParametersBrokenError, path, method, operationID) -} -func refShouldNotHaveSiblingsMsg(path, operationID string) errors.Error { - return errors.New(errors.CompositeErrorCode, RefShouldNotHaveSiblingsWarning, operationID, path) -} diff --git a/vendor/github.com/go-openapi/validate/update-fixtures.sh b/vendor/github.com/go-openapi/validate/update-fixtures.sh deleted file mode 100644 index 21b06e2b09a1..000000000000 --- a/vendor/github.com/go-openapi/validate/update-fixtures.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -set -eu -o pipefail -dir=$(git rev-parse --show-toplevel) -scratch=$(mktemp -d -t tmp.XXXXXXXXXX) - -function finish { - rm -rf "$scratch" -} -trap finish EXIT SIGHUP SIGINT SIGTERM - -cd "$scratch" -git clone https://github.com/json-schema-org/JSON-Schema-Test-Suite Suite -cp -r Suite/tests/draft4/* "$dir/fixtures/jsonschema_suite" -cp -a Suite/remotes "$dir/fixtures/jsonschema_suite" diff --git a/vendor/github.com/go-openapi/validate/validator.go b/vendor/github.com/go-openapi/validate/validator.go deleted file mode 100644 index 2acb839db8ec..000000000000 --- a/vendor/github.com/go-openapi/validate/validator.go +++ /dev/null @@ -1,646 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package validate - -import ( - "fmt" - "reflect" - - "github.com/go-openapi/errors" - "github.com/go-openapi/spec" - "github.com/go-openapi/strfmt" -) - -// An EntityValidator is an interface for things that can validate entities -type EntityValidator interface { - Validate(interface{}) *Result -} - -type valueValidator interface { - SetPath(path string) - Applies(interface{}, reflect.Kind) bool - Validate(interface{}) *Result -} - -type itemsValidator struct { - items *spec.Items - root interface{} - path string - in string - validators []valueValidator - KnownFormats strfmt.Registry -} - -func newItemsValidator(path, in string, items *spec.Items, root interface{}, formats strfmt.Registry) *itemsValidator { - iv := &itemsValidator{path: path, in: in, items: items, root: root, KnownFormats: formats} - iv.validators = []valueValidator{ - &typeValidator{ - Type: spec.StringOrArray([]string{items.Type}), - Nullable: items.Nullable, - Format: items.Format, - In: in, - Path: path, - }, - iv.stringValidator(), - iv.formatValidator(), - iv.numberValidator(), - iv.sliceValidator(), - iv.commonValidator(), - } - return iv -} - -func (i *itemsValidator) Validate(index int, data interface{}) *Result { - tpe := reflect.TypeOf(data) - kind := tpe.Kind() - mainResult := new(Result) - path := fmt.Sprintf("%s.%d", i.path, index) - - for _, validator := range i.validators { - validator.SetPath(path) - if validator.Applies(i.root, kind) { - result := validator.Validate(data) - mainResult.Merge(result) - mainResult.Inc() - if result != nil && result.HasErrors() { - return mainResult - } - } - } - return mainResult -} - -func (i *itemsValidator) commonValidator() valueValidator { - return &basicCommonValidator{ - In: i.in, - Default: i.items.Default, - Enum: i.items.Enum, - } -} - -func (i *itemsValidator) sliceValidator() valueValidator { - return &basicSliceValidator{ - In: i.in, - Default: i.items.Default, - MaxItems: i.items.MaxItems, - MinItems: i.items.MinItems, - UniqueItems: i.items.UniqueItems, - Source: i.root, - Items: i.items.Items, - KnownFormats: i.KnownFormats, - } -} - -func (i *itemsValidator) numberValidator() valueValidator { - return &numberValidator{ - In: i.in, - Default: i.items.Default, - MultipleOf: i.items.MultipleOf, - Maximum: i.items.Maximum, - ExclusiveMaximum: i.items.ExclusiveMaximum, - Minimum: i.items.Minimum, - ExclusiveMinimum: i.items.ExclusiveMinimum, - Type: i.items.Type, - Format: i.items.Format, - } -} - -func (i *itemsValidator) stringValidator() valueValidator { - return &stringValidator{ - In: i.in, - Default: i.items.Default, - MaxLength: i.items.MaxLength, - MinLength: i.items.MinLength, - Pattern: i.items.Pattern, - AllowEmptyValue: false, - } -} - -func (i *itemsValidator) formatValidator() valueValidator { - return &formatValidator{ - In: i.in, - //Default: i.items.Default, - Format: i.items.Format, - KnownFormats: i.KnownFormats, - } -} - -type basicCommonValidator struct { - Path string - In string - Default interface{} - Enum []interface{} -} - -func (b *basicCommonValidator) SetPath(path string) { - b.Path = path -} - -func (b *basicCommonValidator) Applies(source interface{}, kind reflect.Kind) bool { - switch source.(type) { - case *spec.Parameter, *spec.Schema, *spec.Header: - return true - } - return false -} - -func (b *basicCommonValidator) Validate(data interface{}) (res *Result) { - if len(b.Enum) > 0 { - for _, enumValue := range b.Enum { - actualType := reflect.TypeOf(enumValue) - if actualType != nil { // Safeguard - expectedValue := reflect.ValueOf(data) - if expectedValue.IsValid() && expectedValue.Type().ConvertibleTo(actualType) { - if reflect.DeepEqual(expectedValue.Convert(actualType).Interface(), enumValue) { - return nil - } - } - } - } - return errorHelp.sErr(errors.EnumFail(b.Path, b.In, data, b.Enum)) - } - return nil -} - -// A HeaderValidator has very limited subset of validations to apply -type HeaderValidator struct { - name string - header *spec.Header - validators []valueValidator - KnownFormats strfmt.Registry -} - -// NewHeaderValidator creates a new header validator object -func NewHeaderValidator(name string, header *spec.Header, formats strfmt.Registry) *HeaderValidator { - p := &HeaderValidator{name: name, header: header, KnownFormats: formats} - p.validators = []valueValidator{ - &typeValidator{ - Type: spec.StringOrArray([]string{header.Type}), - Nullable: header.Nullable, - Format: header.Format, - In: "header", - Path: name, - }, - p.stringValidator(), - p.formatValidator(), - p.numberValidator(), - p.sliceValidator(), - p.commonValidator(), - } - return p -} - -// Validate the value of the header against its schema -func (p *HeaderValidator) Validate(data interface{}) *Result { - result := new(Result) - tpe := reflect.TypeOf(data) - kind := tpe.Kind() - - for _, validator := range p.validators { - if validator.Applies(p.header, kind) { - if err := validator.Validate(data); err != nil { - result.Merge(err) - if err.HasErrors() { - return result - } - } - } - } - return nil -} - -func (p *HeaderValidator) commonValidator() valueValidator { - return &basicCommonValidator{ - Path: p.name, - In: "response", - Default: p.header.Default, - Enum: p.header.Enum, - } -} - -func (p *HeaderValidator) sliceValidator() valueValidator { - return &basicSliceValidator{ - Path: p.name, - In: "response", - Default: p.header.Default, - MaxItems: p.header.MaxItems, - MinItems: p.header.MinItems, - UniqueItems: p.header.UniqueItems, - Items: p.header.Items, - Source: p.header, - KnownFormats: p.KnownFormats, - } -} - -func (p *HeaderValidator) numberValidator() valueValidator { - return &numberValidator{ - Path: p.name, - In: "response", - Default: p.header.Default, - MultipleOf: p.header.MultipleOf, - Maximum: p.header.Maximum, - ExclusiveMaximum: p.header.ExclusiveMaximum, - Minimum: p.header.Minimum, - ExclusiveMinimum: p.header.ExclusiveMinimum, - Type: p.header.Type, - Format: p.header.Format, - } -} - -func (p *HeaderValidator) stringValidator() valueValidator { - return &stringValidator{ - Path: p.name, - In: "response", - Default: p.header.Default, - Required: true, - MaxLength: p.header.MaxLength, - MinLength: p.header.MinLength, - Pattern: p.header.Pattern, - AllowEmptyValue: false, - } -} - -func (p *HeaderValidator) formatValidator() valueValidator { - return &formatValidator{ - Path: p.name, - In: "response", - //Default: p.header.Default, - Format: p.header.Format, - KnownFormats: p.KnownFormats, - } -} - -// A ParamValidator has very limited subset of validations to apply -type ParamValidator struct { - param *spec.Parameter - validators []valueValidator - KnownFormats strfmt.Registry -} - -// NewParamValidator creates a new param validator object -func NewParamValidator(param *spec.Parameter, formats strfmt.Registry) *ParamValidator { - p := &ParamValidator{param: param, KnownFormats: formats} - p.validators = []valueValidator{ - &typeValidator{ - Type: spec.StringOrArray([]string{param.Type}), - Nullable: param.Nullable, - Format: param.Format, - In: param.In, - Path: param.Name, - }, - p.stringValidator(), - p.formatValidator(), - p.numberValidator(), - p.sliceValidator(), - p.commonValidator(), - } - return p -} - -// Validate the data against the description of the parameter -func (p *ParamValidator) Validate(data interface{}) *Result { - result := new(Result) - tpe := reflect.TypeOf(data) - kind := tpe.Kind() - - // TODO: validate type - for _, validator := range p.validators { - if validator.Applies(p.param, kind) { - if err := validator.Validate(data); err != nil { - result.Merge(err) - if err.HasErrors() { - return result - } - } - } - } - return nil -} - -func (p *ParamValidator) commonValidator() valueValidator { - return &basicCommonValidator{ - Path: p.param.Name, - In: p.param.In, - Default: p.param.Default, - Enum: p.param.Enum, - } -} - -func (p *ParamValidator) sliceValidator() valueValidator { - return &basicSliceValidator{ - Path: p.param.Name, - In: p.param.In, - Default: p.param.Default, - MaxItems: p.param.MaxItems, - MinItems: p.param.MinItems, - UniqueItems: p.param.UniqueItems, - Items: p.param.Items, - Source: p.param, - KnownFormats: p.KnownFormats, - } -} - -func (p *ParamValidator) numberValidator() valueValidator { - return &numberValidator{ - Path: p.param.Name, - In: p.param.In, - Default: p.param.Default, - MultipleOf: p.param.MultipleOf, - Maximum: p.param.Maximum, - ExclusiveMaximum: p.param.ExclusiveMaximum, - Minimum: p.param.Minimum, - ExclusiveMinimum: p.param.ExclusiveMinimum, - Type: p.param.Type, - Format: p.param.Format, - } -} - -func (p *ParamValidator) stringValidator() valueValidator { - return &stringValidator{ - Path: p.param.Name, - In: p.param.In, - Default: p.param.Default, - AllowEmptyValue: p.param.AllowEmptyValue, - Required: p.param.Required, - MaxLength: p.param.MaxLength, - MinLength: p.param.MinLength, - Pattern: p.param.Pattern, - } -} - -func (p *ParamValidator) formatValidator() valueValidator { - return &formatValidator{ - Path: p.param.Name, - In: p.param.In, - //Default: p.param.Default, - Format: p.param.Format, - KnownFormats: p.KnownFormats, - } -} - -type basicSliceValidator struct { - Path string - In string - Default interface{} - MaxItems *int64 - MinItems *int64 - UniqueItems bool - Items *spec.Items - Source interface{} - itemsValidator *itemsValidator - KnownFormats strfmt.Registry -} - -func (s *basicSliceValidator) SetPath(path string) { - s.Path = path -} - -func (s *basicSliceValidator) Applies(source interface{}, kind reflect.Kind) bool { - switch source.(type) { - case *spec.Parameter, *spec.Items, *spec.Header: - return kind == reflect.Slice - } - return false -} - -func (s *basicSliceValidator) Validate(data interface{}) *Result { - val := reflect.ValueOf(data) - - size := int64(val.Len()) - if s.MinItems != nil { - if err := MinItems(s.Path, s.In, size, *s.MinItems); err != nil { - return errorHelp.sErr(err) - } - } - - if s.MaxItems != nil { - if err := MaxItems(s.Path, s.In, size, *s.MaxItems); err != nil { - return errorHelp.sErr(err) - } - } - - if s.UniqueItems { - if err := UniqueItems(s.Path, s.In, data); err != nil { - return errorHelp.sErr(err) - } - } - - if s.itemsValidator == nil && s.Items != nil { - s.itemsValidator = newItemsValidator(s.Path, s.In, s.Items, s.Source, s.KnownFormats) - } - - if s.itemsValidator != nil { - for i := 0; i < int(size); i++ { - ele := val.Index(i) - if err := s.itemsValidator.Validate(i, ele.Interface()); err != nil && err.HasErrors() { - return err - } - } - } - return nil -} - -/* unused -func (s *basicSliceValidator) hasDuplicates(value reflect.Value, size int) bool { - dict := make(map[interface{}]struct{}) - for i := 0; i < size; i++ { - ele := value.Index(i) - if _, ok := dict[ele.Interface()]; ok { - return true - } - dict[ele.Interface()] = struct{}{} - } - return false -} -*/ - -type numberValidator struct { - Path string - In string - Default interface{} - MultipleOf *float64 - Maximum *float64 - ExclusiveMaximum bool - Minimum *float64 - ExclusiveMinimum bool - // Allows for more accurate behavior regarding integers - Type string - Format string -} - -func (n *numberValidator) SetPath(path string) { - n.Path = path -} - -func (n *numberValidator) Applies(source interface{}, kind reflect.Kind) bool { - switch source.(type) { - case *spec.Parameter, *spec.Schema, *spec.Items, *spec.Header: - isInt := kind >= reflect.Int && kind <= reflect.Uint64 - isFloat := kind == reflect.Float32 || kind == reflect.Float64 - r := isInt || isFloat - debugLog("schema props validator for %q applies %t for %T (kind: %v) isInt=%t, isFloat=%t\n", n.Path, r, source, kind, isInt, isFloat) - return r - } - debugLog("schema props validator for %q applies %t for %T (kind: %v)\n", n.Path, false, source, kind) - return false -} - -// Validate provides a validator for generic JSON numbers, -// -// By default, numbers are internally represented as float64. -// Formats float, or float32 may alter this behavior by mapping to float32. -// A special validation process is followed for integers, with optional "format": -// this is an attempt to provide a validation with native types. -// -// NOTE: since the constraint specified (boundary, multipleOf) is unmarshalled -// as float64, loss of information remains possible (e.g. on very large integers). -// -// Since this value directly comes from the unmarshalling, it is not possible -// at this stage of processing to check further and guarantee the correctness of such values. -// -// Normally, the JSON Number.MAX_SAFE_INTEGER (resp. Number.MIN_SAFE_INTEGER) -// would check we do not get such a loss. -// -// If this is the case, replace AddErrors() by AddWarnings() and IsValid() by !HasWarnings(). -// -// TODO: consider replacing boundary check errors by simple warnings. -// -// TODO: default boundaries with MAX_SAFE_INTEGER are not checked (specific to json.Number?) -func (n *numberValidator) Validate(val interface{}) *Result { - res := new(Result) - - resMultiple := new(Result) - resMinimum := new(Result) - resMaximum := new(Result) - - // Used only to attempt to validate constraint on value, - // even though value or constraint specified do not match type and format - data := valueHelp.asFloat64(val) - - // Is the provided value within the range of the specified numeric type and format? - res.AddErrors(IsValueValidAgainstRange(val, n.Type, n.Format, "Checked", n.Path)) - - // nolint: dupl - if n.MultipleOf != nil { - // Is the constraint specifier within the range of the specific numeric type and format? - resMultiple.AddErrors(IsValueValidAgainstRange(*n.MultipleOf, n.Type, n.Format, "MultipleOf", n.Path)) - if resMultiple.IsValid() { - // Constraint validated with compatible types - if err := MultipleOfNativeType(n.Path, n.In, val, *n.MultipleOf); err != nil { - resMultiple.Merge(errorHelp.sErr(err)) - } - } else { - // Constraint nevertheless validated, converted as general number - if err := MultipleOf(n.Path, n.In, data, *n.MultipleOf); err != nil { - resMultiple.Merge(errorHelp.sErr(err)) - } - } - } - - // nolint: dupl - if n.Maximum != nil { - // Is the constraint specifier within the range of the specific numeric type and format? - resMaximum.AddErrors(IsValueValidAgainstRange(*n.Maximum, n.Type, n.Format, "Maximum boundary", n.Path)) - if resMaximum.IsValid() { - // Constraint validated with compatible types - if err := MaximumNativeType(n.Path, n.In, val, *n.Maximum, n.ExclusiveMaximum); err != nil { - resMaximum.Merge(errorHelp.sErr(err)) - } - } else { - // Constraint nevertheless validated, converted as general number - if err := Maximum(n.Path, n.In, data, *n.Maximum, n.ExclusiveMaximum); err != nil { - resMaximum.Merge(errorHelp.sErr(err)) - } - } - } - - // nolint: dupl - if n.Minimum != nil { - // Is the constraint specifier within the range of the specific numeric type and format? - resMinimum.AddErrors(IsValueValidAgainstRange(*n.Minimum, n.Type, n.Format, "Minimum boundary", n.Path)) - if resMinimum.IsValid() { - // Constraint validated with compatible types - if err := MinimumNativeType(n.Path, n.In, val, *n.Minimum, n.ExclusiveMinimum); err != nil { - resMinimum.Merge(errorHelp.sErr(err)) - } - } else { - // Constraint nevertheless validated, converted as general number - if err := Minimum(n.Path, n.In, data, *n.Minimum, n.ExclusiveMinimum); err != nil { - resMinimum.Merge(errorHelp.sErr(err)) - } - } - } - res.Merge(resMultiple, resMinimum, resMaximum) - res.Inc() - return res -} - -type stringValidator struct { - Default interface{} - Required bool - AllowEmptyValue bool - MaxLength *int64 - MinLength *int64 - Pattern string - Path string - In string -} - -func (s *stringValidator) SetPath(path string) { - s.Path = path -} - -func (s *stringValidator) Applies(source interface{}, kind reflect.Kind) bool { - switch source.(type) { - case *spec.Parameter, *spec.Schema, *spec.Items, *spec.Header: - r := kind == reflect.String - debugLog("string validator for %q applies %t for %T (kind: %v)\n", s.Path, r, source, kind) - return r - } - debugLog("string validator for %q applies %t for %T (kind: %v)\n", s.Path, false, source, kind) - return false -} - -func (s *stringValidator) Validate(val interface{}) *Result { - data, ok := val.(string) - if !ok { - return errorHelp.sErr(errors.InvalidType(s.Path, s.In, stringType, val)) - } - - if s.Required && !s.AllowEmptyValue && (s.Default == nil || s.Default == "") { - if err := RequiredString(s.Path, s.In, data); err != nil { - return errorHelp.sErr(err) - } - } - - if s.MaxLength != nil { - if err := MaxLength(s.Path, s.In, data, *s.MaxLength); err != nil { - return errorHelp.sErr(err) - } - } - - if s.MinLength != nil { - if err := MinLength(s.Path, s.In, data, *s.MinLength); err != nil { - return errorHelp.sErr(err) - } - } - - if s.Pattern != "" { - if err := Pattern(s.Path, s.In, data, s.Pattern); err != nil { - return errorHelp.sErr(err) - } - } - return nil -} diff --git a/vendor/github.com/go-stack/stack/.travis.yml b/vendor/github.com/go-stack/stack/.travis.yml deleted file mode 100644 index 5c5a2b516d39..000000000000 --- a/vendor/github.com/go-stack/stack/.travis.yml +++ /dev/null @@ -1,15 +0,0 @@ -language: go -sudo: false -go: - - 1.7.x - - 1.8.x - - 1.9.x - - 1.10.x - - 1.11.x - - tip - -before_install: - - go get github.com/mattn/goveralls - -script: - - goveralls -service=travis-ci diff --git a/vendor/github.com/go-stack/stack/LICENSE.md b/vendor/github.com/go-stack/stack/LICENSE.md deleted file mode 100644 index 2abf98ea835e..000000000000 --- a/vendor/github.com/go-stack/stack/LICENSE.md +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2014 Chris Hines - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/vendor/github.com/go-stack/stack/README.md b/vendor/github.com/go-stack/stack/README.md deleted file mode 100644 index f11ccccaa430..000000000000 --- a/vendor/github.com/go-stack/stack/README.md +++ /dev/null @@ -1,38 +0,0 @@ -[![GoDoc](https://godoc.org/github.com/go-stack/stack?status.svg)](https://godoc.org/github.com/go-stack/stack) -[![Go Report Card](https://goreportcard.com/badge/go-stack/stack)](https://goreportcard.com/report/go-stack/stack) -[![TravisCI](https://travis-ci.org/go-stack/stack.svg?branch=master)](https://travis-ci.org/go-stack/stack) -[![Coverage Status](https://coveralls.io/repos/github/go-stack/stack/badge.svg?branch=master)](https://coveralls.io/github/go-stack/stack?branch=master) - -# stack - -Package stack implements utilities to capture, manipulate, and format call -stacks. It provides a simpler API than package runtime. - -The implementation takes care of the minutia and special cases of interpreting -the program counter (pc) values returned by runtime.Callers. - -## Versioning - -Package stack publishes releases via [semver](http://semver.org/) compatible Git -tags prefixed with a single 'v'. The master branch always contains the latest -release. The develop branch contains unreleased commits. - -## Formatting - -Package stack's types implement fmt.Formatter, which provides a simple and -flexible way to declaratively configure formatting when used with logging or -error tracking packages. - -```go -func DoTheThing() { - c := stack.Caller(0) - log.Print(c) // "source.go:10" - log.Printf("%+v", c) // "pkg/path/source.go:10" - log.Printf("%n", c) // "DoTheThing" - - s := stack.Trace().TrimRuntime() - log.Print(s) // "[source.go:15 caller.go:42 main.go:14]" -} -``` - -See the docs for all of the supported formatting options. diff --git a/vendor/github.com/go-stack/stack/go.mod b/vendor/github.com/go-stack/stack/go.mod deleted file mode 100644 index 96a53a10926d..000000000000 --- a/vendor/github.com/go-stack/stack/go.mod +++ /dev/null @@ -1 +0,0 @@ -module github.com/go-stack/stack diff --git a/vendor/github.com/go-stack/stack/stack.go b/vendor/github.com/go-stack/stack/stack.go deleted file mode 100644 index ac3b93b14f48..000000000000 --- a/vendor/github.com/go-stack/stack/stack.go +++ /dev/null @@ -1,400 +0,0 @@ -// +build go1.7 - -// Package stack implements utilities to capture, manipulate, and format call -// stacks. It provides a simpler API than package runtime. -// -// The implementation takes care of the minutia and special cases of -// interpreting the program counter (pc) values returned by runtime.Callers. -// -// Package stack's types implement fmt.Formatter, which provides a simple and -// flexible way to declaratively configure formatting when used with logging -// or error tracking packages. -package stack - -import ( - "bytes" - "errors" - "fmt" - "io" - "runtime" - "strconv" - "strings" -) - -// Call records a single function invocation from a goroutine stack. -type Call struct { - frame runtime.Frame -} - -// Caller returns a Call from the stack of the current goroutine. The argument -// skip is the number of stack frames to ascend, with 0 identifying the -// calling function. -func Caller(skip int) Call { - // As of Go 1.9 we need room for up to three PC entries. - // - // 0. An entry for the stack frame prior to the target to check for - // special handling needed if that prior entry is runtime.sigpanic. - // 1. A possible second entry to hold metadata about skipped inlined - // functions. If inline functions were not skipped the target frame - // PC will be here. - // 2. A third entry for the target frame PC when the second entry - // is used for skipped inline functions. - var pcs [3]uintptr - n := runtime.Callers(skip+1, pcs[:]) - frames := runtime.CallersFrames(pcs[:n]) - frame, _ := frames.Next() - frame, _ = frames.Next() - - return Call{ - frame: frame, - } -} - -// String implements fmt.Stinger. It is equivalent to fmt.Sprintf("%v", c). -func (c Call) String() string { - return fmt.Sprint(c) -} - -// MarshalText implements encoding.TextMarshaler. It formats the Call the same -// as fmt.Sprintf("%v", c). -func (c Call) MarshalText() ([]byte, error) { - if c.frame == (runtime.Frame{}) { - return nil, ErrNoFunc - } - - buf := bytes.Buffer{} - fmt.Fprint(&buf, c) - return buf.Bytes(), nil -} - -// ErrNoFunc means that the Call has a nil *runtime.Func. The most likely -// cause is a Call with the zero value. -var ErrNoFunc = errors.New("no call stack information") - -// Format implements fmt.Formatter with support for the following verbs. -// -// %s source file -// %d line number -// %n function name -// %k last segment of the package path -// %v equivalent to %s:%d -// -// It accepts the '+' and '#' flags for most of the verbs as follows. -// -// %+s path of source file relative to the compile time GOPATH, -// or the module path joined to the path of source file relative -// to module root -// %#s full path of source file -// %+n import path qualified function name -// %+k full package path -// %+v equivalent to %+s:%d -// %#v equivalent to %#s:%d -func (c Call) Format(s fmt.State, verb rune) { - if c.frame == (runtime.Frame{}) { - fmt.Fprintf(s, "%%!%c(NOFUNC)", verb) - return - } - - switch verb { - case 's', 'v': - file := c.frame.File - switch { - case s.Flag('#'): - // done - case s.Flag('+'): - file = pkgFilePath(&c.frame) - default: - const sep = "/" - if i := strings.LastIndex(file, sep); i != -1 { - file = file[i+len(sep):] - } - } - io.WriteString(s, file) - if verb == 'v' { - buf := [7]byte{':'} - s.Write(strconv.AppendInt(buf[:1], int64(c.frame.Line), 10)) - } - - case 'd': - buf := [6]byte{} - s.Write(strconv.AppendInt(buf[:0], int64(c.frame.Line), 10)) - - case 'k': - name := c.frame.Function - const pathSep = "/" - start, end := 0, len(name) - if i := strings.LastIndex(name, pathSep); i != -1 { - start = i + len(pathSep) - } - const pkgSep = "." - if i := strings.Index(name[start:], pkgSep); i != -1 { - end = start + i - } - if s.Flag('+') { - start = 0 - } - io.WriteString(s, name[start:end]) - - case 'n': - name := c.frame.Function - if !s.Flag('+') { - const pathSep = "/" - if i := strings.LastIndex(name, pathSep); i != -1 { - name = name[i+len(pathSep):] - } - const pkgSep = "." - if i := strings.Index(name, pkgSep); i != -1 { - name = name[i+len(pkgSep):] - } - } - io.WriteString(s, name) - } -} - -// Frame returns the call frame infomation for the Call. -func (c Call) Frame() runtime.Frame { - return c.frame -} - -// PC returns the program counter for this call frame; multiple frames may -// have the same PC value. -// -// Deprecated: Use Call.Frame instead. -func (c Call) PC() uintptr { - return c.frame.PC -} - -// CallStack records a sequence of function invocations from a goroutine -// stack. -type CallStack []Call - -// String implements fmt.Stinger. It is equivalent to fmt.Sprintf("%v", cs). -func (cs CallStack) String() string { - return fmt.Sprint(cs) -} - -var ( - openBracketBytes = []byte("[") - closeBracketBytes = []byte("]") - spaceBytes = []byte(" ") -) - -// MarshalText implements encoding.TextMarshaler. It formats the CallStack the -// same as fmt.Sprintf("%v", cs). -func (cs CallStack) MarshalText() ([]byte, error) { - buf := bytes.Buffer{} - buf.Write(openBracketBytes) - for i, pc := range cs { - if i > 0 { - buf.Write(spaceBytes) - } - fmt.Fprint(&buf, pc) - } - buf.Write(closeBracketBytes) - return buf.Bytes(), nil -} - -// Format implements fmt.Formatter by printing the CallStack as square brackets -// ([, ]) surrounding a space separated list of Calls each formatted with the -// supplied verb and options. -func (cs CallStack) Format(s fmt.State, verb rune) { - s.Write(openBracketBytes) - for i, pc := range cs { - if i > 0 { - s.Write(spaceBytes) - } - pc.Format(s, verb) - } - s.Write(closeBracketBytes) -} - -// Trace returns a CallStack for the current goroutine with element 0 -// identifying the calling function. -func Trace() CallStack { - var pcs [512]uintptr - n := runtime.Callers(1, pcs[:]) - - frames := runtime.CallersFrames(pcs[:n]) - cs := make(CallStack, 0, n) - - // Skip extra frame retrieved just to make sure the runtime.sigpanic - // special case is handled. - frame, more := frames.Next() - - for more { - frame, more = frames.Next() - cs = append(cs, Call{frame: frame}) - } - - return cs -} - -// TrimBelow returns a slice of the CallStack with all entries below c -// removed. -func (cs CallStack) TrimBelow(c Call) CallStack { - for len(cs) > 0 && cs[0] != c { - cs = cs[1:] - } - return cs -} - -// TrimAbove returns a slice of the CallStack with all entries above c -// removed. -func (cs CallStack) TrimAbove(c Call) CallStack { - for len(cs) > 0 && cs[len(cs)-1] != c { - cs = cs[:len(cs)-1] - } - return cs -} - -// pkgIndex returns the index that results in file[index:] being the path of -// file relative to the compile time GOPATH, and file[:index] being the -// $GOPATH/src/ portion of file. funcName must be the name of a function in -// file as returned by runtime.Func.Name. -func pkgIndex(file, funcName string) int { - // As of Go 1.6.2 there is no direct way to know the compile time GOPATH - // at runtime, but we can infer the number of path segments in the GOPATH. - // We note that runtime.Func.Name() returns the function name qualified by - // the import path, which does not include the GOPATH. Thus we can trim - // segments from the beginning of the file path until the number of path - // separators remaining is one more than the number of path separators in - // the function name. For example, given: - // - // GOPATH /home/user - // file /home/user/src/pkg/sub/file.go - // fn.Name() pkg/sub.Type.Method - // - // We want to produce: - // - // file[:idx] == /home/user/src/ - // file[idx:] == pkg/sub/file.go - // - // From this we can easily see that fn.Name() has one less path separator - // than our desired result for file[idx:]. We count separators from the - // end of the file path until it finds two more than in the function name - // and then move one character forward to preserve the initial path - // segment without a leading separator. - const sep = "/" - i := len(file) - for n := strings.Count(funcName, sep) + 2; n > 0; n-- { - i = strings.LastIndex(file[:i], sep) - if i == -1 { - i = -len(sep) - break - } - } - // get back to 0 or trim the leading separator - return i + len(sep) -} - -// pkgFilePath returns the frame's filepath relative to the compile-time GOPATH, -// or its module path joined to its path relative to the module root. -// -// As of Go 1.11 there is no direct way to know the compile time GOPATH or -// module paths at runtime, but we can piece together the desired information -// from available information. We note that runtime.Frame.Function contains the -// function name qualified by the package path, which includes the module path -// but not the GOPATH. We can extract the package path from that and append the -// last segments of the file path to arrive at the desired package qualified -// file path. For example, given: -// -// GOPATH /home/user -// import path pkg/sub -// frame.File /home/user/src/pkg/sub/file.go -// frame.Function pkg/sub.Type.Method -// Desired return pkg/sub/file.go -// -// It appears that we simply need to trim ".Type.Method" from frame.Function and -// append "/" + path.Base(file). -// -// But there are other wrinkles. Although it is idiomatic to do so, the internal -// name of a package is not required to match the last segment of its import -// path. In addition, the introduction of modules in Go 1.11 allows working -// without a GOPATH. So we also must make these work right: -// -// GOPATH /home/user -// import path pkg/go-sub -// package name sub -// frame.File /home/user/src/pkg/go-sub/file.go -// frame.Function pkg/sub.Type.Method -// Desired return pkg/go-sub/file.go -// -// Module path pkg/v2 -// import path pkg/v2/go-sub -// package name sub -// frame.File /home/user/cloned-pkg/go-sub/file.go -// frame.Function pkg/v2/sub.Type.Method -// Desired return pkg/v2/go-sub/file.go -// -// We can handle all of these situations by using the package path extracted -// from frame.Function up to, but not including, the last segment as the prefix -// and the last two segments of frame.File as the suffix of the returned path. -// This preserves the existing behavior when working in a GOPATH without modules -// and a semantically equivalent behavior when used in module aware project. -func pkgFilePath(frame *runtime.Frame) string { - pre := pkgPrefix(frame.Function) - post := pathSuffix(frame.File) - if pre == "" { - return post - } - return pre + "/" + post -} - -// pkgPrefix returns the import path of the function's package with the final -// segment removed. -func pkgPrefix(funcName string) string { - const pathSep = "/" - end := strings.LastIndex(funcName, pathSep) - if end == -1 { - return "" - } - return funcName[:end] -} - -// pathSuffix returns the last two segments of path. -func pathSuffix(path string) string { - const pathSep = "/" - lastSep := strings.LastIndex(path, pathSep) - if lastSep == -1 { - return path - } - return path[strings.LastIndex(path[:lastSep], pathSep)+1:] -} - -var runtimePath string - -func init() { - var pcs [3]uintptr - runtime.Callers(0, pcs[:]) - frames := runtime.CallersFrames(pcs[:]) - frame, _ := frames.Next() - file := frame.File - - idx := pkgIndex(frame.File, frame.Function) - - runtimePath = file[:idx] - if runtime.GOOS == "windows" { - runtimePath = strings.ToLower(runtimePath) - } -} - -func inGoroot(c Call) bool { - file := c.frame.File - if len(file) == 0 || file[0] == '?' { - return true - } - if runtime.GOOS == "windows" { - file = strings.ToLower(file) - } - return strings.HasPrefix(file, runtimePath) || strings.HasSuffix(file, "/_testmain.go") -} - -// TrimRuntime returns a slice of the CallStack with the topmost entries from -// the go runtime removed. It considers any calls originating from unknown -// files, files under GOROOT, or _testmain.go as part of the runtime. -func (cs CallStack) TrimRuntime() CallStack { - for len(cs) > 0 && inGoroot(cs[len(cs)-1]) { - cs = cs[:len(cs)-1] - } - return cs -} diff --git a/vendor/github.com/opencontainers/go-digest/.mailmap b/vendor/github.com/opencontainers/go-digest/.mailmap index ba611cb21ca5..eaf8b2f9e6c4 100644 --- a/vendor/github.com/opencontainers/go-digest/.mailmap +++ b/vendor/github.com/opencontainers/go-digest/.mailmap @@ -1 +1,4 @@ +Aaron Lehmann +Derek McGowan Stephen J Day +Haibing Zhou diff --git a/vendor/github.com/opencontainers/go-digest/.pullapprove.yml b/vendor/github.com/opencontainers/go-digest/.pullapprove.yml index 45fa4b9ec5f2..b6165f83ca73 100644 --- a/vendor/github.com/opencontainers/go-digest/.pullapprove.yml +++ b/vendor/github.com/opencontainers/go-digest/.pullapprove.yml @@ -1,12 +1,28 @@ -approve_by_comment: true -approve_regex: '^(Approved|lgtm|LGTM|:shipit:|:star:|:\+1:|:ship:)' -reject_regex: ^Rejected -reset_on_push: true -author_approval: ignored -signed_off_by: - required: true -reviewers: - teams: - - go-digest-maintainers - name: default +version: 2 + +requirements: + signed_off_by: + required: true + +always_pending: + title_regex: '^WIP' + explanation: 'Work in progress...' + +group_defaults: required: 2 + approve_by_comment: + enabled: true + approve_regex: '^LGTM' + reject_regex: '^Rejected' + reset_on_push: + enabled: true + author_approval: + ignored: true + conditions: + branches: + - master + +groups: + go-digest: + teams: + - go-digest-maintainers diff --git a/vendor/github.com/opencontainers/go-digest/.travis.yml b/vendor/github.com/opencontainers/go-digest/.travis.yml index 7ea4ed1d2c90..5775f885c1e9 100644 --- a/vendor/github.com/opencontainers/go-digest/.travis.yml +++ b/vendor/github.com/opencontainers/go-digest/.travis.yml @@ -1,4 +1,5 @@ language: go go: - - 1.7 + - 1.12.x + - 1.13.x - master diff --git a/vendor/github.com/opencontainers/go-digest/LICENSE.code b/vendor/github.com/opencontainers/go-digest/LICENSE similarity index 99% rename from vendor/github.com/opencontainers/go-digest/LICENSE.code rename to vendor/github.com/opencontainers/go-digest/LICENSE index 0ea3ff81e3f4..3ac8ab64872e 100644 --- a/vendor/github.com/opencontainers/go-digest/LICENSE.code +++ b/vendor/github.com/opencontainers/go-digest/LICENSE @@ -176,6 +176,7 @@ END OF TERMS AND CONDITIONS + Copyright 2019, 2020 OCI Contributors Copyright 2016 Docker, Inc. Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/vendor/github.com/opencontainers/go-digest/MAINTAINERS b/vendor/github.com/opencontainers/go-digest/MAINTAINERS index 42a29795d7a0..843b1b20618b 100644 --- a/vendor/github.com/opencontainers/go-digest/MAINTAINERS +++ b/vendor/github.com/opencontainers/go-digest/MAINTAINERS @@ -1,9 +1,5 @@ -Aaron Lehmann (@aaronlehmann) -Brandon Philips (@philips) -Brendan Burns (@brendandburns) Derek McGowan (@dmcgowan) -Jason Bouzane (@jbouzane) -John Starks (@jstarks) -Jonathan Boulle (@jonboulle) -Stephen Day (@stevvooe) -Vincent Batts (@vbatts) +Stephen Day (@stevvooe) +Vincent Batts (@vbatts) +Akihiro Suda (@AkihiroSuda) +Sebastiaan van Stijn (@thaJeztah) diff --git a/vendor/github.com/opencontainers/go-digest/README.md b/vendor/github.com/opencontainers/go-digest/README.md index 0f5a04092c42..a11287207edc 100644 --- a/vendor/github.com/opencontainers/go-digest/README.md +++ b/vendor/github.com/opencontainers/go-digest/README.md @@ -8,20 +8,16 @@ Please see the [godoc](https://godoc.org/github.com/opencontainers/go-digest) fo # What is a digest? -A digest is just a hash. +A digest is just a [hash](https://en.wikipedia.org/wiki/Hash_function). -The most common use case for a digest is to create a content -identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage) -systems: +The most common use case for a digest is to create a content identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage) systems: ```go id := digest.FromBytes([]byte("my content")) ``` -In the example above, the id can be used to uniquely identify -the byte slice "my content". This allows two disparate applications -to agree on a verifiable identifier without having to trust one -another. +In the example above, the id can be used to uniquely identify the byte slice "my content". +This allows two disparate applications to agree on a verifiable identifier without having to trust one another. An identifying digest can be verified, as follows: @@ -31,8 +27,7 @@ if id != digest.FromBytes([]byte("my content")) { } ``` -A `Verifier` type can be used to handle cases where an `io.Reader` -makes more sense: +A `Verifier` type can be used to handle cases where an `io.Reader` makes more sense: ```go rd := getContent() @@ -44,33 +39,28 @@ if !verifier.Verified() { } ``` -Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this -can power a rich, safe, content distribution system. +Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this can power a rich, safe, content distribution system. # Usage -While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is -considered the best resource, a few important items need to be called -out when using this package. +While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is considered the best resource, a few important items need to be called out when using this package. -1. Make sure to import the hash implementations into your application - or the package will panic. You should have something like the - following in the main (or other entrypoint) of your application: +1. Make sure to import the hash implementations into your application or the package will panic. + You should have something like the following in the main (or other entrypoint) of your application: ```go import ( _ "crypto/sha256" - _ "crypto/sha512" + _ "crypto/sha512" ) ``` This may seem inconvenient but it allows you replace the hash implementations with others, such as https://github.com/stevvooe/resumable. -2. Even though `digest.Digest` may be assemable as a string, _always_ - verify your input with `digest.Parse` or use `Digest.Validate` - when accepting untrusted input. While there are measures to - avoid common problems, this will ensure you have valid digests - in the rest of your application. +2. Even though `digest.Digest` may be assemblable as a string, _always_ verify your input with `digest.Parse` or use `Digest.Validate` when accepting untrusted input. + While there are measures to avoid common problems, this will ensure you have valid digests in the rest of your application. + +3. While alternative encodings of hash values (digests) are possible (for example, base64), this package deals exclusively with hex-encoded digests. # Stability @@ -80,25 +70,27 @@ As always, before using a package export, read the [godoc](https://godoc.org/git # Contributing -This package is considered fairly complete. It has been in production -in thousands (millions?) of deployments and is fairly battle-hardened. -New additions will be met with skepticism. If you think there is a -missing feature, please file a bug clearly describing the problem and -the alternatives you tried before submitting a PR. +This package is considered fairly complete. +It has been in production in thousands (millions?) of deployments and is fairly battle-hardened. +New additions will be met with skepticism. +If you think there is a missing feature, please file a bug clearly describing the problem and the alternatives you tried before submitting a PR. -# Reporting security issues +## Code of Conduct -Please DO NOT file a public issue, instead send your report privately to -security@opencontainers.org. +Participation in the OpenContainers community is governed by [OpenContainer's Code of Conduct][code-of-conduct]. -The maintainers take security seriously. If you discover a security issue, -please bring it to their attention right away! +## Security -If you are reporting a security issue, do not create an issue or file a pull -request on GitHub. Instead, disclose the issue responsibly by sending an email -to security@opencontainers.org (which is inhabited only by the maintainers of -the various OCI projects). +If you find an issue, please follow the [security][security] protocol to report it. # Copyright and license -Copyright © 2016 Docker, Inc. All rights reserved, except as follows. Code is released under the [Apache 2.0 license](LICENSE.code). This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs). You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/. +Copyright © 2019, 2020 OCI Contributors +Copyright © 2016 Docker, Inc. +All rights reserved, except as follows. +Code is released under the [Apache 2.0 license](LICENSE). +This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs). +You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/. + +[security]: https://github.com/opencontainers/org/blob/master/security +[code-of-conduct]: https://github.com/opencontainers/org/blob/master/CODE_OF_CONDUCT.md diff --git a/vendor/github.com/opencontainers/go-digest/algorithm.go b/vendor/github.com/opencontainers/go-digest/algorithm.go index 8813bd26f1fb..490951dc3f29 100644 --- a/vendor/github.com/opencontainers/go-digest/algorithm.go +++ b/vendor/github.com/opencontainers/go-digest/algorithm.go @@ -1,3 +1,4 @@ +// Copyright 2019, 2020 OCI Contributors // Copyright 2017 Docker, Inc. // // Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/vendor/github.com/opencontainers/go-digest/digest.go b/vendor/github.com/opencontainers/go-digest/digest.go index ad398cba2fb7..518b5e715456 100644 --- a/vendor/github.com/opencontainers/go-digest/digest.go +++ b/vendor/github.com/opencontainers/go-digest/digest.go @@ -1,3 +1,4 @@ +// Copyright 2019, 2020 OCI Contributors // Copyright 2017 Docker, Inc. // // Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/vendor/github.com/opencontainers/go-digest/digester.go b/vendor/github.com/opencontainers/go-digest/digester.go index 36fa2728ef46..ede907757115 100644 --- a/vendor/github.com/opencontainers/go-digest/digester.go +++ b/vendor/github.com/opencontainers/go-digest/digester.go @@ -1,3 +1,4 @@ +// Copyright 2019, 2020 OCI Contributors // Copyright 2017 Docker, Inc. // // Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/vendor/github.com/opencontainers/go-digest/doc.go b/vendor/github.com/opencontainers/go-digest/doc.go index 491ea1ef1f81..83d3a936ca6a 100644 --- a/vendor/github.com/opencontainers/go-digest/doc.go +++ b/vendor/github.com/opencontainers/go-digest/doc.go @@ -1,3 +1,4 @@ +// Copyright 2019, 2020 OCI Contributors // Copyright 2017 Docker, Inc. // // Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,8 +30,13 @@ // // sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc // -// In this case, the string "sha256" is the algorithm and the hex bytes are -// the "digest". +// The "algorithm" portion defines both the hashing algorithm used to calculate +// the digest and the encoding of the resulting digest, which defaults to "hex" +// if not otherwise specified. Currently, all supported algorithms have their +// digests encoded in hex strings. +// +// In the example above, the string "sha256" is the algorithm and the hex bytes +// are the "digest". // // Because the Digest type is simply a string, once a valid Digest is // obtained, comparisons are cheap, quick and simple to express with the diff --git a/vendor/github.com/opencontainers/go-digest/go.mod b/vendor/github.com/opencontainers/go-digest/go.mod new file mode 100644 index 000000000000..cf5d7b1d2d78 --- /dev/null +++ b/vendor/github.com/opencontainers/go-digest/go.mod @@ -0,0 +1,3 @@ +module github.com/opencontainers/go-digest + +go 1.13 diff --git a/vendor/github.com/opencontainers/go-digest/verifiers.go b/vendor/github.com/opencontainers/go-digest/verifiers.go index 32125e918785..afef506f4649 100644 --- a/vendor/github.com/opencontainers/go-digest/verifiers.go +++ b/vendor/github.com/opencontainers/go-digest/verifiers.go @@ -1,3 +1,4 @@ +// Copyright 2019, 2020 OCI Contributors // Copyright 2017 Docker, Inc. // // Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/blkio.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/blkio.go index 52c118d68c16..031a6bbdab20 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/blkio.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/blkio.go @@ -22,12 +22,8 @@ func (s *BlkioGroup) Name() string { return "blkio" } -func (s *BlkioGroup) Apply(d *cgroupData) error { - _, err := d.join("blkio") - if err != nil && !cgroups.IsNotFound(err) { - return err - } - return nil +func (s *BlkioGroup) Apply(path string, d *cgroupData) error { + return join(path, d.pid) } func (s *BlkioGroup) Set(path string, cgroup *configs.Cgroup) error { @@ -74,10 +70,6 @@ func (s *BlkioGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *BlkioGroup) Remove(d *cgroupData) error { - return removePath(d.path("blkio")) -} - /* examples: diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpu.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpu.go index 7386aace14ff..6fb1c2078a50 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpu.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpu.go @@ -21,17 +21,7 @@ func (s *CpuGroup) Name() string { return "cpu" } -func (s *CpuGroup) Apply(d *cgroupData) error { - // We always want to join the cpu group, to allow fair cpu scheduling - // on a container basis - path, err := d.path("cpu") - if err != nil && !cgroups.IsNotFound(err) { - return err - } - return s.ApplyDir(path, d.config, d.pid) -} - -func (s *CpuGroup) ApplyDir(path string, cgroup *configs.Cgroup, pid int) error { +func (s *CpuGroup) Apply(path string, d *cgroupData) error { // This might happen if we have no cpu cgroup mounted. // Just do nothing and don't fail. if path == "" { @@ -43,12 +33,12 @@ func (s *CpuGroup) ApplyDir(path string, cgroup *configs.Cgroup, pid int) error // We should set the real-Time group scheduling settings before moving // in the process because if the process is already in SCHED_RR mode // and no RT bandwidth is set, adding it will fail. - if err := s.SetRtSched(path, cgroup); err != nil { + if err := s.SetRtSched(path, d.config); err != nil { return err } - // because we are not using d.join we need to place the pid into the procs file - // unlike the other subsystems - return cgroups.WriteCgroupProc(path, pid) + // Since we are not using join(), we need to place the pid + // into the procs file unlike other subsystems. + return cgroups.WriteCgroupProc(path, d.pid) } func (s *CpuGroup) SetRtSched(path string, cgroup *configs.Cgroup) error { @@ -96,10 +86,6 @@ func (s *CpuGroup) Set(path string, cgroup *configs.Cgroup) error { return s.SetRtSched(path, cgroup) } -func (s *CpuGroup) Remove(d *cgroupData) error { - return removePath(d.path("cpu")) -} - func (s *CpuGroup) GetStats(path string, stats *cgroups.Stats) error { f, err := os.Open(filepath.Join(path, "cpu.stat")) if err != nil { diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuacct.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuacct.go index dd8aea0c2b93..1a18971bc5a7 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuacct.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuacct.go @@ -40,24 +40,18 @@ func (s *CpuacctGroup) Name() string { return "cpuacct" } -func (s *CpuacctGroup) Apply(d *cgroupData) error { - // we just want to join this group even though we don't set anything - if _, err := d.join("cpuacct"); err != nil && !cgroups.IsNotFound(err) { - return err - } - - return nil +func (s *CpuacctGroup) Apply(path string, d *cgroupData) error { + return join(path, d.pid) } func (s *CpuacctGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *CpuacctGroup) Remove(d *cgroupData) error { - return removePath(d.path("cpuacct")) -} - func (s *CpuacctGroup) GetStats(path string, stats *cgroups.Stats) error { + if !cgroups.PathExists(path) { + return nil + } userModeUsage, kernelModeUsage, err := getCpuUsageBreakdown(path) if err != nil { return err diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuset.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuset.go index 6a7725e3591f..ba17519baea2 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuset.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuset.go @@ -23,12 +23,8 @@ func (s *CpusetGroup) Name() string { return "cpuset" } -func (s *CpusetGroup) Apply(d *cgroupData) error { - dir, err := d.path("cpuset") - if err != nil && !cgroups.IsNotFound(err) { - return err - } - return s.ApplyDir(dir, d.config, d.pid) +func (s *CpusetGroup) Apply(path string, d *cgroupData) error { + return s.ApplyDir(path, d.config, d.pid) } func (s *CpusetGroup) Set(path string, cgroup *configs.Cgroup) error { @@ -45,10 +41,6 @@ func (s *CpusetGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *CpusetGroup) Remove(d *cgroupData) error { - return removePath(d.path("cpuset")) -} - func (s *CpusetGroup) GetStats(path string, stats *cgroups.Stats) error { return nil } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go index 6a8f1d354851..fd8f00d5bfd0 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go @@ -22,17 +22,16 @@ func (s *DevicesGroup) Name() string { return "devices" } -func (s *DevicesGroup) Apply(d *cgroupData) error { +func (s *DevicesGroup) Apply(path string, d *cgroupData) error { if d.config.SkipDevices { return nil } - _, err := d.join("devices") - if err != nil { - // We will return error even it's `not found` error, devices - // cgroup is hard requirement for container's security. - return err + if path == "" { + // Return error here, since devices cgroup + // is a hard requirement for container's security. + return errSubsystemDoesNotExist } - return nil + return join(path, d.pid) } func loadEmulator(path string) (*devices.Emulator, error) { @@ -106,10 +105,6 @@ func (s *DevicesGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *DevicesGroup) Remove(d *cgroupData) error { - return removePath(d.path("devices")) -} - func (s *DevicesGroup) GetStats(path string, stats *cgroups.Stats) error { return nil } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go index b5b77da9421d..11cb1646f482 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go @@ -22,12 +22,8 @@ func (s *FreezerGroup) Name() string { return "freezer" } -func (s *FreezerGroup) Apply(d *cgroupData) error { - _, err := d.join("freezer") - if err != nil && !cgroups.IsNotFound(err) { - return err - } - return nil +func (s *FreezerGroup) Apply(path string, d *cgroupData) error { + return join(path, d.pid) } func (s *FreezerGroup) Set(path string, cgroup *configs.Cgroup) error { @@ -61,10 +57,6 @@ func (s *FreezerGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *FreezerGroup) Remove(d *cgroupData) error { - return removePath(d.path("freezer")) -} - func (s *FreezerGroup) GetStats(path string, stats *cgroups.Stats) error { return nil } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/fs.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/fs.go index b9f298b41ed6..3ccf3a3c61d6 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/fs.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/fs.go @@ -18,7 +18,7 @@ import ( ) var ( - subsystemsLegacy = subsystemSet{ + subsystems = []subsystem{ &CpusetGroup{}, &DevicesGroup{}, &MemoryGroup{}, @@ -38,26 +38,13 @@ var ( var errSubsystemDoesNotExist = errors.New("cgroup: subsystem does not exist") -type subsystemSet []subsystem - -func (s subsystemSet) Get(name string) (subsystem, error) { - for _, ss := range s { - if ss.Name() == name { - return ss, nil - } - } - return nil, errSubsystemDoesNotExist -} - type subsystem interface { // Name returns the name of the subsystem. Name() string // Returns the stats, as 'stats', corresponding to the cgroup under 'path'. GetStats(path string, stats *cgroups.Stats) error - // Removes the cgroup represented by 'cgroupData'. - Remove(*cgroupData) error // Creates and joins the cgroup represented by 'cgroupData'. - Apply(*cgroupData) error + Apply(path string, c *cgroupData) error // Set the cgroup represented by cgroup. Set(path string, cgroup *configs.Cgroup) error } @@ -81,6 +68,56 @@ func NewManager(cg *configs.Cgroup, paths map[string]string, rootless bool) cgro var cgroupRootLock sync.Mutex var cgroupRoot string +const defaultCgroupRoot = "/sys/fs/cgroup" + +func tryDefaultCgroupRoot() string { + var st, pst unix.Stat_t + + // (1) it should be a directory... + err := unix.Lstat(defaultCgroupRoot, &st) + if err != nil || st.Mode&unix.S_IFDIR == 0 { + return "" + } + + // (2) ... and a mount point ... + err = unix.Lstat(filepath.Dir(defaultCgroupRoot), &pst) + if err != nil { + return "" + } + + if st.Dev == pst.Dev { + // parent dir has the same dev -- not a mount point + return "" + } + + // (3) ... of 'tmpfs' fs type. + var fst unix.Statfs_t + err = unix.Statfs(defaultCgroupRoot, &fst) + if err != nil || fst.Type != unix.TMPFS_MAGIC { + return "" + } + + // (4) it should have at least 1 entry ... + dir, err := os.Open(defaultCgroupRoot) + if err != nil { + return "" + } + names, err := dir.Readdirnames(1) + if err != nil { + return "" + } + if len(names) < 1 { + return "" + } + // ... which is a cgroup mount point. + err = unix.Statfs(filepath.Join(defaultCgroupRoot, names[0]), &fst) + if err != nil || fst.Type != unix.CGROUP_SUPER_MAGIC { + return "" + } + + return defaultCgroupRoot +} + // Gets the cgroupRoot. func getCgroupRoot() (string, error) { cgroupRootLock.Lock() @@ -90,6 +127,14 @@ func getCgroupRoot() (string, error) { return cgroupRoot, nil } + // fast path + cgroupRoot = tryDefaultCgroupRoot() + if cgroupRoot != "" { + return cgroupRoot, nil + } + + // slow path: parse mountinfo, find the first mount where fs=cgroup + // (e.g. "/sys/fs/cgroup/memory"), use its parent. f, err := os.Open("/proc/self/mountinfo") if err != nil { return "", err @@ -166,10 +211,6 @@ func isIgnorableError(rootless bool, err error) bool { return false } -func (m *manager) getSubsystems() subsystemSet { - return subsystemsLegacy -} - func (m *manager) Apply(pid int) (err error) { if m.cgroups == nil { return nil @@ -199,7 +240,7 @@ func (m *manager) Apply(pid int) (err error) { return cgroups.EnterPid(m.paths, pid) } - for _, sys := range m.getSubsystems() { + for _, sys := range subsystems { p, err := d.path(sys.Name()) if err != nil { // The non-presence of the devices subsystem is @@ -211,7 +252,7 @@ func (m *manager) Apply(pid int) (err error) { } m.paths[sys.Name()] = p - if err := sys.Apply(d); err != nil { + if err := sys.Apply(p, d); err != nil { // In the case of rootless (including euid=0 in userns), where an // explicit cgroup path hasn't been set, we don't bail on error in // case of permission problems. Cases where limits have been set @@ -250,9 +291,9 @@ func (m *manager) GetStats() (*cgroups.Stats, error) { m.mu.Lock() defer m.mu.Unlock() stats := cgroups.NewStats() - for name, path := range m.paths { - sys, err := m.getSubsystems().Get(name) - if err == errSubsystemDoesNotExist || !cgroups.PathExists(path) { + for _, sys := range subsystems { + path := m.paths[sys.Name()] + if path == "" { continue } if err := sys.GetStats(path, stats); err != nil { @@ -275,7 +316,7 @@ func (m *manager) Set(container *configs.Config) error { m.mu.Lock() defer m.mu.Unlock() - for _, sys := range m.getSubsystems() { + for _, sys := range subsystems { path := m.paths[sys.Name()] if err := sys.Set(path, container.Cgroups); err != nil { if m.rootless && sys.Name() == "devices" { @@ -374,18 +415,14 @@ func (raw *cgroupData) path(subsystem string) (string, error) { return filepath.Join(parentPath, raw.innerPath), nil } -func (raw *cgroupData) join(subsystem string) (string, error) { - path, err := raw.path(subsystem) - if err != nil { - return "", err +func join(path string, pid int) error { + if path == "" { + return nil } if err := os.MkdirAll(path, 0755); err != nil { - return "", err - } - if err := cgroups.WriteCgroupProc(path, raw.pid); err != nil { - return "", err + return err } - return path, nil + return cgroups.WriteCgroupProc(path, pid) } func removePath(p string, err error) error { diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/hugetlb.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/hugetlb.go index 68719c2e6ded..d32d02da1ca9 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/hugetlb.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/hugetlb.go @@ -19,12 +19,8 @@ func (s *HugetlbGroup) Name() string { return "hugetlb" } -func (s *HugetlbGroup) Apply(d *cgroupData) error { - _, err := d.join("hugetlb") - if err != nil && !cgroups.IsNotFound(err) { - return err - } - return nil +func (s *HugetlbGroup) Apply(path string, d *cgroupData) error { + return join(path, d.pid) } func (s *HugetlbGroup) Set(path string, cgroup *configs.Cgroup) error { @@ -37,12 +33,11 @@ func (s *HugetlbGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *HugetlbGroup) Remove(d *cgroupData) error { - return removePath(d.path("hugetlb")) -} - func (s *HugetlbGroup) GetStats(path string, stats *cgroups.Stats) error { hugetlbStats := cgroups.HugetlbStats{} + if !cgroups.PathExists(path) { + return nil + } for _, pageSize := range HugePageSizes { usage := strings.Join([]string{"hugetlb", pageSize, "usage_in_bytes"}, ".") value, err := fscommon.GetCgroupParamUint(path, usage) diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/memory.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/memory.go index f7b8f999e87c..41adcd38f47c 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/memory.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/memory.go @@ -37,11 +37,8 @@ func (s *MemoryGroup) Name() string { return "memory" } -func (s *MemoryGroup) Apply(d *cgroupData) (err error) { - path, err := d.path("memory") - if err != nil && !cgroups.IsNotFound(err) { - return err - } else if path == "" { +func (s *MemoryGroup) Apply(path string, d *cgroupData) (err error) { + if path == "" { return nil } if memoryAssigned(d.config) { @@ -66,11 +63,7 @@ func (s *MemoryGroup) Apply(d *cgroupData) (err error) { // We need to join memory cgroup after set memory limits, because // kmem.limit_in_bytes can only be set when the cgroup is empty. - _, err = d.join("memory") - if err != nil && !cgroups.IsNotFound(err) { - return err - } - return nil + return join(path, d.pid) } func setMemoryAndSwap(path string, cgroup *configs.Cgroup) error { @@ -165,10 +158,6 @@ func (s *MemoryGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *MemoryGroup) Remove(d *cgroupData) error { - return removePath(d.path("memory")) -} - func (s *MemoryGroup) GetStats(path string, stats *cgroups.Stats) error { // Set stats from memory.stat. statsFile, err := os.Open(filepath.Join(path, "memory.stat")) diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/name.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/name.go index d8cf1d87c043..9a5af709d249 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/name.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/name.go @@ -16,10 +16,10 @@ func (s *NameGroup) Name() string { return s.GroupName } -func (s *NameGroup) Apply(d *cgroupData) error { +func (s *NameGroup) Apply(path string, d *cgroupData) error { if s.Join { // ignore errors if the named cgroup does not exist - d.join(s.GroupName) + join(path, d.pid) } return nil } @@ -28,13 +28,6 @@ func (s *NameGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *NameGroup) Remove(d *cgroupData) error { - if s.Join { - removePath(d.path(s.GroupName)) - } - return nil -} - func (s *NameGroup) GetStats(path string, stats *cgroups.Stats) error { return nil } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_cls.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_cls.go index 0212015255e7..901e9554431c 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_cls.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_cls.go @@ -17,12 +17,8 @@ func (s *NetClsGroup) Name() string { return "net_cls" } -func (s *NetClsGroup) Apply(d *cgroupData) error { - _, err := d.join("net_cls") - if err != nil && !cgroups.IsNotFound(err) { - return err - } - return nil +func (s *NetClsGroup) Apply(path string, d *cgroupData) error { + return join(path, d.pid) } func (s *NetClsGroup) Set(path string, cgroup *configs.Cgroup) error { @@ -35,10 +31,6 @@ func (s *NetClsGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *NetClsGroup) Remove(d *cgroupData) error { - return removePath(d.path("net_cls")) -} - func (s *NetClsGroup) GetStats(path string, stats *cgroups.Stats) error { return nil } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_prio.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_prio.go index 2bdeedf80afe..a9645de261bb 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_prio.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_prio.go @@ -15,12 +15,8 @@ func (s *NetPrioGroup) Name() string { return "net_prio" } -func (s *NetPrioGroup) Apply(d *cgroupData) error { - _, err := d.join("net_prio") - if err != nil && !cgroups.IsNotFound(err) { - return err - } - return nil +func (s *NetPrioGroup) Apply(path string, d *cgroupData) error { + return join(path, d.pid) } func (s *NetPrioGroup) Set(path string, cgroup *configs.Cgroup) error { @@ -33,10 +29,6 @@ func (s *NetPrioGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *NetPrioGroup) Remove(d *cgroupData) error { - return removePath(d.path("net_prio")) -} - func (s *NetPrioGroup) GetStats(path string, stats *cgroups.Stats) error { return nil } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/perf_event.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/perf_event.go index 5693676d3a50..dd1e98d0aed7 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/perf_event.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/perf_event.go @@ -14,22 +14,14 @@ func (s *PerfEventGroup) Name() string { return "perf_event" } -func (s *PerfEventGroup) Apply(d *cgroupData) error { - // we just want to join this group even though we don't set anything - if _, err := d.join("perf_event"); err != nil && !cgroups.IsNotFound(err) { - return err - } - return nil +func (s *PerfEventGroup) Apply(path string, d *cgroupData) error { + return join(path, d.pid) } func (s *PerfEventGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *PerfEventGroup) Remove(d *cgroupData) error { - return removePath(d.path("perf_event")) -} - func (s *PerfEventGroup) GetStats(path string, stats *cgroups.Stats) error { return nil } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/pids.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/pids.go index 7bf68013589a..6614df88a782 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/pids.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/pids.go @@ -19,12 +19,8 @@ func (s *PidsGroup) Name() string { return "pids" } -func (s *PidsGroup) Apply(d *cgroupData) error { - _, err := d.join("pids") - if err != nil && !cgroups.IsNotFound(err) { - return err - } - return nil +func (s *PidsGroup) Apply(path string, d *cgroupData) error { + return join(path, d.pid) } func (s *PidsGroup) Set(path string, cgroup *configs.Cgroup) error { @@ -44,11 +40,10 @@ func (s *PidsGroup) Set(path string, cgroup *configs.Cgroup) error { return nil } -func (s *PidsGroup) Remove(d *cgroupData) error { - return removePath(d.path("pids")) -} - func (s *PidsGroup) GetStats(path string, stats *cgroups.Stats) error { + if !cgroups.PathExists(path) { + return nil + } current, err := fscommon.GetCgroupParamUint(path, "pids.current") if err != nil { return fmt.Errorf("failed to parse pids.current - %s", err) diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/v1.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/v1.go index c3cc9c8b3bba..7217b0af79cb 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/v1.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/v1.go @@ -41,18 +41,7 @@ type subsystem interface { var errSubsystemDoesNotExist = errors.New("cgroup: subsystem does not exist") -type subsystemSet []subsystem - -func (s subsystemSet) Get(name string) (subsystem, error) { - for _, ss := range s { - if ss.Name() == name { - return ss, nil - } - } - return nil, errSubsystemDoesNotExist -} - -var legacySubsystems = subsystemSet{ +var legacySubsystems = []subsystem{ &fs.CpusetGroup{}, &fs.DevicesGroup{}, &fs.MemoryGroup{}, @@ -355,9 +344,9 @@ func (m *legacyManager) GetStats() (*cgroups.Stats, error) { m.mu.Lock() defer m.mu.Unlock() stats := cgroups.NewStats() - for name, path := range m.paths { - sys, err := legacySubsystems.Get(name) - if err == errSubsystemDoesNotExist || !cgroups.PathExists(path) { + for _, sys := range legacySubsystems { + path := m.paths[sys.Name()] + if path == "" { continue } if err := sys.GetStats(path, stats); err != nil { diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/v1_utils.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/v1_utils.go index f8487b0a9770..a94f208616e5 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/v1_utils.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/v1_utils.go @@ -8,6 +8,10 @@ import ( "os" "path/filepath" "strings" + "syscall" + + securejoin "github.com/cyphar/filepath-securejoin" + "golang.org/x/sys/unix" ) // Code in this source file are specific to cgroup v1, @@ -15,6 +19,7 @@ import ( const ( CgroupNamePrefix = "name=" + defaultPrefix = "/sys/fs/cgroup" ) var ( @@ -43,11 +48,59 @@ func IsNotFound(err error) bool { return ok } +func tryDefaultPath(cgroupPath, subsystem string) string { + if !strings.HasPrefix(defaultPrefix, cgroupPath) { + return "" + } + + // remove possible prefix + subsystem = strings.TrimPrefix(subsystem, CgroupNamePrefix) + + // Make sure we're still under defaultPrefix, and resolve + // a possible symlink (like cpu -> cpu,cpuacct). + path, err := securejoin.SecureJoin(defaultPrefix, subsystem) + if err != nil { + return "" + } + + // (1) path should be a directory. + st, err := os.Lstat(path) + if err != nil || !st.IsDir() { + return "" + } + + // (2) path should be a mount point. + pst, err := os.Lstat(filepath.Dir(path)) + if err != nil { + return "" + } + + if st.Sys().(*syscall.Stat_t).Dev == pst.Sys().(*syscall.Stat_t).Dev { + // parent dir has the same dev -- path is not a mount point + return "" + } + + // (3) path should have 'cgroup' fs type. + fst := unix.Statfs_t{} + err = unix.Statfs(path, &fst) + if err != nil || fst.Type != unix.CGROUP_SUPER_MAGIC { + return "" + } + + return path +} + // https://www.kernel.org/doc/Documentation/cgroup-v1/cgroups.txt func FindCgroupMountpoint(cgroupPath, subsystem string) (string, error) { if IsCgroup2UnifiedMode() { return "", errUnified } + + // Avoid parsing mountinfo by trying the default path first, if possible. + if path := tryDefaultPath(cgroupPath, subsystem); path != "" { + return path, nil + } + mnt, _, err := FindCgroupMountpointAndRoot(cgroupPath, subsystem) return mnt, err } @@ -57,9 +110,7 @@ func FindCgroupMountpointAndRoot(cgroupPath, subsystem string) (string, string, return "", "", errUnified } - // We are not using mount.GetMounts() because it's super-inefficient, - // parsing it directly sped up x10 times because of not using Sscanf. - // It was one of two major performance drawbacks in container start. + // Avoid parsing mountinfo by checking if subsystem is valid/available. if !isSubsystemAvailable(subsystem) { return "", "", NewNotFoundError(subsystem) } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/config.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/config.go index ac523b417607..540f0f85d29b 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/configs/config.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/config.go @@ -239,15 +239,6 @@ const ( Poststop = "poststop" ) -// TODO move this to runtime-spec -// See: https://github.com/opencontainers/runtime-spec/pull/1046 -const ( - Creating = "creating" - Created = "created" - Running = "running" - Stopped = "stopped" -) - type Capabilities struct { // Bounding is the set of capabilities checked by the kernel. Bounding []string diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/device.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/device.go index 24c5bbfa6ae8..632bf6ac49cc 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/configs/device.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/device.go @@ -1,20 +1,15 @@ package configs import ( - "errors" "fmt" "os" "strconv" - - "golang.org/x/sys/unix" ) const ( Wildcard = -1 ) -// TODO Windows: This can be factored out in the future - type Device struct { DeviceRule @@ -173,10 +168,3 @@ func (d *DeviceRule) CgroupString() string { } return fmt.Sprintf("%c %s:%s %s", d.Type, major, minor, d.Permissions) } - -func (d *DeviceRule) Mkdev() (uint64, error) { - if d.Major == Wildcard || d.Minor == Wildcard { - return 0, errors.New("cannot mkdev() device with wildcards") - } - return unix.Mkdev(uint32(d.Major), uint32(d.Minor)), nil -} diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/device_unix.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/device_unix.go new file mode 100644 index 000000000000..650c46848a10 --- /dev/null +++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/device_unix.go @@ -0,0 +1,16 @@ +// +build !windows + +package configs + +import ( + "errors" + + "golang.org/x/sys/unix" +) + +func (d *DeviceRule) Mkdev() (uint64, error) { + if d.Major == Wildcard || d.Minor == Wildcard { + return 0, errors.New("cannot mkdev() device with wildcards") + } + return unix.Mkdev(uint32(d.Major), uint32(d.Minor)), nil +} diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/device_windows.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/device_windows.go new file mode 100644 index 000000000000..729289393fe4 --- /dev/null +++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/device_windows.go @@ -0,0 +1,5 @@ +package configs + +func (d *DeviceRule) Mkdev() (uint64, error) { + return 0, nil +} diff --git a/vendor/github.com/opencontainers/runc/libcontainer/container_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/container_linux.go index c5188b1dbbab..e2f64fcb9fe5 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/container_linux.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/container_linux.go @@ -764,6 +764,7 @@ func (c *linuxContainer) checkCriuVersion(minVersion int) error { } criu := criu.MakeCriu() + criu.SetCriuPath(c.criuPath) var err error c.criuVersion, err = criu.GetCriuVersion() if err != nil { @@ -836,6 +837,78 @@ func (c *linuxContainer) handleCriuConfigurationFile(rpcOpts *criurpc.CriuOpts) } } +func (c *linuxContainer) criuSupportsExtNS(t configs.NamespaceType) bool { + var minVersion int + switch t { + case configs.NEWNET: + // CRIU supports different external namespace with different released CRIU versions. + // For network namespaces to work we need at least criu 3.11.0 => 31100. + minVersion = 31100 + case configs.NEWPID: + // For PID namespaces criu 31500 is needed. + minVersion = 31500 + default: + return false + } + return c.checkCriuVersion(minVersion) == nil +} + +func (c *linuxContainer) criuNsToKey(t configs.NamespaceType) string { + return "extRoot" + strings.Title(configs.NsName(t)) + "NS" +} + +func (c *linuxContainer) handleCheckpointingExternalNamespaces(rpcOpts *criurpc.CriuOpts, t configs.NamespaceType) error { + if !c.criuSupportsExtNS(t) { + return nil + } + + nsPath := c.config.Namespaces.PathOf(t) + if nsPath == "" { + return nil + } + // CRIU expects the information about an external namespace + // like this: --external []: + // This is always 'extRootNS'. + var ns unix.Stat_t + if err := unix.Stat(nsPath, &ns); err != nil { + return err + } + criuExternal := fmt.Sprintf("%s[%d]:%s", configs.NsName(t), ns.Ino, c.criuNsToKey(t)) + rpcOpts.External = append(rpcOpts.External, criuExternal) + + return nil +} + +func (c *linuxContainer) handleRestoringExternalNamespaces(rpcOpts *criurpc.CriuOpts, extraFiles *[]*os.File, t configs.NamespaceType) error { + if !c.criuSupportsExtNS(t) { + return nil + } + + nsPath := c.config.Namespaces.PathOf(t) + if nsPath == "" { + return nil + } + // CRIU wants the information about an existing namespace + // like this: --inherit-fd fd[]: + // The needs to be the same as during checkpointing. + // We are always using 'extRootNS' as the key in this. + nsFd, err := os.Open(nsPath) + if err != nil { + logrus.Errorf("If a specific network namespace is defined it must exist: %s", err) + return fmt.Errorf("Requested network namespace %v does not exist", nsPath) + } + inheritFd := new(criurpc.InheritFd) + inheritFd.Key = proto.String(c.criuNsToKey(t)) + // The offset of four is necessary because 0, 1, 2 and 3 is already + // used by stdin, stdout, stderr, 'criu swrk' socket. + inheritFd.Fd = proto.Int32(int32(4 + len(*extraFiles))) + rpcOpts.InheritFd = append(rpcOpts.InheritFd, inheritFd) + // All open FDs need to be transferred to CRIU via extraFiles + *extraFiles = append(*extraFiles, nsFd) + + return nil +} + func (c *linuxContainer) Checkpoint(criuOpts *CriuOpts) error { c.m.Lock() defer c.m.Unlock() @@ -909,25 +982,13 @@ func (c *linuxContainer) Checkpoint(criuOpts *CriuOpts) error { // will expect that the namespace exists during restore. // This basically means that CRIU will ignore the namespace // and expect to be setup correctly. - nsPath := c.config.Namespaces.PathOf(configs.NEWNET) - if nsPath != "" { - // For this to work we need at least criu 3.11.0 => 31100. - // As there was already a successful version check we will - // not error out if it fails. runc will just behave as it used - // to do and ignore external network namespaces. - err := c.checkCriuVersion(31100) - if err == nil { - // CRIU expects the information about an external namespace - // like this: --external net[]: - // This is always 'extRootNetNS'. - var netns unix.Stat_t - err = unix.Stat(nsPath, &netns) - if err != nil { - return err - } - criuExternal := fmt.Sprintf("net[%d]:extRootNetNS", netns.Ino) - rpcOpts.External = append(rpcOpts.External, criuExternal) - } + if err := c.handleCheckpointingExternalNamespaces(&rpcOpts, configs.NEWNET); err != nil { + return err + } + + // Same for possible external PID namespaces + if err := c.handleCheckpointingExternalNamespaces(&rpcOpts, configs.NEWPID); err != nil { + return err } // CRIU can use cgroup freezer; when rpcOpts.FreezeCgroup @@ -1251,33 +1312,13 @@ func (c *linuxContainer) Restore(process *Process, criuOpts *CriuOpts) error { // Same as during checkpointing. If the container has a specific network namespace // assigned to it, this now expects that the checkpoint will be restored in a // already created network namespace. - nsPath := c.config.Namespaces.PathOf(configs.NEWNET) - if nsPath != "" { - // For this to work we need at least criu 3.11.0 => 31100. - // As there was already a successful version check we will - // not error out if it fails. runc will just behave as it used - // to do and ignore external network namespaces. - err := c.checkCriuVersion(31100) - if err == nil { - // CRIU wants the information about an existing network namespace - // like this: --inherit-fd fd[]: - // The needs to be the same as during checkpointing. - // We are always using 'extRootNetNS' as the key in this. - netns, err := os.Open(nsPath) - if err != nil { - logrus.Errorf("If a specific network namespace is defined it must exist: %s", err) - return fmt.Errorf("Requested network namespace %v does not exist", nsPath) - } - defer netns.Close() - inheritFd := new(criurpc.InheritFd) - inheritFd.Key = proto.String("extRootNetNS") - // The offset of four is necessary because 0, 1, 2 and 3 is already - // used by stdin, stdout, stderr, 'criu swrk' socket. - inheritFd.Fd = proto.Int32(int32(4 + len(extraFiles))) - req.Opts.InheritFd = append(req.Opts.InheritFd, inheritFd) - // All open FDs need to be transferred to CRIU via extraFiles - extraFiles = append(extraFiles, netns) - } + if err := c.handleRestoringExternalNamespaces(req.Opts, &extraFiles, configs.NEWNET); err != nil { + return err + } + + // Same for PID namespaces. + if err := c.handleRestoringExternalNamespaces(req.Opts, &extraFiles, configs.NEWPID); err != nil { + return err } // This will modify the rootfs of the container in the same way runc @@ -1345,7 +1386,14 @@ func (c *linuxContainer) Restore(process *Process, criuOpts *CriuOpts) error { req.Opts.InheritFd = append(req.Opts.InheritFd, inheritFd) } } - return c.criuSwrk(process, req, criuOpts, extraFiles) + err = c.criuSwrk(process, req, criuOpts, extraFiles) + + // Now that CRIU is done let's close all opened FDs CRIU needed. + for _, fd := range extraFiles { + fd.Close() + } + + return err } func (c *linuxContainer) criuApplyCgroups(pid int, req *criurpc.CriuReq) error { @@ -1863,7 +1911,7 @@ func (c *linuxContainer) currentOCIState() (*specs.State, error) { if err != nil { return nil, err } - state.Status = status.String() + state.Status = specs.ContainerState(status.String()) if status != Stopped { if c.initProcess != nil { state.Pid = c.initProcess.pid() diff --git a/vendor/github.com/opencontainers/runc/libcontainer/process_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/process_linux.go index 028fe8ab5e2a..cb8c724a206e 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/process_linux.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/process_linux.go @@ -19,7 +19,7 @@ import ( "github.com/opencontainers/runc/libcontainer/logs" "github.com/opencontainers/runc/libcontainer/system" "github.com/opencontainers/runc/libcontainer/utils" - + "github.com/opencontainers/runtime-spec/specs-go" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" ) @@ -400,7 +400,7 @@ func (p *initProcess) start() (retErr error) { } // initProcessStartTime hasn't been set yet. s.Pid = p.cmd.Process.Pid - s.Status = configs.Creating + s.Status = specs.StateCreating hooks := p.config.Config.Hooks if err := hooks[configs.Prestart].RunHooks(s); err != nil { @@ -433,7 +433,7 @@ func (p *initProcess) start() (retErr error) { } // initProcessStartTime hasn't been set yet. s.Pid = p.cmd.Process.Pid - s.Status = configs.Creating + s.Status = specs.StateCreating hooks := p.config.Config.Hooks if err := hooks[configs.Prestart].RunHooks(s); err != nil { diff --git a/vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go index b8e792fbb32f..e00df0a2c123 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go @@ -20,6 +20,7 @@ import ( "github.com/opencontainers/runc/libcontainer/configs" "github.com/opencontainers/runc/libcontainer/system" libcontainerUtils "github.com/opencontainers/runc/libcontainer/utils" + "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/selinux/go-selinux/label" "golang.org/x/sys/unix" @@ -100,7 +101,7 @@ func prepareRootfs(pipe io.ReadWriter, iConfig *initConfig) (err error) { s := iConfig.SpecState s.Pid = unix.Getpid() - s.Status = configs.Creating + s.Status = specs.StateCreating if err := iConfig.Config.Hooks[configs.CreateContainer].RunHooks(s); err != nil { return err } @@ -110,7 +111,7 @@ func prepareRootfs(pipe io.ReadWriter, iConfig *initConfig) (err error) { } else if config.Namespaces.Contains(configs.NEWNS) { err = pivotRoot(config.Rootfs) } else { - err = chroot(config.Rootfs) + err = chroot() } if err != nil { return newSystemErrorWithCause(err, "jailing process inside rootfs") @@ -836,10 +837,10 @@ func msMoveRoot(rootfs string) error { if err := unix.Mount(rootfs, "/", "", unix.MS_MOVE, ""); err != nil { return err } - return chroot(rootfs) + return chroot() } -func chroot(rootfs string) error { +func chroot() error { if err := unix.Chroot("."); err != nil { return err } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go index 08e6b4718a48..b20ce1485f8c 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go @@ -13,9 +13,9 @@ import ( "github.com/opencontainers/runc/libcontainer/keys" "github.com/opencontainers/runc/libcontainer/seccomp" "github.com/opencontainers/runc/libcontainer/system" + "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/selinux/go-selinux" "github.com/pkg/errors" - "golang.org/x/sys/unix" ) @@ -210,7 +210,7 @@ func (l *linuxStandardInit) Init() error { s := l.config.SpecState s.Pid = unix.Getpid() - s.Status = configs.Created + s.Status = specs.StateCreated if err := l.config.Config.Hooks[configs.StartContainer].RunHooks(s); err != nil { return err } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/state_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/state_linux.go index aa800c360088..0deb22d1f940 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/state_linux.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/state_linux.go @@ -8,7 +8,7 @@ import ( "path/filepath" "github.com/opencontainers/runc/libcontainer/configs" - + "github.com/opencontainers/runtime-spec/specs-go" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" ) @@ -70,7 +70,7 @@ func runPoststopHooks(c *linuxContainer) error { if err != nil { return err } - s.Status = configs.Stopped + s.Status = specs.StateStopped if err := hooks[configs.Poststop].RunHooks(s); err != nil { return err diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go index 7b60f8bb3b28..3dc9efd23e68 100644 --- a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go +++ b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go @@ -90,7 +90,7 @@ type User struct { // GID is the group id. GID uint32 `json:"gid" platform:"linux,solaris"` // Umask is the umask for the init process. - Umask uint32 `json:"umask,omitempty" platform:"linux,solaris"` + Umask *uint32 `json:"umask,omitempty" platform:"linux,solaris"` // AdditionalGids are additional group ids set for the container's process. AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux,solaris"` // Username is the user name. @@ -635,12 +635,13 @@ type LinuxSeccompAction string // Define actions for Seccomp rules const ( - ActKill LinuxSeccompAction = "SCMP_ACT_KILL" - ActTrap LinuxSeccompAction = "SCMP_ACT_TRAP" - ActErrno LinuxSeccompAction = "SCMP_ACT_ERRNO" - ActTrace LinuxSeccompAction = "SCMP_ACT_TRACE" - ActAllow LinuxSeccompAction = "SCMP_ACT_ALLOW" - ActLog LinuxSeccompAction = "SCMP_ACT_LOG" + ActKill LinuxSeccompAction = "SCMP_ACT_KILL" + ActKillProcess LinuxSeccompAction = "SCMP_ACT_KILL_PROCESS" + ActTrap LinuxSeccompAction = "SCMP_ACT_TRAP" + ActErrno LinuxSeccompAction = "SCMP_ACT_ERRNO" + ActTrace LinuxSeccompAction = "SCMP_ACT_TRACE" + ActAllow LinuxSeccompAction = "SCMP_ACT_ALLOW" + ActLog LinuxSeccompAction = "SCMP_ACT_LOG" ) // LinuxSeccompOperator used to match syscall arguments in Seccomp diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go index 89dce34be206..e2e64c663112 100644 --- a/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go +++ b/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go @@ -1,5 +1,23 @@ package specs +// ContainerState represents the state of a container. +type ContainerState string + +const ( + // StateCreating indicates that the container is being created + StateCreating ContainerState = "creating" + + // StateCreated indicates that the runtime has finished the create operation + StateCreated ContainerState = "created" + + // StateRunning indicates that the container process has executed the + // user-specified program but has not exited + StateRunning ContainerState = "running" + + // StateStopped indicates that the container process has exited + StateStopped ContainerState = "stopped" +) + // State holds information about the runtime state of the container. type State struct { // Version is the version of the specification that is supported. @@ -7,7 +25,7 @@ type State struct { // ID is the container ID ID string `json:"id"` // Status is the runtime status of the container. - Status string `json:"status"` + Status ContainerState `json:"status"` // Pid is the process ID for the container process. Pid int `json:"pid,omitempty"` // Bundle is the path to the container's bundle directory. diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/doc.go b/vendor/github.com/opencontainers/selinux/go-selinux/doc.go new file mode 100644 index 000000000000..79a8e6446db6 --- /dev/null +++ b/vendor/github.com/opencontainers/selinux/go-selinux/doc.go @@ -0,0 +1,21 @@ +/* +Package selinux provides a high-level interface for interacting with selinux. + +This package uses a selinux build tag to enable the selinux functionality. This +allows non-linux and linux users who do not have selinux support to still use +tools that rely on this library. + +To compile with full selinux support use the -tags=selinux option in your build +and test commands. + +Usage: + + import "github.com/opencontainers/selinux/go-selinux" + + // Ensure that selinux is enforcing mode. + if selinux.EnforceMode() != selinux.Enforcing { + selinux.SetEnforceMode(selinux.Enforcing) + } + +*/ +package selinux diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux.go b/vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux.go index 779e2e3a84e0..10ac15a8524d 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux.go +++ b/vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux.go @@ -73,9 +73,9 @@ func InitLabels(options []string) (plabel string, mlabel string, Err error) { selinux.ReleaseLabel(processLabel) } processLabel = pcon.Get() - mountLabel = mcon.Get() selinux.ReserveLabel(processLabel) } + mountLabel = mcon.Get() } return processLabel, mountLabel, nil } diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/label/label_stub.go b/vendor/github.com/opencontainers/selinux/go-selinux/label/label_stub.go index c2bdd35d73d8..a7d2d5e342bb 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/label/label_stub.go +++ b/vendor/github.com/opencontainers/selinux/go-selinux/label/label_stub.go @@ -30,7 +30,6 @@ func Relabel(path string, fileLabel string, shared bool) error { // DisableSecOpt returns a security opt that can disable labeling // support for future container processes func DisableSecOpt() []string { - // TODO the selinux.DisableSecOpt stub returns []string{"disable"} instead of "nil" return nil } diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go b/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go new file mode 100644 index 000000000000..50760dc93e76 --- /dev/null +++ b/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go @@ -0,0 +1,249 @@ +package selinux + +import ( + "github.com/pkg/errors" +) + +const ( + // Enforcing constant indicate SELinux is in enforcing mode + Enforcing = 1 + // Permissive constant to indicate SELinux is in permissive mode + Permissive = 0 + // Disabled constant to indicate SELinux is disabled + Disabled = -1 + + // DefaultCategoryRange is the upper bound on the category range + DefaultCategoryRange = uint32(1024) +) + +var ( + // ErrMCSAlreadyExists is returned when trying to allocate a duplicate MCS. + ErrMCSAlreadyExists = errors.New("MCS label already exists") + // ErrEmptyPath is returned when an empty path has been specified. + ErrEmptyPath = errors.New("empty path") + + // InvalidLabel is returned when an invalid label is specified. + InvalidLabel = errors.New("Invalid Label") + + // ErrIncomparable is returned two levels are not comparable + ErrIncomparable = errors.New("incomparable levels") + // ErrLevelSyntax is returned when a sensitivity or category do not have correct syntax in a level + ErrLevelSyntax = errors.New("invalid level syntax") + + // CategoryRange allows the upper bound on the category range to be adjusted + CategoryRange = DefaultCategoryRange +) + +// Context is a representation of the SELinux label broken into 4 parts +type Context map[string]string + +// SetDisabled disables SELinux support for the package +func SetDisabled() { + setDisabled() +} + +// GetEnabled returns whether SELinux is currently enabled. +func GetEnabled() bool { + return getEnabled() +} + +// ClassIndex returns the int index for an object class in the loaded policy, +// or -1 and an error +func ClassIndex(class string) (int, error) { + return classIndex(class) +} + +// SetFileLabel sets the SELinux label for this path or returns an error. +func SetFileLabel(fpath string, label string) error { + return setFileLabel(fpath, label) +} + +// FileLabel returns the SELinux label for this path or returns an error. +func FileLabel(fpath string) (string, error) { + return fileLabel(fpath) +} + +// SetFSCreateLabel tells kernel the label to create all file system objects +// created by this task. Setting label="" to return to default. +func SetFSCreateLabel(label string) error { + return setFSCreateLabel(label) +} + +// FSCreateLabel returns the default label the kernel which the kernel is using +// for file system objects created by this task. "" indicates default. +func FSCreateLabel() (string, error) { + return fsCreateLabel() +} + +// CurrentLabel returns the SELinux label of the current process thread, or an error. +func CurrentLabel() (string, error) { + return currentLabel() +} + +// PidLabel returns the SELinux label of the given pid, or an error. +func PidLabel(pid int) (string, error) { + return pidLabel(pid) +} + +// ExecLabel returns the SELinux label that the kernel will use for any programs +// that are executed by the current process thread, or an error. +func ExecLabel() (string, error) { + return execLabel() +} + +// CanonicalizeContext takes a context string and writes it to the kernel +// the function then returns the context that the kernel will use. Use this +// function to check if two contexts are equivalent +func CanonicalizeContext(val string) (string, error) { + return canonicalizeContext(val) +} + +// ComputeCreateContext requests the type transition from source to target for +// class from the kernel. +func ComputeCreateContext(source string, target string, class string) (string, error) { + return computeCreateContext(source, target, class) +} + +// CalculateGlbLub computes the glb (greatest lower bound) and lub (least upper bound) +// of a source and target range. +// The glblub is calculated as the greater of the low sensitivities and +// the lower of the high sensitivities and the and of each category bitset. +func CalculateGlbLub(sourceRange, targetRange string) (string, error) { + return calculateGlbLub(sourceRange, targetRange) +} + +// SetExecLabel sets the SELinux label that the kernel will use for any programs +// that are executed by the current process thread, or an error. +func SetExecLabel(label string) error { + return setExecLabel(label) +} + +// SetTaskLabel sets the SELinux label for the current thread, or an error. +// This requires the dyntransition permission. +func SetTaskLabel(label string) error { + return setTaskLabel(label) +} + +// SetSocketLabel takes a process label and tells the kernel to assign the +// label to the next socket that gets created +func SetSocketLabel(label string) error { + return setSocketLabel(label) +} + +// SocketLabel retrieves the current socket label setting +func SocketLabel() (string, error) { + return socketLabel() +} + +// PeerLabel retrieves the label of the client on the other side of a socket +func PeerLabel(fd uintptr) (string, error) { + return peerLabel(fd) +} + +// SetKeyLabel takes a process label and tells the kernel to assign the +// label to the next kernel keyring that gets created +func SetKeyLabel(label string) error { + return setKeyLabel(label) +} + +// KeyLabel retrieves the current kernel keyring label setting +func KeyLabel() (string, error) { + return keyLabel() +} + +// Get returns the Context as a string +func (c Context) Get() string { + return c.get() +} + +// NewContext creates a new Context struct from the specified label +func NewContext(label string) (Context, error) { + return newContext(label) +} + +// ClearLabels clears all reserved labels +func ClearLabels() { + clearLabels() +} + +// ReserveLabel reserves the MLS/MCS level component of the specified label +func ReserveLabel(label string) { + reserveLabel(label) +} + +// EnforceMode returns the current SELinux mode Enforcing, Permissive, Disabled +func EnforceMode() int { + return enforceMode() +} + +// SetEnforceMode sets the current SELinux mode Enforcing, Permissive. +// Disabled is not valid, since this needs to be set at boot time. +func SetEnforceMode(mode int) error { + return setEnforceMode(mode) +} + +// DefaultEnforceMode returns the systems default SELinux mode Enforcing, +// Permissive or Disabled. Note this is is just the default at boot time. +// EnforceMode tells you the systems current mode. +func DefaultEnforceMode() int { + return defaultEnforceMode() +} + +// ReleaseLabel un-reserves the MLS/MCS Level field of the specified label, +// allowing it to be used by another process. +func ReleaseLabel(label string) { + releaseLabel(label) +} + +// ROFileLabel returns the specified SELinux readonly file label +func ROFileLabel() string { + return roFileLabel() +} + +// KVMContainerLabels returns the default processLabel and mountLabel to be used +// for kvm containers by the calling process. +func KVMContainerLabels() (string, string) { + return kvmContainerLabels() +} + +// InitContainerLabels returns the default processLabel and file labels to be +// used for containers running an init system like systemd by the calling process. +func InitContainerLabels() (string, string) { + return initContainerLabels() +} + +// ContainerLabels returns an allocated processLabel and fileLabel to be used for +// container labeling by the calling process. +func ContainerLabels() (processLabel string, fileLabel string) { + return containerLabels() +} + +// SecurityCheckContext validates that the SELinux label is understood by the kernel +func SecurityCheckContext(val string) error { + return securityCheckContext(val) +} + +// CopyLevel returns a label with the MLS/MCS level from src label replaced on +// the dest label. +func CopyLevel(src, dest string) (string, error) { + return copyLevel(src, dest) +} + +// Chcon changes the fpath file object to the SELinux label label. +// If fpath is a directory and recurse is true, then Chcon walks the +// directory tree setting the label. +func Chcon(fpath string, label string, recurse bool) error { + return chcon(fpath, label, recurse) +} + +// DupSecOpt takes an SELinux process label and returns security options that +// can be used to set the SELinux Type and Level for future container processes. +func DupSecOpt(src string) ([]string, error) { + return dupSecOpt(src) +} + +// DisableSecOpt returns a security opt that can be used to disable SELinux +// labeling support for future container processes. +func DisableSecOpt() []string { + return disableSecOpt() +} diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go index 9c979e5e2cdb..d6b0d49db658 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go +++ b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go @@ -20,17 +20,12 @@ import ( "github.com/opencontainers/selinux/pkg/pwalk" "github.com/pkg/errors" + "github.com/willf/bitset" "golang.org/x/sys/unix" ) const ( - // Enforcing constant indicate SELinux is in enforcing mode - Enforcing = 1 - // Permissive constant to indicate SELinux is in permissive mode - Permissive = 0 - // Disabled constant to indicate SELinux is disabled - Disabled = -1 - + minSensLen = 2 contextFile = "/usr/share/containers/selinux/contexts" selinuxDir = "/etc/selinux/" selinuxConfig = selinuxDir + "config" @@ -49,17 +44,27 @@ type selinuxState struct { sync.Mutex } +type level struct { + sens uint + cats *bitset.BitSet +} + +type mlsRange struct { + low *level + high *level +} + +type levelItem byte + +const ( + sensitivity levelItem = 's' + category levelItem = 'c' +) + var ( - // ErrMCSAlreadyExists is returned when trying to allocate a duplicate MCS. - ErrMCSAlreadyExists = errors.New("MCS label already exists") - // ErrEmptyPath is returned when an empty path has been specified. - ErrEmptyPath = errors.New("empty path") - // InvalidLabel is returned when an invalid label is specified. - InvalidLabel = errors.New("Invalid Label") - - assignRegex = regexp.MustCompile(`^([^=]+)=(.*)$`) - roFileLabel string - state = selinuxState{ + assignRegex = regexp.MustCompile(`^([^=]+)=(.*)$`) + readOnlyFileLabel string + state = selinuxState{ mcsList: make(map[string]bool), } @@ -68,9 +73,6 @@ var ( haveThreadSelf bool ) -// Context is a representation of the SELinux label broken into 4 parts -type Context map[string]string - func (s *selinuxState) setEnable(enabled bool) bool { s.Lock() defer s.Unlock() @@ -97,8 +99,8 @@ func (s *selinuxState) getEnabled() bool { return s.setEnable(enabled) } -// SetDisabled disables selinux support for the package -func SetDisabled() { +// setDisabled disables SELinux support for the package +func setDisabled() { state.setEnable(false) } @@ -190,15 +192,15 @@ func (s *selinuxState) getSELinuxfs() string { // getSelinuxMountPoint returns the path to the mountpoint of an selinuxfs // filesystem or an empty string if no mountpoint is found. Selinuxfs is -// a proc-like pseudo-filesystem that exposes the selinux policy API to +// a proc-like pseudo-filesystem that exposes the SELinux policy API to // processes. The existence of an selinuxfs mount is used to determine -// whether selinux is currently enabled or not. +// whether SELinux is currently enabled or not. func getSelinuxMountPoint() string { return state.getSELinuxfs() } -// GetEnabled returns whether selinux is currently enabled. -func GetEnabled() bool { +// getEnabled returns whether SELinux is currently enabled. +func getEnabled() bool { return state.getEnabled() } @@ -282,8 +284,9 @@ func readCon(fpath string) (string, error) { return strings.Trim(retval, "\x00"), nil } -// ClassIndex returns the int index for an object class in the loaded policy, or -1 and an error -func ClassIndex(class string) (int, error) { +// classIndex returns the int index for an object class in the loaded policy, +// or -1 and an error +func classIndex(class string) (int, error) { permpath := fmt.Sprintf("class/%s/index", class) indexpath := filepath.Join(getSelinuxMountPoint(), permpath) @@ -299,8 +302,8 @@ func ClassIndex(class string) (int, error) { return index, nil } -// SetFileLabel sets the SELinux label for this path or returns an error. -func SetFileLabel(fpath string, label string) error { +// setFileLabel sets the SELinux label for this path or returns an error. +func setFileLabel(fpath string, label string) error { if fpath == "" { return ErrEmptyPath } @@ -310,8 +313,8 @@ func SetFileLabel(fpath string, label string) error { return nil } -// FileLabel returns the SELinux label for this path or returns an error. -func FileLabel(fpath string) (string, error) { +// fileLabel returns the SELinux label for this path or returns an error. +func fileLabel(fpath string) (string, error) { if fpath == "" { return "", ErrEmptyPath } @@ -327,37 +330,31 @@ func FileLabel(fpath string) (string, error) { return string(label), nil } -/* -SetFSCreateLabel tells kernel the label to create all file system objects -created by this task. Setting label="" to return to default. -*/ -func SetFSCreateLabel(label string) error { +// setFSCreateLabel tells kernel the label to create all file system objects +// created by this task. Setting label="" to return to default. +func setFSCreateLabel(label string) error { return writeAttr("fscreate", label) } -/* -FSCreateLabel returns the default label the kernel which the kernel is using -for file system objects created by this task. "" indicates default. -*/ -func FSCreateLabel() (string, error) { +// fsCreateLabel returns the default label the kernel which the kernel is using +// for file system objects created by this task. "" indicates default. +func fsCreateLabel() (string, error) { return readAttr("fscreate") } -// CurrentLabel returns the SELinux label of the current process thread, or an error. -func CurrentLabel() (string, error) { +// currentLabel returns the SELinux label of the current process thread, or an error. +func currentLabel() (string, error) { return readAttr("current") } -// PidLabel returns the SELinux label of the given pid, or an error. -func PidLabel(pid int) (string, error) { +// pidLabel returns the SELinux label of the given pid, or an error. +func pidLabel(pid int) (string, error) { return readCon(fmt.Sprintf("/proc/%d/attr/current", pid)) } -/* -ExecLabel returns the SELinux label that the kernel will use for any programs -that are executed by the current process thread, or an error. -*/ -func ExecLabel() (string, error) { +// ExecLabel returns the SELinux label that the kernel will use for any programs +// that are executed by the current process thread, or an error. +func execLabel() (string, error) { return readAttr("exec") } @@ -366,7 +363,7 @@ func writeCon(fpath, val string) error { return ErrEmptyPath } if val == "" { - if !GetEnabled() { + if !getEnabled() { return nil } } @@ -418,20 +415,17 @@ func writeAttr(attr, val string) error { return writeCon(attrPath(attr), val) } -/* -CanonicalizeContext takes a context string and writes it to the kernel -the function then returns the context that the kernel will use. This function -can be used to see if two contexts are equivalent -*/ -func CanonicalizeContext(val string) (string, error) { +// canonicalizeContext takes a context string and writes it to the kernel +// the function then returns the context that the kernel will use. Use this +// function to check if two contexts are equivalent +func canonicalizeContext(val string) (string, error) { return readWriteCon(filepath.Join(getSelinuxMountPoint(), "context"), val) } -/* -ComputeCreateContext requests the type transition from source to target for class from the kernel. -*/ -func ComputeCreateContext(source string, target string, class string) (string, error) { - classidx, err := ClassIndex(class) +// computeCreateContext requests the type transition from source to target for +// class from the kernel. +func computeCreateContext(source string, target string, class string) (string, error) { + classidx, err := classIndex(class) if err != nil { return "", err } @@ -439,6 +433,217 @@ func ComputeCreateContext(source string, target string, class string) (string, e return readWriteCon(filepath.Join(getSelinuxMountPoint(), "create"), fmt.Sprintf("%s %s %d", source, target, classidx)) } +// catsToBitset stores categories in a bitset. +func catsToBitset(cats string) (*bitset.BitSet, error) { + bitset := &bitset.BitSet{} + + catlist := strings.Split(cats, ",") + for _, r := range catlist { + ranges := strings.SplitN(r, ".", 2) + if len(ranges) > 1 { + catstart, err := parseLevelItem(ranges[0], category) + if err != nil { + return nil, err + } + catend, err := parseLevelItem(ranges[1], category) + if err != nil { + return nil, err + } + for i := catstart; i <= catend; i++ { + bitset.Set(i) + } + } else { + cat, err := parseLevelItem(ranges[0], category) + if err != nil { + return nil, err + } + bitset.Set(cat) + } + } + + return bitset, nil +} + +// parseLevelItem parses and verifies that a sensitivity or category are valid +func parseLevelItem(s string, sep levelItem) (uint, error) { + if len(s) < minSensLen || levelItem(s[0]) != sep { + return 0, ErrLevelSyntax + } + val, err := strconv.ParseUint(s[1:], 10, 32) + if err != nil { + return 0, err + } + + return uint(val), nil +} + +// parseLevel fills a level from a string that contains +// a sensitivity and categories +func (l *level) parseLevel(levelStr string) error { + lvl := strings.SplitN(levelStr, ":", 2) + sens, err := parseLevelItem(lvl[0], sensitivity) + if err != nil { + return errors.Wrap(err, "failed to parse sensitivity") + } + l.sens = sens + if len(lvl) > 1 { + cats, err := catsToBitset(lvl[1]) + if err != nil { + return errors.Wrap(err, "failed to parse categories") + } + l.cats = cats + } + + return nil +} + +// rangeStrToMLSRange marshals a string representation of a range. +func rangeStrToMLSRange(rangeStr string) (*mlsRange, error) { + mlsRange := &mlsRange{} + levelSlice := strings.SplitN(rangeStr, "-", 2) + + switch len(levelSlice) { + // rangeStr that has a low and a high level, e.g. s4:c0.c1023-s6:c0.c1023 + case 2: + mlsRange.high = &level{} + if err := mlsRange.high.parseLevel(levelSlice[1]); err != nil { + return nil, errors.Wrapf(err, "failed to parse high level %q", levelSlice[1]) + } + fallthrough + // rangeStr that is single level, e.g. s6:c0,c3,c5,c30.c1023 + case 1: + mlsRange.low = &level{} + if err := mlsRange.low.parseLevel(levelSlice[0]); err != nil { + return nil, errors.Wrapf(err, "failed to parse low level %q", levelSlice[0]) + } + } + + if mlsRange.high == nil { + mlsRange.high = mlsRange.low + } + + return mlsRange, nil +} + +// bitsetToStr takes a category bitset and returns it in the +// canonical selinux syntax +func bitsetToStr(c *bitset.BitSet) string { + var str string + i, e := c.NextSet(0) + len := 0 + for e { + if len == 0 { + if str != "" { + str += "," + } + str += "c" + strconv.Itoa(int(i)) + } + + next, e := c.NextSet(i + 1) + if e { + // consecutive cats + if next == i+1 { + len++ + i = next + continue + } + } + if len == 1 { + str += ",c" + strconv.Itoa(int(i)) + } else if len > 1 { + str += ".c" + strconv.Itoa(int(i)) + } + if !e { + break + } + len = 0 + i = next + } + + return str +} + +func (l1 *level) equal(l2 *level) bool { + if l2 == nil || l1 == nil { + return l1 == l2 + } + if l1.sens != l2.sens { + return false + } + return l1.cats.Equal(l2.cats) +} + +// String returns an mlsRange as a string. +func (m mlsRange) String() string { + low := "s" + strconv.Itoa(int(m.low.sens)) + if m.low.cats != nil && m.low.cats.Count() > 0 { + low += ":" + bitsetToStr(m.low.cats) + } + + if m.low.equal(m.high) { + return low + } + + high := "s" + strconv.Itoa(int(m.high.sens)) + if m.high.cats != nil && m.high.cats.Count() > 0 { + high += ":" + bitsetToStr(m.high.cats) + } + + return low + "-" + high +} + +func max(a, b uint) uint { + if a > b { + return a + } + return b +} + +func min(a, b uint) uint { + if a < b { + return a + } + return b +} + +// calculateGlbLub computes the glb (greatest lower bound) and lub (least upper bound) +// of a source and target range. +// The glblub is calculated as the greater of the low sensitivities and +// the lower of the high sensitivities and the and of each category bitset. +func calculateGlbLub(sourceRange, targetRange string) (string, error) { + s, err := rangeStrToMLSRange(sourceRange) + if err != nil { + return "", err + } + t, err := rangeStrToMLSRange(targetRange) + if err != nil { + return "", err + } + + if s.high.sens < t.low.sens || t.high.sens < s.low.sens { + /* these ranges have no common sensitivities */ + return "", ErrIncomparable + } + + outrange := &mlsRange{low: &level{}, high: &level{}} + + /* take the greatest of the low */ + outrange.low.sens = max(s.low.sens, t.low.sens) + + /* take the least of the high */ + outrange.high.sens = min(s.high.sens, t.high.sens) + + /* find the intersecting categories */ + if s.low.cats != nil && t.low.cats != nil { + outrange.low.cats = s.low.cats.Intersection(t.low.cats) + } + if s.high.cats != nil && t.high.cats != nil { + outrange.high.cats = s.high.cats.Intersection(t.high.cats) + } + + return outrange.String(), nil +} + func readWriteCon(fpath string, val string) (string, error) { if fpath == "" { return "", ErrEmptyPath @@ -461,41 +666,37 @@ func readWriteCon(fpath string, val string) (string, error) { return strings.Trim(retval, "\x00"), nil } -/* -SetExecLabel sets the SELinux label that the kernel will use for any programs -that are executed by the current process thread, or an error. -*/ -func SetExecLabel(label string) error { +// setExecLabel sets the SELinux label that the kernel will use for any programs +// that are executed by the current process thread, or an error. +func setExecLabel(label string) error { return writeAttr("exec", label) } -/* -SetTaskLabel sets the SELinux label for the current thread, or an error. -This requires the dyntransition permission. -*/ -func SetTaskLabel(label string) error { +// setTaskLabel sets the SELinux label for the current thread, or an error. +// This requires the dyntransition permission. +func setTaskLabel(label string) error { return writeAttr("current", label) } -// SetSocketLabel takes a process label and tells the kernel to assign the +// setSocketLabel takes a process label and tells the kernel to assign the // label to the next socket that gets created -func SetSocketLabel(label string) error { +func setSocketLabel(label string) error { return writeAttr("sockcreate", label) } -// SocketLabel retrieves the current socket label setting -func SocketLabel() (string, error) { +// socketLabel retrieves the current socket label setting +func socketLabel() (string, error) { return readAttr("sockcreate") } -// PeerLabel retrieves the label of the client on the other side of a socket -func PeerLabel(fd uintptr) (string, error) { +// peerLabel retrieves the label of the client on the other side of a socket +func peerLabel(fd uintptr) (string, error) { return unix.GetsockoptString(int(fd), unix.SOL_SOCKET, unix.SO_PEERSEC) } -// SetKeyLabel takes a process label and tells the kernel to assign the +// setKeyLabel takes a process label and tells the kernel to assign the // label to the next kernel keyring that gets created -func SetKeyLabel(label string) error { +func setKeyLabel(label string) error { err := writeCon("/proc/self/attr/keycreate", label) if os.IsNotExist(errors.Cause(err)) { return nil @@ -506,21 +707,21 @@ func SetKeyLabel(label string) error { return err } -// KeyLabel retrieves the current kernel keyring label setting -func KeyLabel() (string, error) { +// keyLabel retrieves the current kernel keyring label setting +func keyLabel() (string, error) { return readCon("/proc/self/attr/keycreate") } -// Get returns the Context as a string -func (c Context) Get() string { +// get returns the Context as a string +func (c Context) get() string { if c["level"] != "" { return fmt.Sprintf("%s:%s:%s:%s", c["user"], c["role"], c["type"], c["level"]) } return fmt.Sprintf("%s:%s:%s", c["user"], c["role"], c["type"]) } -// NewContext creates a new Context struct from the specified label -func NewContext(label string) (Context, error) { +// newContext creates a new Context struct from the specified label +func newContext(label string) (Context, error) { c := make(Context) if len(label) != 0 { @@ -538,15 +739,15 @@ func NewContext(label string) (Context, error) { return c, nil } -// ClearLabels clears all reserved labels -func ClearLabels() { +// clearLabels clears all reserved labels +func clearLabels() { state.Lock() state.mcsList = make(map[string]bool) state.Unlock() } -// ReserveLabel reserves the MLS/MCS level component of the specified label -func ReserveLabel(label string) { +// reserveLabel reserves the MLS/MCS level component of the specified label +func reserveLabel(label string) { if len(label) != 0 { con := strings.SplitN(label, ":", 4) if len(con) > 3 { @@ -559,8 +760,8 @@ func selinuxEnforcePath() string { return path.Join(getSelinuxMountPoint(), "enforce") } -// EnforceMode returns the current SELinux mode Enforcing, Permissive, Disabled -func EnforceMode() int { +// enforceMode returns the current SELinux mode Enforcing, Permissive, Disabled +func enforceMode() int { var enforce int enforceB, err := ioutil.ReadFile(selinuxEnforcePath()) @@ -574,20 +775,16 @@ func EnforceMode() int { return enforce } -/* -SetEnforceMode sets the current SELinux mode Enforcing, Permissive. -Disabled is not valid, since this needs to be set at boot time. -*/ -func SetEnforceMode(mode int) error { +// setEnforceMode sets the current SELinux mode Enforcing, Permissive. +// Disabled is not valid, since this needs to be set at boot time. +func setEnforceMode(mode int) error { return ioutil.WriteFile(selinuxEnforcePath(), []byte(strconv.Itoa(mode)), 0644) } -/* -DefaultEnforceMode returns the systems default SELinux mode Enforcing, -Permissive or Disabled. Note this is is just the default at boot time. -EnforceMode tells you the systems current mode. -*/ -func DefaultEnforceMode() int { +// defaultEnforceMode returns the systems default SELinux mode Enforcing, +// Permissive or Disabled. Note this is is just the default at boot time. +// EnforceMode tells you the systems current mode. +func defaultEnforceMode() int { switch readConfig(selinuxTag) { case "enforcing": return Enforcing @@ -667,11 +864,9 @@ func uniqMcs(catRange uint32) string { return mcs } -/* -ReleaseLabel will unreserve the MLS/MCS Level field of the specified label. -Allowing it to be used by another process. -*/ -func ReleaseLabel(label string) { +// releaseLabel un-reserves the MLS/MCS Level field of the specified label, +// allowing it to be used by another process. +func releaseLabel(label string) { if len(label) != 0 { con := strings.SplitN(label, ":", 4) if len(con) > 3 { @@ -680,9 +875,9 @@ func ReleaseLabel(label string) { } } -// ROFileLabel returns the specified SELinux readonly file label -func ROFileLabel() string { - return roFileLabel +// roFileLabel returns the specified SELinux readonly file label +func roFileLabel() string { + return readOnlyFileLabel } func openContextFile() (*os.File, error) { @@ -737,11 +932,9 @@ func loadLabels() map[string]string { return labels } -/* -KVMContainerLabels returns the default processLabel and mountLabel to be used -for kvm containers by the calling process. -*/ -func KVMContainerLabels() (string, string) { +// kvmContainerLabels returns the default processLabel and mountLabel to be used +// for kvm containers by the calling process. +func kvmContainerLabels() (string, string) { processLabel := labels["kvm_process"] if processLabel == "" { processLabel = labels["process"] @@ -750,11 +943,9 @@ func KVMContainerLabels() (string, string) { return addMcs(processLabel, labels["file"]) } -/* -InitContainerLabels returns the default processLabel and file labels to be -used for containers running an init system like systemd by the calling process. -*/ -func InitContainerLabels() (string, string) { +// initContainerLabels returns the default processLabel and file labels to be +// used for containers running an init system like systemd by the calling process. +func initContainerLabels() (string, string) { processLabel := labels["init_process"] if processLabel == "" { processLabel = labels["process"] @@ -763,25 +954,23 @@ func InitContainerLabels() (string, string) { return addMcs(processLabel, labels["file"]) } -/* -ContainerLabels returns an allocated processLabel and fileLabel to be used for -container labeling by the calling process. -*/ -func ContainerLabels() (processLabel string, fileLabel string) { - if !GetEnabled() { +// containerLabels returns an allocated processLabel and fileLabel to be used for +// container labeling by the calling process. +func containerLabels() (processLabel string, fileLabel string) { + if !getEnabled() { return "", "" } processLabel = labels["process"] fileLabel = labels["file"] - roFileLabel = labels["ro_file"] + readOnlyFileLabel = labels["ro_file"] if processLabel == "" || fileLabel == "" { return "", fileLabel } - if roFileLabel == "" { - roFileLabel = fileLabel + if readOnlyFileLabel == "" { + readOnlyFileLabel = fileLabel } return addMcs(processLabel, fileLabel) @@ -790,7 +979,7 @@ func ContainerLabels() (processLabel string, fileLabel string) { func addMcs(processLabel, fileLabel string) (string, string) { scon, _ := NewContext(processLabel) if scon["level"] != "" { - mcs := uniqMcs(1024) + mcs := uniqMcs(CategoryRange) scon["level"] = mcs processLabel = scon.Get() scon, _ = NewContext(fileLabel) @@ -800,16 +989,14 @@ func addMcs(processLabel, fileLabel string) (string, string) { return processLabel, fileLabel } -// SecurityCheckContext validates that the SELinux label is understood by the kernel -func SecurityCheckContext(val string) error { +// securityCheckContext validates that the SELinux label is understood by the kernel +func securityCheckContext(val string) error { return ioutil.WriteFile(path.Join(getSelinuxMountPoint(), "context"), []byte(val), 0644) } -/* -CopyLevel returns a label with the MLS/MCS level from src label replaced on -the dest label. -*/ -func CopyLevel(src, dest string) (string, error) { +// copyLevel returns a label with the MLS/MCS level from src label replaced on +// the dest label. +func copyLevel(src, dest string) (string, error) { if src == "" { return "", nil } @@ -833,7 +1020,7 @@ func CopyLevel(src, dest string) (string, error) { return tcon.Get(), nil } -// Prevent users from relabing system files +// Prevent users from relabeling system files func badPrefix(fpath string) error { if fpath == "" { return ErrEmptyPath @@ -848,10 +1035,10 @@ func badPrefix(fpath string) error { return nil } -// Chcon changes the fpath file object to the SELinux label label. -// If fpath is a directory and recurse is true, Chcon will walk the +// chcon changes the fpath file object to the SELinux label label. +// If fpath is a directory and recurse is true, then chcon walks the // directory tree setting the label. -func Chcon(fpath string, label string, recurse bool) error { +func chcon(fpath string, label string, recurse bool) error { if fpath == "" { return ErrEmptyPath } @@ -876,9 +1063,9 @@ func Chcon(fpath string, label string, recurse bool) error { }) } -// DupSecOpt takes an SELinux process label and returns security options that +// dupSecOpt takes an SELinux process label and returns security options that // can be used to set the SELinux Type and Level for future container processes. -func DupSecOpt(src string) ([]string, error) { +func dupSecOpt(src string) ([]string, error) { if src == "" { return nil, nil } @@ -903,8 +1090,8 @@ func DupSecOpt(src string) ([]string, error) { return dup, nil } -// DisableSecOpt returns a security opt that can be used to disable SELinux +// disableSecOpt returns a security opt that can be used to disable SELinux // labeling support for future container processes. -func DisableSecOpt() []string { +func disableSecOpt() []string { return []string{"disable"} } diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_stub.go b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_stub.go index f9f5e2061de2..c526b210f9c2 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_stub.go +++ b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_stub.go @@ -2,253 +2,147 @@ package selinux -import ( - "errors" -) - -const ( - // Enforcing constant indicate SELinux is in enforcing mode - Enforcing = 1 - // Permissive constant to indicate SELinux is in permissive mode - Permissive = 0 - // Disabled constant to indicate SELinux is disabled - Disabled = -1 -) - -var ( - // ErrMCSAlreadyExists is returned when trying to allocate a duplicate MCS. - ErrMCSAlreadyExists = errors.New("MCS label already exists") - // ErrEmptyPath is returned when an empty path has been specified. - ErrEmptyPath = errors.New("empty path") -) - -// Context is a representation of the SELinux label broken into 4 parts -type Context map[string]string - -// SetDisabled disables selinux support for the package -func SetDisabled() { - return -} - -// GetEnabled returns whether selinux is currently enabled. -func GetEnabled() bool { +func setDisabled() { +} + +func getEnabled() bool { return false } -// ClassIndex returns the int index for an object class in the loaded policy, or -1 and an error -func ClassIndex(class string) (int, error) { +func classIndex(class string) (int, error) { return -1, nil } -// SetFileLabel sets the SELinux label for this path or returns an error. -func SetFileLabel(fpath string, label string) error { +func setFileLabel(fpath string, label string) error { return nil } -// FileLabel returns the SELinux label for this path or returns an error. -func FileLabel(fpath string) (string, error) { +func fileLabel(fpath string) (string, error) { return "", nil } -/* -SetFSCreateLabel tells kernel the label to create all file system objects -created by this task. Setting label="" to return to default. -*/ -func SetFSCreateLabel(label string) error { +func setFSCreateLabel(label string) error { return nil } -/* -FSCreateLabel returns the default label the kernel which the kernel is using -for file system objects created by this task. "" indicates default. -*/ -func FSCreateLabel() (string, error) { +func fsCreateLabel() (string, error) { + return "", nil +} + +func currentLabel() (string, error) { return "", nil } -// CurrentLabel returns the SELinux label of the current process thread, or an error. -func CurrentLabel() (string, error) { +func pidLabel(pid int) (string, error) { return "", nil } -// PidLabel returns the SELinux label of the given pid, or an error. -func PidLabel(pid int) (string, error) { +func execLabel() (string, error) { return "", nil } -/* -ExecLabel returns the SELinux label that the kernel will use for any programs -that are executed by the current process thread, or an error. -*/ -func ExecLabel() (string, error) { +func canonicalizeContext(val string) (string, error) { return "", nil } -/* -CanonicalizeContext takes a context string and writes it to the kernel -the function then returns the context that the kernel will use. This function -can be used to see if two contexts are equivalent -*/ -func CanonicalizeContext(val string) (string, error) { +func computeCreateContext(source string, target string, class string) (string, error) { return "", nil } -/* -ComputeCreateContext requests the type transition from source to target for class from the kernel. -*/ -func ComputeCreateContext(source string, target string, class string) (string, error) { +func calculateGlbLub(sourceRange, targetRange string) (string, error) { return "", nil } -/* -SetExecLabel sets the SELinux label that the kernel will use for any programs -that are executed by the current process thread, or an error. -*/ -func SetExecLabel(label string) error { +func setExecLabel(label string) error { return nil } -/* -SetTaskLabel sets the SELinux label for the current thread, or an error. -This requires the dyntransition permission. -*/ -func SetTaskLabel(label string) error { +func setTaskLabel(label string) error { return nil } -/* -SetSocketLabel sets the SELinux label that the kernel will use for any programs -that are executed by the current process thread, or an error. -*/ -func SetSocketLabel(label string) error { +func setSocketLabel(label string) error { return nil } -// SocketLabel retrieves the current socket label setting -func SocketLabel() (string, error) { +func socketLabel() (string, error) { return "", nil } -// PeerLabel retrieves the label of the client on the other side of a socket -func PeerLabel(fd uintptr) (string, error) { +func peerLabel(fd uintptr) (string, error) { return "", nil } -// SetKeyLabel takes a process label and tells the kernel to assign the -// label to the next kernel keyring that gets created -func SetKeyLabel(label string) error { +func setKeyLabel(label string) error { return nil } -// KeyLabel retrieves the current kernel keyring label setting -func KeyLabel() (string, error) { +func keyLabel() (string, error) { return "", nil } -// Get returns the Context as a string -func (c Context) Get() string { +func (c Context) get() string { return "" } -// NewContext creates a new Context struct from the specified label -func NewContext(label string) (Context, error) { +func newContext(label string) (Context, error) { c := make(Context) return c, nil } -// ClearLabels clears all reserved MLS/MCS levels -func ClearLabels() { - return +func clearLabels() { } -// ReserveLabel reserves the MLS/MCS level component of the specified label -func ReserveLabel(label string) { - return +func reserveLabel(label string) { } -// EnforceMode returns the current SELinux mode Enforcing, Permissive, Disabled -func EnforceMode() int { +func enforceMode() int { return Disabled } -/* -SetEnforceMode sets the current SELinux mode Enforcing, Permissive. -Disabled is not valid, since this needs to be set at boot time. -*/ -func SetEnforceMode(mode int) error { +func setEnforceMode(mode int) error { return nil } -/* -DefaultEnforceMode returns the systems default SELinux mode Enforcing, -Permissive or Disabled. Note this is is just the default at boot time. -EnforceMode tells you the systems current mode. -*/ -func DefaultEnforceMode() int { +func defaultEnforceMode() int { return Disabled } -/* -ReleaseLabel will unreserve the MLS/MCS Level field of the specified label. -Allowing it to be used by another process. -*/ -func ReleaseLabel(label string) { - return +func releaseLabel(label string) { } -// ROFileLabel returns the specified SELinux readonly file label -func ROFileLabel() string { +func roFileLabel() string { return "" } -// KVMContainerLabels returns the default processLabel and mountLabel to be used -// for kvm containers by the calling process. -func KVMContainerLabels() (string, string) { +func kvmContainerLabels() (string, string) { return "", "" } -// InitContainerLabels returns the default processLabel and file labels to be -// used for containers running an init system like systemd by the calling -func InitContainerLabels() (string, string) { +func initContainerLabels() (string, string) { return "", "" } -/* -ContainerLabels returns an allocated processLabel and fileLabel to be used for -container labeling by the calling process. -*/ -func ContainerLabels() (processLabel string, fileLabel string) { +func containerLabels() (processLabel string, fileLabel string) { return "", "" } -// SecurityCheckContext validates that the SELinux label is understood by the kernel -func SecurityCheckContext(val string) error { +func securityCheckContext(val string) error { return nil } -/* -CopyLevel returns a label with the MLS/MCS level from src label replaced on -the dest label. -*/ -func CopyLevel(src, dest string) (string, error) { +func copyLevel(src, dest string) (string, error) { return "", nil } -// Chcon changes the `fpath` file object to the SELinux label `label`. -// If `fpath` is a directory and `recurse`` is true, Chcon will walk the -// directory tree setting the label. -func Chcon(fpath string, label string, recurse bool) error { +func chcon(fpath string, label string, recurse bool) error { return nil } -// DupSecOpt takes an SELinux process label and returns security options that -// can be used to set the SELinux Type and Level for future container processes. -func DupSecOpt(src string) ([]string, error) { +func dupSecOpt(src string) ([]string, error) { return nil, nil } -// DisableSecOpt returns a security opt that can be used to disable SELinux -// labeling support for future container processes. -func DisableSecOpt() []string { +func disableSecOpt() []string { return []string{"disable"} } diff --git a/vendor/github.com/opencontainers/selinux/pkg/pwalk/pwalk.go b/vendor/github.com/opencontainers/selinux/pkg/pwalk/pwalk.go index 2ee0d01508f5..63fde18429ae 100644 --- a/vendor/github.com/opencontainers/selinux/pkg/pwalk/pwalk.go +++ b/vendor/github.com/opencontainers/selinux/pkg/pwalk/pwalk.go @@ -48,7 +48,11 @@ func WalkN(root string, walkFn WalkFunc, num int) error { errCh := make(chan error, 1) // get the first error, ignore others // Start walking a tree asap - var err error + var ( + err error + wg sync.WaitGroup + ) + wg.Add(1) go func() { err = filepath.Walk(root, func(p string, info os.FileInfo, err error) error { if err != nil { @@ -68,9 +72,9 @@ func WalkN(root string, walkFn WalkFunc, num int) error { if err == nil { close(files) } + wg.Done() }() - var wg sync.WaitGroup wg.Add(num) for i := 0; i < num; i++ { go func() { diff --git a/vendor/github.com/openshift/api/OWNERS b/vendor/github.com/openshift/api/OWNERS index 6987e4f0c7ed..5e2605ae95de 100644 --- a/vendor/github.com/openshift/api/OWNERS +++ b/vendor/github.com/openshift/api/OWNERS @@ -13,14 +13,15 @@ reviewers: - sttts - bparees approvers: - - smarterclayton + - bparees - deads2k - derekwaynecarr - eparis - jwforres - knobunc - - sjenning - mfojtik + - sjenning + - smarterclayton - soltysh + - spadgett - sttts - - bparees diff --git a/vendor/github.com/openshift/api/apps/v1/generated.proto b/vendor/github.com/openshift/api/apps/v1/generated.proto index d15f20c0d4f0..464ed9a516c3 100644 --- a/vendor/github.com/openshift/api/apps/v1/generated.proto +++ b/vendor/github.com/openshift/api/apps/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.apps.v1; @@ -283,6 +283,7 @@ message DeploymentRequest { // DeploymentStrategy describes how to perform a deployment. message DeploymentStrategy { // Type is the name of a deployment strategy. + // +optional optional string type = 1; // CustomParams are the input to the Custom deployment strategy, and may also diff --git a/vendor/github.com/openshift/api/apps/v1/types.go b/vendor/github.com/openshift/api/apps/v1/types.go index ed147807d08d..2a2a7e7b5d05 100644 --- a/vendor/github.com/openshift/api/apps/v1/types.go +++ b/vendor/github.com/openshift/api/apps/v1/types.go @@ -83,6 +83,7 @@ type DeploymentConfigSpec struct { // DeploymentStrategy describes how to perform a deployment. type DeploymentStrategy struct { // Type is the name of a deployment strategy. + // +optional Type DeploymentStrategyType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type,casttype=DeploymentStrategyType"` // CustomParams are the input to the Custom deployment strategy, and may also diff --git a/vendor/github.com/openshift/api/authorization/v1/0000_03_authorization-openshift_01_rolebindingrestriction.crd.yaml b/vendor/github.com/openshift/api/authorization/v1/0000_03_authorization-openshift_01_rolebindingrestriction.crd.yaml index 5fbc03c98b14..ce911a84d42d 100644 --- a/vendor/github.com/openshift/api/authorization/v1/0000_03_authorization-openshift_01_rolebindingrestriction.crd.yaml +++ b/vendor/github.com/openshift/api/authorization/v1/0000_03_authorization-openshift_01_rolebindingrestriction.crd.yaml @@ -1,207 +1,210 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: rolebindingrestrictions.authorization.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: authorization.openshift.io + scope: Namespaced names: kind: RoleBindingRestriction listKind: RoleBindingRestrictionList plural: rolebindingrestrictions singular: rolebindingrestriction - scope: Namespaced - preserveUnknownFields: false versions: - name: v1 served: true storage: true - "validation": - "openAPIV3Schema": - description: RoleBindingRestriction is an object that can be matched against - a subject (user, group, or service account) to determine whether rolebindings - on that subject are allowed in the namespace to which the RoleBindingRestriction - belongs. If any one of those RoleBindingRestriction objects matches a subject, - rolebindings on that subject in the namespace are allowed. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the matcher. - type: object - properties: - grouprestriction: - description: GroupRestriction matches against group subjects. - type: object - properties: - groups: - description: Groups is a list of groups used to match against an - individual user's groups. If the user is a member of one of the - whitelisted groups, the user is allowed to be bound to a role. - type: array - items: - type: string - nullable: true - labels: - description: Selectors specifies a list of label selectors over - group labels. - type: array - items: - description: A label selector is a label query over a set of resources. - The result of matchLabels and matchExpressions are ANDed. An - empty label selector matches all objects. A null label selector - matches no objects. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. - type: array - items: + schema: + openAPIV3Schema: + description: RoleBindingRestriction is an object that can be matched against + a subject (user, group, or service account) to determine whether rolebindings + on that subject are allowed in the namespace to which the RoleBindingRestriction + belongs. If any one of those RoleBindingRestriction objects matches a subject, + rolebindings on that subject in the namespace are allowed. + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the matcher. + type: object + properties: + grouprestriction: + description: GroupRestriction matches against group subjects. + type: object + properties: + groups: + description: Groups is a list of groups used to match against + an individual user's groups. If the user is a member of one + of the whitelisted groups, the user is allowed to be bound to + a role. + type: array + items: + type: string + nullable: true + labels: + description: Selectors specifies a list of label selectors over + group labels. + type: array + items: + description: A label selector is a label query over a set of + resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. A + null label selector matches no objects. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector + applies to. type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - nullable: true - nullable: true - serviceaccountrestriction: - description: ServiceAccountRestriction matches against service-account - subjects. - type: object - properties: - namespaces: - description: Namespaces specifies a list of literal namespace names. - type: array - items: - type: string - serviceaccounts: - description: ServiceAccounts specifies a list of literal service-account - names. - type: array - items: - description: ServiceAccountReference specifies a service account - and namespace by their names. - type: object - properties: - name: - description: Name is the name of the service account. - type: string - namespace: - description: Namespace is the namespace of the service account. Service - accounts from inside the whitelisted namespaces are allowed - to be bound to roles. If Namespace is empty, then the namespace - of the RoleBindingRestriction in which the ServiceAccountReference - is embedded is used. - type: string - nullable: true - userrestriction: - description: UserRestriction matches against user subjects. - type: object - properties: - groups: - description: Groups specifies a list of literal group names. - type: array - items: - type: string - nullable: true - labels: - description: Selectors specifies a list of label selectors over - user labels. - type: array - items: - description: A label selector is a label query over a set of resources. - The result of matchLabels and matchExpressions are ANDed. An - empty label selector matches all objects. A null label selector - matches no objects. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. - type: array - items: + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. - type: object - additionalProperties: + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + nullable: true + nullable: true + serviceaccountrestriction: + description: ServiceAccountRestriction matches against service-account + subjects. + type: object + properties: + namespaces: + description: Namespaces specifies a list of literal namespace + names. + type: array + items: + type: string + serviceaccounts: + description: ServiceAccounts specifies a list of literal service-account + names. + type: array + items: + description: ServiceAccountReference specifies a service account + and namespace by their names. + type: object + properties: + name: + description: Name is the name of the service account. + type: string + namespace: + description: Namespace is the namespace of the service account. Service + accounts from inside the whitelisted namespaces are allowed + to be bound to roles. If Namespace is empty, then the + namespace of the RoleBindingRestriction in which the ServiceAccountReference + is embedded is used. type: string - nullable: true - users: - description: Users specifies a list of literal user names. - type: array - items: - type: string - nullable: true + nullable: true + userrestriction: + description: UserRestriction matches against user subjects. + type: object + properties: + groups: + description: Groups specifies a list of literal group names. + type: array + items: + type: string + nullable: true + labels: + description: Selectors specifies a list of label selectors over + user labels. + type: array + items: + description: A label selector is a label query over a set of + resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. A + null label selector matches no objects. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + nullable: true + users: + description: Users specifies a list of literal user names. + type: array + items: + type: string + nullable: true diff --git a/vendor/github.com/openshift/api/authorization/v1/generated.proto b/vendor/github.com/openshift/api/authorization/v1/generated.proto index 6bce7d558e82..5bf2e5df6651 100644 --- a/vendor/github.com/openshift/api/authorization/v1/generated.proto +++ b/vendor/github.com/openshift/api/authorization/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.authorization.v1; diff --git a/vendor/github.com/openshift/api/build/v1/generated.proto b/vendor/github.com/openshift/api/build/v1/generated.proto index 52910663fd94..cef14d1a311b 100644 --- a/vendor/github.com/openshift/api/build/v1/generated.proto +++ b/vendor/github.com/openshift/api/build/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.build.v1; @@ -362,6 +362,7 @@ message BuildRequest { message BuildSource { // type of build input to accept // +k8s:conversion-gen=false + // +optional optional string type = 1; // binary builds accept a binary as their input. The binary is generally assumed to be a tar, @@ -496,6 +497,7 @@ message BuildStatusOutputTo { message BuildStrategy { // type is the kind of build strategy. // +k8s:conversion-gen=false + // +optional optional string type = 1; // dockerStrategy holds the parameters to the container image build strategy. diff --git a/vendor/github.com/openshift/api/build/v1/types.go b/vendor/github.com/openshift/api/build/v1/types.go index 3c9d088f7ee2..19bc796c7ebf 100644 --- a/vendor/github.com/openshift/api/build/v1/types.go +++ b/vendor/github.com/openshift/api/build/v1/types.go @@ -400,7 +400,8 @@ const ( type BuildSource struct { // type of build input to accept // +k8s:conversion-gen=false - Type BuildSourceType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=BuildSourceType"` + // +optional + Type BuildSourceType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type,casttype=BuildSourceType"` // binary builds accept a binary as their input. The binary is generally assumed to be a tar, // gzipped tar, or zip file depending on the strategy. For container image builds, this is the build @@ -603,7 +604,8 @@ type SourceControlUser struct { type BuildStrategy struct { // type is the kind of build strategy. // +k8s:conversion-gen=false - Type BuildStrategyType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=BuildStrategyType"` + // +optional + Type BuildStrategyType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type,casttype=BuildStrategyType"` // dockerStrategy holds the parameters to the container image build strategy. DockerStrategy *DockerBuildStrategy `json:"dockerStrategy,omitempty" protobuf:"bytes,2,opt,name=dockerStrategy"` diff --git a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml index 9e79054c6921..2bf27128307b 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml @@ -4,6 +4,7 @@ metadata: name: clusteroperators.config.openshift.io annotations: include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: additionalPrinterColumns: - JSONPath: .status.versions[?(@.name=="operator")].version diff --git a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml index 1acda61afc30..628538d0e5e3 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml @@ -4,6 +4,7 @@ metadata: name: clusterversions.config.openshift.io annotations: include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io versions: diff --git a/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_operatorhub.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_operatorhub.crd.yaml index 19994f42c52f..18e6187e6e57 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_operatorhub.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_operatorhub.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: operatorhubs.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io names: diff --git a/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml index b6fb1c48ce7e..ddd5d700de2b 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml @@ -1,102 +1,103 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: proxies.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io scope: Cluster - preserveUnknownFields: false - versions: - - name: v1 - served: true - storage: true names: kind: Proxy listKind: ProxyList plural: proxies singular: proxy - subresources: - status: {} - "validation": - "openAPIV3Schema": - description: Proxy holds cluster-wide information on how to configure default - proxies for the cluster. The canonical name is `cluster` - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds user-settable values for the proxy configuration - type: object - properties: - httpProxy: - description: httpProxy is the URL of the proxy for HTTP requests. Empty - means unset and will not result in an env var. - type: string - httpsProxy: - description: httpsProxy is the URL of the proxy for HTTPS requests. Empty - means unset and will not result in an env var. - type: string - noProxy: - description: noProxy is a comma-separated list of hostnames and/or CIDRs - for which the proxy should not be used. Empty means unset and will - not result in an env var. - type: string - readinessEndpoints: - description: readinessEndpoints is a list of endpoints used to verify - readiness of the proxy. - type: array - items: + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: Proxy holds cluster-wide information on how to configure default + proxies for the cluster. The canonical name is `cluster` + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec holds user-settable values for the proxy configuration + type: object + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. Empty + means unset and will not result in an env var. + type: string + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS requests. Empty + means unset and will not result in an env var. + type: string + noProxy: + description: noProxy is a comma-separated list of hostnames and/or + CIDRs for which the proxy should not be used. Empty means unset + and will not result in an env var. type: string - trustedCA: - description: "trustedCA is a reference to a ConfigMap containing a CA - certificate bundle. The trustedCA field should only be consumed by - a proxy validator. The validator is responsible for reading the certificate - bundle from the required key \"ca-bundle.crt\", merging it with the - system default trust bundle, and writing the merged trust bundle to - a ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" - namespace. Clients that expect to make proxy connections must use - the trusted-ca-bundle for all HTTPS requests to the proxy, and may - use the trusted-ca-bundle for non-proxy HTTPS requests as well. \n - The namespace for the ConfigMap referenced by trustedCA is \"openshift-config\". - Here is an example ConfigMap (in yaml): \n apiVersion: v1 kind: ConfigMap - metadata: name: user-ca-bundle namespace: openshift-config data: - \ ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom - CA certificate bundle. -----END CERTIFICATE-----" - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced config - map + readinessEndpoints: + description: readinessEndpoints is a list of endpoints used to verify + readiness of the proxy. + type: array + items: type: string - status: - description: status holds observed values from the cluster. They may not - be overridden. - type: object - properties: - httpProxy: - description: httpProxy is the URL of the proxy for HTTP requests. - type: string - httpsProxy: - description: httpsProxy is the URL of the proxy for HTTPS requests. - type: string - noProxy: - description: noProxy is a comma-separated list of hostnames and/or CIDRs - for which the proxy should not be used. - type: string + trustedCA: + description: "trustedCA is a reference to a ConfigMap containing a + CA certificate bundle. The trustedCA field should only be consumed + by a proxy validator. The validator is responsible for reading the + certificate bundle from the required key \"ca-bundle.crt\", merging + it with the system default trust bundle, and writing the merged + trust bundle to a ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" + namespace. Clients that expect to make proxy connections must use + the trusted-ca-bundle for all HTTPS requests to the proxy, and may + use the trusted-ca-bundle for non-proxy HTTPS requests as well. + \n The namespace for the ConfigMap referenced by trustedCA is \"openshift-config\". + Here is an example ConfigMap (in yaml): \n apiVersion: v1 kind: + ConfigMap metadata: name: user-ca-bundle namespace: openshift-config + \ data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom + CA certificate bundle. -----END CERTIFICATE-----" + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. + type: string + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS requests. + type: string + noProxy: + description: noProxy is a comma-separated list of hostnames and/or + CIDRs for which the proxy should not be used. + type: string diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml index 468ad078dae2..bd730570caa2 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: apiservers.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io scope: Cluster diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml index c6de0ac13ab7..b90d578f3e91 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml @@ -1,123 +1,103 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: authentications.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io + scope: Cluster names: kind: Authentication listKind: AuthenticationList plural: authentications singular: authentication - scope: Cluster - preserveUnknownFields: false - subresources: - status: {} versions: - name: v1 served: true storage: true - "validation": - "openAPIV3Schema": - description: Authentication specifies cluster-wide settings for authentication - (like OAuth and webhook token authenticators). The canonical name of an instance - is `cluster`. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - type: object - properties: - oauthMetadata: - description: 'oauthMetadata contains the discovery endpoint data for - OAuth 2.0 Authorization Server Metadata for an external OAuth server. - This discovery document can be viewed from its served location: oc - get --raw ''/.well-known/oauth-authorization-server'' For further - details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 - If oauthMetadata.name is non-empty, this value has precedence over - any metadata reference stored in status. The key "oauthMetadata" is - used to locate the data. If specified and the config map or expected - key is not found, no metadata is served. If the specified metadata - is not valid, no metadata is served. The namespace for this config - map is openshift-config.' - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - serviceAccountIssuer: - description: serviceAccountIssuer is the identifier of the bound service - account token issuer. The default is https://kubernetes.default.svc - type: string - type: - description: type identifies the cluster managed, user facing authentication - mode in use. Specifically, it manages the component that responds - to login attempts. The default is IntegratedOAuth. - type: string - webhookTokenAuthenticator: - description: webhookTokenAuthenticator configures a remote token reviewer. - These remote authentication webhooks can be used to verify bearer - tokens via the tokenreviews.authentication.k8s.io REST API. This is - required to honor bearer tokens that are provisioned by an external - authentication service. - type: object - required: - - kubeConfig - properties: - kubeConfig: - description: "kubeConfig references a secret that contains kube - config file data which describes how to access the remote webhook - service. The namespace for the referenced secret is openshift-config. - \n For further details, see: \n https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication - \n The key \"kubeConfig\" is used to locate the data. If the secret - or expected key is not found, the webhook is not honored. If the - specified kube config data is not valid, the webhook is not honored." - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced secret - type: string - webhookTokenAuthenticators: - description: webhookTokenAuthenticators is DEPRECATED, setting it has - no effect. - type: array - items: - description: deprecatedWebhookTokenAuthenticator holds the necessary - configuration options for a remote token authenticator. It's the - same as WebhookTokenAuthenticator but it's missing the 'required' - validation on KubeConfig field. + subresources: + status: {} + schema: + openAPIV3Schema: + description: Authentication specifies cluster-wide settings for authentication + (like OAuth and webhook token authenticators). The canonical name of an + instance is `cluster`. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + oauthMetadata: + description: 'oauthMetadata contains the discovery endpoint data for + OAuth 2.0 Authorization Server Metadata for an external OAuth server. + This discovery document can be viewed from its served location: + oc get --raw ''/.well-known/oauth-authorization-server'' For further + details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 + If oauthMetadata.name is non-empty, this value has precedence over + any metadata reference stored in status. The key "oauthMetadata" + is used to locate the data. If specified and the config map or expected + key is not found, no metadata is served. If the specified metadata + is not valid, no metadata is served. The namespace for this config + map is openshift-config.' + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + serviceAccountIssuer: + description: 'serviceAccountIssuer is the identifier of the bound + service account token issuer. The default is https://kubernetes.default.svc + WARNING: Updating this field will result in the invalidation of + all bound tokens with the previous issuer value. Unless the holder + of a bound token has explicit support for a change in issuer, they + will not request a new bound token until pod restart or until their + existing token exceeds 80% of its duration.' + type: string + type: + description: type identifies the cluster managed, user facing authentication + mode in use. Specifically, it manages the component that responds + to login attempts. The default is IntegratedOAuth. + type: string + webhookTokenAuthenticator: + description: webhookTokenAuthenticator configures a remote token reviewer. + These remote authentication webhooks can be used to verify bearer + tokens via the tokenreviews.authentication.k8s.io REST API. This + is required to honor bearer tokens that are provisioned by an external + authentication service. type: object + required: + - kubeConfig properties: kubeConfig: - description: 'kubeConfig contains kube config file data which - describes how to access the remote webhook service. For further - details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication - The key "kubeConfig" is used to locate the data. If the secret - or expected key is not found, the webhook is not honored. If - the specified kube config data is not valid, the webhook is - not honored. The namespace for this secret is determined by - the point of use.' + description: "kubeConfig references a secret that contains kube + config file data which describes how to access the remote webhook + service. The namespace for the referenced secret is openshift-config. + \n For further details, see: \n https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication + \n The key \"kubeConfig\" is used to locate the data. If the + secret or expected key is not found, the webhook is not honored. + If the specified kube config data is not valid, the webhook + is not honored." type: object required: - name @@ -125,29 +105,57 @@ spec: name: description: name is the metadata.name of the referenced secret type: string - status: - description: status holds observed values from the cluster. They may not - be overridden. - type: object - properties: - integratedOAuthMetadata: - description: 'integratedOAuthMetadata contains the discovery endpoint - data for OAuth 2.0 Authorization Server Metadata for the in-cluster - integrated OAuth server. This discovery document can be viewed from - its served location: oc get --raw ''/.well-known/oauth-authorization-server'' - For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 - This contains the observed value based on cluster state. An explicitly - set value in spec.oauthMetadata has precedence over this field. This - field has no meaning if authentication spec.type is not set to IntegratedOAuth. - The key "oauthMetadata" is used to locate the data. If the config - map or expected key is not found, no metadata is served. If the specified - metadata is not valid, no metadata is served. The namespace for this - config map is openshift-config-managed.' - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string + webhookTokenAuthenticators: + description: webhookTokenAuthenticators is DEPRECATED, setting it + has no effect. + type: array + items: + description: deprecatedWebhookTokenAuthenticator holds the necessary + configuration options for a remote token authenticator. It's the + same as WebhookTokenAuthenticator but it's missing the 'required' + validation on KubeConfig field. + type: object + properties: + kubeConfig: + description: 'kubeConfig contains kube config file data which + describes how to access the remote webhook service. For further + details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication + The key "kubeConfig" is used to locate the data. If the secret + or expected key is not found, the webhook is not honored. + If the specified kube config data is not valid, the webhook + is not honored. The namespace for this secret is determined + by the point of use.' + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + properties: + integratedOAuthMetadata: + description: 'integratedOAuthMetadata contains the discovery endpoint + data for OAuth 2.0 Authorization Server Metadata for the in-cluster + integrated OAuth server. This discovery document can be viewed from + its served location: oc get --raw ''/.well-known/oauth-authorization-server'' + For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 + This contains the observed value based on cluster state. An explicitly + set value in spec.oauthMetadata has precedence over this field. + This field has no meaning if authentication spec.type is not set + to IntegratedOAuth. The key "oauthMetadata" is used to locate the + data. If the config map or expected key is not found, no metadata + is served. If the specified metadata is not valid, no metadata is + served. The namespace for this config map is openshift-config-managed.' + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml index 9bd6113608e5..7a71db46add5 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: builds.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io scope: Cluster diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_console.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_console.crd.yaml index 4234d732ec53..69639c1d9770 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_console.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_console.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: consoles.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster preserveUnknownFields: false diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_dns.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_dns.crd.yaml index e864cae7a125..8e6f86222e46 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_dns.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_dns.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: dnses.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io names: diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_featuregate.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_featuregate.crd.yaml index ec458de32004..8bba554b462b 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_featuregate.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_featuregate.crd.yaml @@ -1,78 +1,78 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: featuregates.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io - version: v1 scope: Cluster - preserveUnknownFields: false names: kind: FeatureGate - singular: featuregate - plural: featuregates listKind: FeatureGateList + plural: featuregates + singular: featuregate versions: - name: v1 served: true storage: true - subresources: - status: {} - "validation": - "openAPIV3Schema": - description: Feature holds cluster-wide information about feature gates. The - canonical name is `cluster` - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - type: object - properties: - customNoUpgrade: - description: customNoUpgrade allows the enabling or disabling of any - feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE UNDONE, - and PREVENTS UPGRADES. Because of its nature, this setting cannot - be validated. If you have any typos or accidentally apply invalid - combinations your cluster may fail in an unrecoverable way. featureSet - must equal "CustomNoUpgrade" must be set to use this field. - type: object - properties: - disabled: - description: disabled is a list of all feature gates that you want - to force off - type: array - items: - type: string - enabled: - description: enabled is a list of all feature gates that you want - to force on - type: array - items: - type: string - nullable: true - featureSet: - description: featureSet changes the list of features in the cluster. The - default is empty. Be very careful adjusting this setting. Turning - on or off features may cause irreversible changes in your cluster - which cannot be undone. - type: string - status: - description: status holds observed values from the cluster. They may not - be overridden. - type: object + subresources: + status: {} + schema: + openAPIV3Schema: + description: Feature holds cluster-wide information about feature gates. The + canonical name is `cluster` + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + customNoUpgrade: + description: customNoUpgrade allows the enabling or disabling of any + feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE + UNDONE, and PREVENTS UPGRADES. Because of its nature, this setting + cannot be validated. If you have any typos or accidentally apply + invalid combinations your cluster may fail in an unrecoverable way. featureSet + must equal "CustomNoUpgrade" must be set to use this field. + type: object + properties: + disabled: + description: disabled is a list of all feature gates that you + want to force off + type: array + items: + type: string + enabled: + description: enabled is a list of all feature gates that you want + to force on + type: array + items: + type: string + nullable: true + featureSet: + description: featureSet changes the list of features in the cluster. The + default is empty. Be very careful adjusting this setting. Turning + on or off features may cause irreversible changes in your cluster + which cannot be undone. + type: string + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml index 858681c9d864..35ed9bf1746f 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: images.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io scope: Cluster @@ -116,6 +118,19 @@ spec: type: array items: type: string + containerRuntimeSearchRegistries: + description: 'containerRuntimeSearchRegistries are registries that + will be searched when pulling images that do not have fully qualified + domains in their pull specs. Registries will be searched in the + order provided in the list. Note: this search list only works + with the container runtime, i.e CRI-O. Will NOT work with builds + or imagestream imports.' + type: array + format: hostname + minItems: 1 + items: + type: string + x-kubernetes-list-type: set insecureRegistries: description: insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections. diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml index 40fa38d37257..ffdb8ea108fe 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: infrastructures.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io names: diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml index eb6f0a74f91e..25d1c5e98e72 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: ingresses.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io names: diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network.crd.yaml index 5b029401b093..7390943a124f 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: networks.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io names: diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml index 35388d9c998c..d3097b8745d8 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml @@ -1,667 +1,676 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: oauths.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io + scope: Cluster names: kind: OAuth listKind: OAuthList plural: oauths singular: oauth - scope: Cluster - preserveUnknownFields: false - subresources: - status: {} versions: - name: v1 served: true storage: true - "validation": - "openAPIV3Schema": - description: OAuth holds cluster-wide information about OAuth. The canonical - name is `cluster`. It is used to configure the integrated OAuth server. This - configuration is only honored when the top level Authentication config has - type set to IntegratedOAuth. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - type: object - properties: - identityProviders: - description: identityProviders is an ordered list of ways for a user - to identify themselves. When this list is empty, no identities are - provisioned for users. - type: array - items: - description: IdentityProvider provides identities for users authenticating - using credentials - type: object - properties: - basicAuth: - description: basicAuth contains configuration options for the - BasicAuth IdP - type: object - properties: - ca: - description: ca is an optional reference to a config map by - name containing the PEM-encoded CA bundle. It is used as - a trust anchor to validate the TLS certificate presented - by the remote server. The key "ca.crt" is used to locate - the data. If specified and the config map or expected key - is not found, the identity provider is not honored. If the - specified ca data is not valid, the identity provider is - not honored. If empty, the default system roots are used. - The namespace for this config map is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - config map - type: string - tlsClientCert: - description: tlsClientCert is an optional reference to a secret - by name that contains the PEM-encoded TLS client certificate - to present when connecting to the server. The key "tls.crt" - is used to locate the data. If specified and the secret - or expected key is not found, the identity provider is not - honored. If the specified certificate data is not valid, - the identity provider is not honored. The namespace for - this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret - type: string - tlsClientKey: - description: tlsClientKey is an optional reference to a secret - by name that contains the PEM-encoded TLS private key for - the client certificate referenced in tlsClientCert. The - key "tls.key" is used to locate the data. If specified and - the secret or expected key is not found, the identity provider - is not honored. If the specified certificate data is not - valid, the identity provider is not honored. The namespace - for this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret - type: string - url: - description: url is the remote URL to connect to - type: string - github: - description: github enables user authentication using GitHub credentials - type: object - properties: - ca: - description: ca is an optional reference to a config map by - name containing the PEM-encoded CA bundle. It is used as - a trust anchor to validate the TLS certificate presented - by the remote server. The key "ca.crt" is used to locate - the data. If specified and the config map or expected key - is not found, the identity provider is not honored. If the - specified ca data is not valid, the identity provider is - not honored. If empty, the default system roots are used. - This can only be configured when hostname is set to a non-empty - value. The namespace for this config map is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - config map + subresources: + status: {} + schema: + openAPIV3Schema: + description: OAuth holds cluster-wide information about OAuth. The canonical + name is `cluster`. It is used to configure the integrated OAuth server. + This configuration is only honored when the top level Authentication config + has type set to IntegratedOAuth. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + identityProviders: + description: identityProviders is an ordered list of ways for a user + to identify themselves. When this list is empty, no identities are + provisioned for users. + type: array + items: + description: IdentityProvider provides identities for users authenticating + using credentials + type: object + properties: + basicAuth: + description: basicAuth contains configuration options for the + BasicAuth IdP + type: object + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + tlsClientCert: + description: tlsClientCert is an optional reference to a + secret by name that contains the PEM-encoded TLS client + certificate to present when connecting to the server. + The key "tls.crt" is used to locate the data. If specified + and the secret or expected key is not found, the identity + provider is not honored. If the specified certificate + data is not valid, the identity provider is not honored. + The namespace for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + tlsClientKey: + description: tlsClientKey is an optional reference to a + secret by name that contains the PEM-encoded TLS private + key for the client certificate referenced in tlsClientCert. + The key "tls.key" is used to locate the data. If specified + and the secret or expected key is not found, the identity + provider is not honored. If the specified certificate + data is not valid, the identity provider is not honored. + The namespace for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + url: + description: url is the remote URL to connect to + type: string + github: + description: github enables user authentication using GitHub + credentials + type: object + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. This can only be configured when hostname is set + to a non-empty value. The namespace for this config map + is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + clientID: + description: clientID is the oauth client ID + type: string + clientSecret: + description: clientSecret is a required reference to the + secret by name containing the oauth client secret. The + key "clientSecret" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. The namespace for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + hostname: + description: hostname is the optional domain (e.g. "mycompany.com") + for use with a hosted instance of GitHub Enterprise. It + must match the GitHub Enterprise settings value configured + at /setup/settings#hostname. + type: string + organizations: + description: organizations optionally restricts which organizations + are allowed to log in + type: array + items: type: string - clientID: - description: clientID is the oauth client ID - type: string - clientSecret: - description: clientSecret is a required reference to the secret - by name containing the oauth client secret. The key "clientSecret" - is used to locate the data. If the secret or expected key - is not found, the identity provider is not honored. The - namespace for this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret + teams: + description: teams optionally restricts which teams are + allowed to log in. Format is /. + type: array + items: type: string - hostname: - description: hostname is the optional domain (e.g. "mycompany.com") - for use with a hosted instance of GitHub Enterprise. It - must match the GitHub Enterprise settings value configured - at /setup/settings#hostname. - type: string - organizations: - description: organizations optionally restricts which organizations - are allowed to log in - type: array - items: + gitlab: + description: gitlab enables user authentication using GitLab + credentials + type: object + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + clientID: + description: clientID is the oauth client ID + type: string + clientSecret: + description: clientSecret is a required reference to the + secret by name containing the oauth client secret. The + key "clientSecret" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. The namespace for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + url: + description: url is the oauth server base URL type: string - teams: - description: teams optionally restricts which teams are allowed - to log in. Format is /. - type: array - items: + google: + description: google enables user authentication using Google + credentials + type: object + properties: + clientID: + description: clientID is the oauth client ID type: string - gitlab: - description: gitlab enables user authentication using GitLab credentials - type: object - properties: - ca: - description: ca is an optional reference to a config map by - name containing the PEM-encoded CA bundle. It is used as - a trust anchor to validate the TLS certificate presented - by the remote server. The key "ca.crt" is used to locate - the data. If specified and the config map or expected key - is not found, the identity provider is not honored. If the - specified ca data is not valid, the identity provider is - not honored. If empty, the default system roots are used. - The namespace for this config map is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - config map + clientSecret: + description: clientSecret is a required reference to the + secret by name containing the oauth client secret. The + key "clientSecret" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. The namespace for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + hostedDomain: + description: hostedDomain is the optional Google App domain + (e.g. "mycompany.com") to restrict logins to + type: string + htpasswd: + description: htpasswd enables user authentication using an HTPasswd + file to validate credentials + type: object + properties: + fileData: + description: fileData is a required reference to a secret + by name containing the data to use as the htpasswd file. + The key "htpasswd" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. If the specified htpasswd data is not + valid, the identity provider is not honored. The namespace + for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + keystone: + description: keystone enables user authentication using keystone + password credentials + type: object + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + domainName: + description: domainName is required for keystone v3 + type: string + tlsClientCert: + description: tlsClientCert is an optional reference to a + secret by name that contains the PEM-encoded TLS client + certificate to present when connecting to the server. + The key "tls.crt" is used to locate the data. If specified + and the secret or expected key is not found, the identity + provider is not honored. If the specified certificate + data is not valid, the identity provider is not honored. + The namespace for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + tlsClientKey: + description: tlsClientKey is an optional reference to a + secret by name that contains the PEM-encoded TLS private + key for the client certificate referenced in tlsClientCert. + The key "tls.key" is used to locate the data. If specified + and the secret or expected key is not found, the identity + provider is not honored. If the specified certificate + data is not valid, the identity provider is not honored. + The namespace for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + url: + description: url is the remote URL to connect to + type: string + ldap: + description: ldap enables user authentication using LDAP credentials + type: object + properties: + attributes: + description: attributes maps LDAP attributes to identities + type: object + properties: + email: + description: email is the list of attributes whose values + should be used as the email address. Optional. If + unspecified, no email is set for the identity + type: array + items: + type: string + id: + description: id is the list of attributes whose values + should be used as the user ID. Required. First non-empty + attribute is used. At least one attribute is required. + If none of the listed attribute have a value, authentication + fails. LDAP standard identity attribute is "dn" + type: array + items: + type: string + name: + description: name is the list of attributes whose values + should be used as the display name. Optional. If unspecified, + no display name is set for the identity LDAP standard + display name attribute is "cn" + type: array + items: + type: string + preferredUsername: + description: preferredUsername is the list of attributes + whose values should be used as the preferred username. + LDAP standard login attribute is "uid" + type: array + items: + type: string + bindDN: + description: bindDN is an optional DN to bind with during + the search phase. + type: string + bindPassword: + description: bindPassword is an optional reference to a + secret by name containing a password to bind with during + the search phase. The key "bindPassword" is used to locate + the data. If specified and the secret or expected key + is not found, the identity provider is not honored. The + namespace for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + insecure: + description: 'insecure, if true, indicates the connection + should not use TLS WARNING: Should not be set to `true` + with the URL scheme "ldaps://" as "ldaps://" URLs always attempt + to connect using TLS, even when `insecure` is set to `true` + When `true`, "ldap://" URLS connect insecurely. When `false`, + "ldap://" URLs are upgraded to a TLS connection using + StartTLS as specified in https://tools.ietf.org/html/rfc2830.' + type: boolean + url: + description: 'url is an RFC 2255 URL which specifies the + LDAP search parameters to use. The syntax of the URL is: + ldap://host:port/basedn?attribute?scope?filter' + type: string + mappingMethod: + description: mappingMethod determines how identities from this + provider are mapped to users Defaults to "claim" + type: string + name: + description: 'name is used to qualify the identities returned + by this provider. - It MUST be unique and not shared by any + other identity provider used - It MUST be a valid path segment: + name cannot equal "." or ".." or contain "/" or "%" or ":" Ref: + https://godoc.org/github.com/openshift/origin/pkg/user/apis/user/validation#ValidateIdentityProviderName' + type: string + openID: + description: openID enables user authentication using OpenID + credentials + type: object + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + claims: + description: claims mappings + type: object + properties: + email: + description: email is the list of claims whose values + should be used as the email address. Optional. If + unspecified, no email is set for the identity + type: array + items: + type: string + name: + description: name is the list of claims whose values + should be used as the display name. Optional. If unspecified, + no display name is set for the identity + type: array + items: + type: string + preferredUsername: + description: preferredUsername is the list of claims + whose values should be used as the preferred username. + If unspecified, the preferred username is determined + from the value of the sub claim + type: array + items: + type: string + clientID: + description: clientID is the oauth client ID + type: string + clientSecret: + description: clientSecret is a required reference to the + secret by name containing the oauth client secret. The + key "clientSecret" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. The namespace for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + extraAuthorizeParameters: + description: extraAuthorizeParameters are any custom parameters + to add to the authorize request. + type: object + additionalProperties: type: string - clientID: - description: clientID is the oauth client ID - type: string - clientSecret: - description: clientSecret is a required reference to the secret - by name containing the oauth client secret. The key "clientSecret" - is used to locate the data. If the secret or expected key - is not found, the identity provider is not honored. The - namespace for this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret + extraScopes: + description: extraScopes are any scopes to request in addition + to the standard "openid" scope. + type: array + items: type: string - url: - description: url is the oauth server base URL - type: string - google: - description: google enables user authentication using Google credentials - type: object - properties: - clientID: - description: clientID is the oauth client ID - type: string - clientSecret: - description: clientSecret is a required reference to the secret - by name containing the oauth client secret. The key "clientSecret" - is used to locate the data. If the secret or expected key - is not found, the identity provider is not honored. The - namespace for this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret + issuer: + description: issuer is the URL that the OpenID Provider + asserts as its Issuer Identifier. It must use the https + scheme with no query or fragment component. + type: string + requestHeader: + description: requestHeader enables user authentication using + request header credentials + type: object + properties: + ca: + description: ca is a required reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. Specifically, it allows verification + of incoming requests to prevent header spoofing. The key + "ca.crt" is used to locate the data. If the config map + or expected key is not found, the identity provider is + not honored. If the specified ca data is not valid, the + identity provider is not honored. The namespace for this + config map is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + challengeURL: + description: challengeURL is a URL to redirect unauthenticated + /authorize requests to Unauthenticated requests from OAuth + clients which expect WWW-Authenticate challenges will + be redirected here. ${url} is replaced with the current + URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} + ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} + Required when challenge is set to true. + type: string + clientCommonNames: + description: clientCommonNames is an optional list of common + names to require a match from. If empty, any client certificate + validated against the clientCA bundle is considered authoritative. + type: array + items: type: string - hostedDomain: - description: hostedDomain is the optional Google App domain - (e.g. "mycompany.com") to restrict logins to - type: string - htpasswd: - description: htpasswd enables user authentication using an HTPasswd - file to validate credentials - type: object - properties: - fileData: - description: fileData is a required reference to a secret - by name containing the data to use as the htpasswd file. - The key "htpasswd" is used to locate the data. If the secret - or expected key is not found, the identity provider is not - honored. If the specified htpasswd data is not valid, the - identity provider is not honored. The namespace for this - secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret + emailHeaders: + description: emailHeaders is the set of headers to check + for the email address + type: array + items: type: string - keystone: - description: keystone enables user authentication using keystone - password credentials - type: object - properties: - ca: - description: ca is an optional reference to a config map by - name containing the PEM-encoded CA bundle. It is used as - a trust anchor to validate the TLS certificate presented - by the remote server. The key "ca.crt" is used to locate - the data. If specified and the config map or expected key - is not found, the identity provider is not honored. If the - specified ca data is not valid, the identity provider is - not honored. If empty, the default system roots are used. - The namespace for this config map is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - config map + headers: + description: headers is the set of headers to check for + identity information + type: array + items: type: string - domainName: - description: domainName is required for keystone v3 - type: string - tlsClientCert: - description: tlsClientCert is an optional reference to a secret - by name that contains the PEM-encoded TLS client certificate - to present when connecting to the server. The key "tls.crt" - is used to locate the data. If specified and the secret - or expected key is not found, the identity provider is not - honored. If the specified certificate data is not valid, - the identity provider is not honored. The namespace for - this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret + loginURL: + description: loginURL is a URL to redirect unauthenticated + /authorize requests to Unauthenticated requests from OAuth + clients which expect interactive logins will be redirected + here ${url} is replaced with the current URL, escaped + to be safe in a query parameter https://www.example.com/sso-login?then=${url} + ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} + Required when login is set to true. + type: string + nameHeaders: + description: nameHeaders is the set of headers to check + for the display name + type: array + items: type: string - tlsClientKey: - description: tlsClientKey is an optional reference to a secret - by name that contains the PEM-encoded TLS private key for - the client certificate referenced in tlsClientCert. The - key "tls.key" is used to locate the data. If specified and - the secret or expected key is not found, the identity provider - is not honored. If the specified certificate data is not - valid, the identity provider is not honored. The namespace - for this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret + preferredUsernameHeaders: + description: preferredUsernameHeaders is the set of headers + to check for the preferred username + type: array + items: type: string - url: - description: url is the remote URL to connect to - type: string - ldap: - description: ldap enables user authentication using LDAP credentials + type: + description: type identifies the identity provider type for + this entry. + type: string + templates: + description: templates allow you to customize pages like the login + page. + type: object + properties: + error: + description: error is the name of a secret that specifies a go + template to use to render error pages during the authentication + or grant flow. The key "errors.html" is used to locate the template + data. If specified and the secret or expected key is not found, + the default error page is used. If the specified template is + not valid, the default error page is used. If unspecified, the + default error page is used. The namespace for this secret is + openshift-config. type: object + required: + - name properties: - attributes: - description: attributes maps LDAP attributes to identities - type: object - properties: - email: - description: email is the list of attributes whose values - should be used as the email address. Optional. If unspecified, - no email is set for the identity - type: array - items: - type: string - id: - description: id is the list of attributes whose values - should be used as the user ID. Required. First non-empty - attribute is used. At least one attribute is required. - If none of the listed attribute have a value, authentication - fails. LDAP standard identity attribute is "dn" - type: array - items: - type: string - name: - description: name is the list of attributes whose values - should be used as the display name. Optional. If unspecified, - no display name is set for the identity LDAP standard - display name attribute is "cn" - type: array - items: - type: string - preferredUsername: - description: preferredUsername is the list of attributes - whose values should be used as the preferred username. - LDAP standard login attribute is "uid" - type: array - items: - type: string - bindDN: - description: bindDN is an optional DN to bind with during - the search phase. + name: + description: name is the metadata.name of the referenced secret type: string - bindPassword: - description: bindPassword is an optional reference to a secret - by name containing a password to bind with during the search - phase. The key "bindPassword" is used to locate the data. - If specified and the secret or expected key is not found, - the identity provider is not honored. The namespace for - this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret - type: string - ca: - description: ca is an optional reference to a config map by - name containing the PEM-encoded CA bundle. It is used as - a trust anchor to validate the TLS certificate presented - by the remote server. The key "ca.crt" is used to locate - the data. If specified and the config map or expected key - is not found, the identity provider is not honored. If the - specified ca data is not valid, the identity provider is - not honored. If empty, the default system roots are used. - The namespace for this config map is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - config map - type: string - insecure: - description: 'insecure, if true, indicates the connection - should not use TLS WARNING: Should not be set to `true` - with the URL scheme "ldaps://" as "ldaps://" URLs always attempt - to connect using TLS, even when `insecure` is set to `true` - When `true`, "ldap://" URLS connect insecurely. When `false`, - "ldap://" URLs are upgraded to a TLS connection using StartTLS - as specified in https://tools.ietf.org/html/rfc2830.' - type: boolean - url: - description: 'url is an RFC 2255 URL which specifies the LDAP - search parameters to use. The syntax of the URL is: ldap://host:port/basedn?attribute?scope?filter' - type: string - mappingMethod: - description: mappingMethod determines how identities from this - provider are mapped to users Defaults to "claim" - type: string - name: - description: 'name is used to qualify the identities returned - by this provider. - It MUST be unique and not shared by any - other identity provider used - It MUST be a valid path segment: - name cannot equal "." or ".." or contain "/" or "%" or ":" Ref: - https://godoc.org/github.com/openshift/origin/pkg/user/apis/user/validation#ValidateIdentityProviderName' - type: string - openID: - description: openID enables user authentication using OpenID credentials + login: + description: login is the name of a secret that specifies a go + template to use to render the login page. The key "login.html" + is used to locate the template data. If specified and the secret + or expected key is not found, the default login page is used. + If the specified template is not valid, the default login page + is used. If unspecified, the default login page is used. The + namespace for this secret is openshift-config. type: object + required: + - name properties: - ca: - description: ca is an optional reference to a config map by - name containing the PEM-encoded CA bundle. It is used as - a trust anchor to validate the TLS certificate presented - by the remote server. The key "ca.crt" is used to locate - the data. If specified and the config map or expected key - is not found, the identity provider is not honored. If the - specified ca data is not valid, the identity provider is - not honored. If empty, the default system roots are used. - The namespace for this config map is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - config map - type: string - claims: - description: claims mappings - type: object - properties: - email: - description: email is the list of claims whose values - should be used as the email address. Optional. If unspecified, - no email is set for the identity - type: array - items: - type: string - name: - description: name is the list of claims whose values should - be used as the display name. Optional. If unspecified, - no display name is set for the identity - type: array - items: - type: string - preferredUsername: - description: preferredUsername is the list of claims whose - values should be used as the preferred username. If - unspecified, the preferred username is determined from - the value of the sub claim - type: array - items: - type: string - clientID: - description: clientID is the oauth client ID + name: + description: name is the metadata.name of the referenced secret type: string - clientSecret: - description: clientSecret is a required reference to the secret - by name containing the oauth client secret. The key "clientSecret" - is used to locate the data. If the secret or expected key - is not found, the identity provider is not honored. The - namespace for this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - secret - type: string - extraAuthorizeParameters: - description: extraAuthorizeParameters are any custom parameters - to add to the authorize request. - type: object - additionalProperties: - type: string - extraScopes: - description: extraScopes are any scopes to request in addition - to the standard "openid" scope. - type: array - items: - type: string - issuer: - description: issuer is the URL that the OpenID Provider asserts - as its Issuer Identifier. It must use the https scheme with - no query or fragment component. - type: string - requestHeader: - description: requestHeader enables user authentication using request - header credentials + providerSelection: + description: providerSelection is the name of a secret that specifies + a go template to use to render the provider selection page. + The key "providers.html" is used to locate the template data. + If specified and the secret or expected key is not found, the + default provider selection page is used. If the specified template + is not valid, the default provider selection page is used. If + unspecified, the default provider selection page is used. The + namespace for this secret is openshift-config. type: object + required: + - name properties: - ca: - description: ca is a required reference to a config map by - name containing the PEM-encoded CA bundle. It is used as - a trust anchor to validate the TLS certificate presented - by the remote server. Specifically, it allows verification - of incoming requests to prevent header spoofing. The key - "ca.crt" is used to locate the data. If the config map or - expected key is not found, the identity provider is not - honored. If the specified ca data is not valid, the identity - provider is not honored. The namespace for this config map - is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced - config map - type: string - challengeURL: - description: challengeURL is a URL to redirect unauthenticated - /authorize requests to Unauthenticated requests from OAuth - clients which expect WWW-Authenticate challenges will be - redirected here. ${url} is replaced with the current URL, - escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} - ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} - Required when challenge is set to true. + name: + description: name is the metadata.name of the referenced secret type: string - clientCommonNames: - description: clientCommonNames is an optional list of common - names to require a match from. If empty, any client certificate - validated against the clientCA bundle is considered authoritative. - type: array - items: - type: string - emailHeaders: - description: emailHeaders is the set of headers to check for - the email address - type: array - items: - type: string - headers: - description: headers is the set of headers to check for identity - information - type: array - items: - type: string - loginURL: - description: loginURL is a URL to redirect unauthenticated - /authorize requests to Unauthenticated requests from OAuth - clients which expect interactive logins will be redirected - here ${url} is replaced with the current URL, escaped to - be safe in a query parameter https://www.example.com/sso-login?then=${url} - ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} - Required when login is set to true. - type: string - nameHeaders: - description: nameHeaders is the set of headers to check for - the display name - type: array - items: - type: string - preferredUsernameHeaders: - description: preferredUsernameHeaders is the set of headers - to check for the preferred username - type: array - items: - type: string - type: - description: type identifies the identity provider type for this - entry. + tokenConfig: + description: tokenConfig contains options for authorization and access + tokens + type: object + properties: + accessTokenInactivityTimeout: + description: accessTokenInactivityTimeout defines the token inactivity + timeout for tokens granted by any client. The value represents + the maximum amount of time that can occur between consecutive + uses of the token. Tokens become invalid if they are not used + within this temporal window. The user will need to acquire a + new token to regain access once a token times out. Takes valid + time duration string such as "5m", "1.5h" or "2h45m". The minimum + allowed value for duration is 300s (5 minutes). If the timeout + is configured per client, then that value takes precedence. + If the timeout value is not specified and the client does not + override the value, then tokens are valid until their lifetime. type: string - templates: - description: templates allow you to customize pages like the login page. - type: object - properties: - error: - description: error is the name of a secret that specifies a go template - to use to render error pages during the authentication or grant - flow. The key "errors.html" is used to locate the template data. - If specified and the secret or expected key is not found, the - default error page is used. If the specified template is not valid, - the default error page is used. If unspecified, the default error - page is used. The namespace for this secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced secret - type: string - login: - description: login is the name of a secret that specifies a go template - to use to render the login page. The key "login.html" is used - to locate the template data. If specified and the secret or expected - key is not found, the default login page is used. If the specified - template is not valid, the default login page is used. If unspecified, - the default login page is used. The namespace for this secret - is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced secret - type: string - providerSelection: - description: providerSelection is the name of a secret that specifies - a go template to use to render the provider selection page. The - key "providers.html" is used to locate the template data. If specified - and the secret or expected key is not found, the default provider - selection page is used. If the specified template is not valid, - the default provider selection page is used. If unspecified, the - default provider selection page is used. The namespace for this - secret is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced secret - type: string - tokenConfig: - description: tokenConfig contains options for authorization and access - tokens - type: object - properties: - accessTokenInactivityTimeout: - description: accessTokenInactivityTimeout defines the token inactivity - timeout for tokens granted by any client. The value represents - the maximum amount of time that can occur between consecutive - uses of the token. Tokens become invalid if they are not used - within this temporal window. The user will need to acquire a new - token to regain access once a token times out. Takes valid time - duration string such as "5m", "1.5h" or "2h45m". The minimum allowed - value for duration is 300s (5 minutes). If the timeout is configured - per client, then that value takes precedence. If the timeout value - is not specified and the client does not override the value, then - tokens are valid until their lifetime. - type: string - accessTokenInactivityTimeoutSeconds: - description: 'accessTokenInactivityTimeoutSeconds - DEPRECATED: - setting this field has no effect.' - type: integer - format: int32 - accessTokenMaxAgeSeconds: - description: accessTokenMaxAgeSeconds defines the maximum age of - access tokens - type: integer - format: int32 - status: - description: status holds observed values from the cluster. They may not - be overridden. - type: object + accessTokenInactivityTimeoutSeconds: + description: 'accessTokenInactivityTimeoutSeconds - DEPRECATED: + setting this field has no effect.' + type: integer + format: int32 + accessTokenMaxAgeSeconds: + description: accessTokenMaxAgeSeconds defines the maximum age + of access tokens + type: integer + format: int32 + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_project.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_project.crd.yaml index 37541aaed4a0..6de30407222e 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_project.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_project.crd.yaml @@ -1,65 +1,66 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: projects.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io scope: Cluster - preserveUnknownFields: false - versions: - - name: v1 - served: true - storage: true names: kind: Project listKind: ProjectList plural: projects singular: project - subresources: - status: {} - "validation": - "openAPIV3Schema": - description: Project holds cluster-wide information about Project. The canonical - name is `cluster` - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - type: object - properties: - projectRequestMessage: - description: projectRequestMessage is the string presented to a user - if they are unable to request a project via the projectrequest api - endpoint - type: string - projectRequestTemplate: - description: projectRequestTemplate is the template to use for creating - projects in response to projectrequest. This must point to a template - in 'openshift-config' namespace. It is optional. If it is not specified, - a default template is used. - type: object - properties: - name: - description: name is the metadata.name of the referenced project - request template - type: string - status: - description: status holds observed values from the cluster. They may not - be overridden. - type: object + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: Project holds cluster-wide information about Project. The canonical + name is `cluster` + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + projectRequestMessage: + description: projectRequestMessage is the string presented to a user + if they are unable to request a project via the projectrequest api + endpoint + type: string + projectRequestTemplate: + description: projectRequestTemplate is the template to use for creating + projects in response to projectrequest. This must point to a template + in 'openshift-config' namespace. It is optional. If it is not specified, + a default template is used. + type: object + properties: + name: + description: name is the metadata.name of the referenced project + request template + type: string + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler.crd.yaml index 9652bf1f0a70..ad35f6ed1492 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler.crd.yaml @@ -1,13 +1,14 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: schedulers.config.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io scope: Cluster - preserveUnknownFields: false names: kind: Scheduler singular: scheduler @@ -17,75 +18,90 @@ spec: - name: v1 served: true storage: true - subresources: - status: {} - "validation": - "openAPIV3Schema": - description: Scheduler holds cluster-wide config information to run the Kubernetes - Scheduler and influence its placement decisions. The canonical name for this - config is `cluster`. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - type: object - properties: - defaultNodeSelector: - description: 'defaultNodeSelector helps set the cluster-wide default - node selector to restrict pod placement to specific nodes. This is - applied to the pods created in all namespaces and creates an intersection - with any existing nodeSelectors already set on a pod, additionally - constraining that pod''s selector. For example, defaultNodeSelector: - "type=user-node,region=east" would set nodeSelector field in pod spec - to "type=user-node,region=east" to all pods created in all namespaces. - Namespaces having project-wide node selectors won''t be impacted even - if this field is set. This adds an annotation section to the namespace. - For example, if a new namespace is created with node-selector=''type=user-node,region=east'', - the annotation openshift.io/node-selector: type=user-node,region=east - gets added to the project. When the openshift.io/node-selector annotation - is set on the project the value is used in preference to the value - we are setting for defaultNodeSelector field. For instance, openshift.io/node-selector: - "type=user-node,region=west" means that the default of "type=user-node,region=east" - set in defaultNodeSelector would not be applied.' - type: string - mastersSchedulable: - description: 'MastersSchedulable allows masters nodes to be schedulable. - When this flag is turned on, all the master nodes in the cluster will - be made schedulable, so that workload pods can run on them. The default - value for this field is false, meaning none of the master nodes are - schedulable. Important Note: Once the workload pods start running - on the master nodes, extreme care must be taken to ensure that cluster-critical - control plane components are not impacted. Please turn on this field - after doing due diligence.' - type: boolean - policy: - description: policy is a reference to a ConfigMap containing scheduler - policy which has user specified predicates and priorities. If this - ConfigMap is not available scheduler will default to use DefaultAlgorithmProvider. - The namespace for this configmap is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - status: - description: status holds observed values from the cluster. They may not - be overridden. - type: object + subresources: + status: {} + schema: + openAPIV3Schema: + description: Scheduler holds cluster-wide config information to run the Kubernetes + Scheduler and influence its placement decisions. The canonical name for + this config is `cluster`. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + defaultNodeSelector: + description: 'defaultNodeSelector helps set the cluster-wide default + node selector to restrict pod placement to specific nodes. This + is applied to the pods created in all namespaces and creates an + intersection with any existing nodeSelectors already set on a pod, + additionally constraining that pod''s selector. For example, defaultNodeSelector: + "type=user-node,region=east" would set nodeSelector field in pod + spec to "type=user-node,region=east" to all pods created in all + namespaces. Namespaces having project-wide node selectors won''t + be impacted even if this field is set. This adds an annotation section + to the namespace. For example, if a new namespace is created with + node-selector=''type=user-node,region=east'', the annotation openshift.io/node-selector: + type=user-node,region=east gets added to the project. When the openshift.io/node-selector + annotation is set on the project the value is used in preference + to the value we are setting for defaultNodeSelector field. For instance, + openshift.io/node-selector: "type=user-node,region=west" means that + the default of "type=user-node,region=east" set in defaultNodeSelector + would not be applied.' + type: string + mastersSchedulable: + description: 'MastersSchedulable allows masters nodes to be schedulable. + When this flag is turned on, all the master nodes in the cluster + will be made schedulable, so that workload pods can run on them. + The default value for this field is false, meaning none of the master + nodes are schedulable. Important Note: Once the workload pods start + running on the master nodes, extreme care must be taken to ensure + that cluster-critical control plane components are not impacted. + Please turn on this field after doing due diligence.' + type: boolean + policy: + description: 'DEPRECATED: the scheduler Policy API has been deprecated + and will be removed in a future release. policy is a reference to + a ConfigMap containing scheduler policy which has user specified + predicates and priorities. If this ConfigMap is not available scheduler + will default to use DefaultAlgorithmProvider. The namespace for + this configmap is openshift-config.' + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + profile: + description: "profile sets which scheduling profile should be set + in order to configure scheduling decisions for new pods. \n Valid + values are \"LowNodeUtilization\", \"HighNodeUtilization\", \"NoScoring\" + Defaults to \"LowNodeUtilization\"" + type: string + default: LowNodeUtilization + enum: + - "" + - LowNodeUtilization + - HighNodeUtilization + - NoScoring + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object diff --git a/vendor/github.com/openshift/api/config/v1/types_authentication.go b/vendor/github.com/openshift/api/config/v1/types_authentication.go index 131af5a0ca96..0d1041bd5f56 100644 --- a/vendor/github.com/openshift/api/config/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/config/v1/types_authentication.go @@ -56,6 +56,12 @@ type AuthenticationSpec struct { // serviceAccountIssuer is the identifier of the bound service account token // issuer. // The default is https://kubernetes.default.svc + // WARNING: Updating this field will result in the invalidation of + // all bound tokens with the previous issuer value. Unless the + // holder of a bound token has explicit support for a change in + // issuer, they will not request a new bound token until pod + // restart or until their existing token exceeds 80% of its + // duration. // +optional ServiceAccountIssuer string `json:"serviceAccountIssuer"` } diff --git a/vendor/github.com/openshift/api/config/v1/types_image.go b/vendor/github.com/openshift/api/config/v1/types_image.go index 63d3d1379bce..8b762a5a694f 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image.go +++ b/vendor/github.com/openshift/api/config/v1/types_image.go @@ -112,4 +112,12 @@ type RegistrySources struct { // Only one of BlockedRegistries or AllowedRegistries may be set. // +optional AllowedRegistries []string `json:"allowedRegistries,omitempty"` + // containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified + // domains in their pull specs. Registries will be searched in the order provided in the list. + // Note: this search list only works with the container runtime, i.e CRI-O. Will NOT work with builds or imagestream imports. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:Format=hostname + // +listType=set + ContainerRuntimeSearchRegistries []string `json:"containerRuntimeSearchRegistries,omitempty"` } diff --git a/vendor/github.com/openshift/api/config/v1/types_scheduling.go b/vendor/github.com/openshift/api/config/v1/types_scheduling.go index c54bb49e981f..fad0659b3102 100644 --- a/vendor/github.com/openshift/api/config/v1/types_scheduling.go +++ b/vendor/github.com/openshift/api/config/v1/types_scheduling.go @@ -22,12 +22,21 @@ type Scheduler struct { } type SchedulerSpec struct { + // DEPRECATED: the scheduler Policy API has been deprecated and will be removed in a future release. // policy is a reference to a ConfigMap containing scheduler policy which has // user specified predicates and priorities. If this ConfigMap is not available // scheduler will default to use DefaultAlgorithmProvider. // The namespace for this configmap is openshift-config. // +optional - Policy ConfigMapNameReference `json:"policy"` + Policy ConfigMapNameReference `json:"policy,omitempty"` + // profile sets which scheduling profile should be set in order to configure scheduling + // decisions for new pods. + // + // Valid values are "LowNodeUtilization", "HighNodeUtilization", "NoScoring" + // Defaults to "LowNodeUtilization" + // +optional + // +kubebuilder:default=LowNodeUtilization + Profile SchedulerProfile `json:"profile"` // defaultNodeSelector helps set the cluster-wide default node selector to // restrict pod placement to specific nodes. This is applied to the pods // created in all namespaces and creates an intersection with any existing @@ -62,6 +71,23 @@ type SchedulerSpec struct { MastersSchedulable bool `json:"mastersSchedulable"` } +// +kubebuilder:validation:Enum="";LowNodeUtilization;HighNodeUtilization;NoScoring +type SchedulerProfile string + +var ( + // LowNodeUtililization is the default, and defines a scheduling profile which prefers to + // spread pods evenly among nodes targeting low resource consumption on each node. + LowNodeUtilization SchedulerProfile = "LowNodeUtilization" + + // HighNodeUtilization defines a scheduling profile which packs as many pods as possible onto + // as few nodes as possible targeting a small node count but high resource usage on each node. + HighNodeUtilization SchedulerProfile = "HighNodeUtilization" + + // NoScoring defines a scheduling profile which tries to provide lower-latency scheduling + // at the expense of potentially less optimal pod placement decisions. + NoScoring SchedulerProfile = "NoScoring" +) + type SchedulerStatus struct { } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 4a41d1b7f20d..6fa08676fa89 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -3287,6 +3287,11 @@ func (in *RegistrySources) DeepCopyInto(out *RegistrySources) { *out = make([]string, len(*in)) copy(*out, *in) } + if in.ContainerRuntimeSearchRegistries != nil { + in, out := &in.ContainerRuntimeSearchRegistries, &out.ContainerRuntimeSearchRegistries + *out = make([]string, len(*in)) + copy(*out, *in) + } return } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index f0e27b94c2a7..ea02878e9837 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -315,7 +315,7 @@ var map_AuthenticationSpec = map[string]string{ "oauthMetadata": "oauthMetadata contains the discovery endpoint data for OAuth 2.0 Authorization Server Metadata for an external OAuth server. This discovery document can be viewed from its served location: oc get --raw '/.well-known/oauth-authorization-server' For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 If oauthMetadata.name is non-empty, this value has precedence over any metadata reference stored in status. The key \"oauthMetadata\" is used to locate the data. If specified and the config map or expected key is not found, no metadata is served. If the specified metadata is not valid, no metadata is served. The namespace for this config map is openshift-config.", "webhookTokenAuthenticators": "webhookTokenAuthenticators is DEPRECATED, setting it has no effect.", "webhookTokenAuthenticator": "webhookTokenAuthenticator configures a remote token reviewer. These remote authentication webhooks can be used to verify bearer tokens via the tokenreviews.authentication.k8s.io REST API. This is required to honor bearer tokens that are provisioned by an external authentication service.", - "serviceAccountIssuer": "serviceAccountIssuer is the identifier of the bound service account token issuer. The default is https://kubernetes.default.svc", + "serviceAccountIssuer": "serviceAccountIssuer is the identifier of the bound service account token issuer. The default is https://kubernetes.default.svc WARNING: Updating this field will result in the invalidation of all bound tokens with the previous issuer value. Unless the holder of a bound token has explicit support for a change in issuer, they will not request a new bound token until pod restart or until their existing token exceeds 80% of its duration.", } func (AuthenticationSpec) SwaggerDoc() map[string]string { @@ -701,10 +701,11 @@ func (RegistryLocation) SwaggerDoc() map[string]string { } var map_RegistrySources = map[string]string{ - "": "RegistrySources holds cluster-wide information about how to handle the registries config.", - "insecureRegistries": "insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections.", - "blockedRegistries": "blockedRegistries cannot be used for image pull and push actions. All other registries are permitted.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", - "allowedRegistries": "allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", + "": "RegistrySources holds cluster-wide information about how to handle the registries config.", + "insecureRegistries": "insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections.", + "blockedRegistries": "blockedRegistries cannot be used for image pull and push actions. All other registries are permitted.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", + "allowedRegistries": "allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", + "containerRuntimeSearchRegistries": "containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified domains in their pull specs. Registries will be searched in the order provided in the list. Note: this search list only works with the container runtime, i.e CRI-O. Will NOT work with builds or imagestream imports.", } func (RegistrySources) SwaggerDoc() map[string]string { @@ -1404,7 +1405,8 @@ func (Scheduler) SwaggerDoc() map[string]string { } var map_SchedulerSpec = map[string]string{ - "policy": "policy is a reference to a ConfigMap containing scheduler policy which has user specified predicates and priorities. If this ConfigMap is not available scheduler will default to use DefaultAlgorithmProvider. The namespace for this configmap is openshift-config.", + "policy": "DEPRECATED: the scheduler Policy API has been deprecated and will be removed in a future release. policy is a reference to a ConfigMap containing scheduler policy which has user specified predicates and priorities. If this ConfigMap is not available scheduler will default to use DefaultAlgorithmProvider. The namespace for this configmap is openshift-config.", + "profile": "profile sets which scheduling profile should be set in order to configure scheduling decisions for new pods.\n\nValid values are \"LowNodeUtilization\", \"HighNodeUtilization\", \"NoScoring\" Defaults to \"LowNodeUtilization\"", "defaultNodeSelector": "defaultNodeSelector helps set the cluster-wide default node selector to restrict pod placement to specific nodes. This is applied to the pods created in all namespaces and creates an intersection with any existing nodeSelectors already set on a pod, additionally constraining that pod's selector. For example, defaultNodeSelector: \"type=user-node,region=east\" would set nodeSelector field in pod spec to \"type=user-node,region=east\" to all pods created in all namespaces. Namespaces having project-wide node selectors won't be impacted even if this field is set. This adds an annotation section to the namespace. For example, if a new namespace is created with node-selector='type=user-node,region=east', the annotation openshift.io/node-selector: type=user-node,region=east gets added to the project. When the openshift.io/node-selector annotation is set on the project the value is used in preference to the value we are setting for defaultNodeSelector field. For instance, openshift.io/node-selector: \"type=user-node,region=west\" means that the default of \"type=user-node,region=east\" set in defaultNodeSelector would not be applied.", "mastersSchedulable": "MastersSchedulable allows masters nodes to be schedulable. When this flag is turned on, all the master nodes in the cluster will be made schedulable, so that workload pods can run on them. The default value for this field is false, meaning none of the master nodes are schedulable. Important Note: Once the workload pods start running on the master nodes, extreme care must be taken to ensure that cluster-critical control plane components are not impacted. Please turn on this field after doing due diligence.", } diff --git a/vendor/github.com/openshift/api/console/v1/0000_10_consoleclidownload.crd.yaml b/vendor/github.com/openshift/api/console/v1/0000_10_consoleclidownload.crd.yaml index d5e36cb6f219..c94c6e8308e6 100644 --- a/vendor/github.com/openshift/api/console/v1/0000_10_consoleclidownload.crd.yaml +++ b/vendor/github.com/openshift/api/console/v1/0000_10_consoleclidownload.crd.yaml @@ -3,10 +3,12 @@ kind: CustomResourceDefinition metadata: name: consoleclidownloads.console.openshift.io annotations: - include.release.openshift.io/self-managed-high-availability: "true" - displayName: ConsoleCLIDownload description: Extension for configuring openshift web console command line interface (CLI) downloads. + displayName: ConsoleCLIDownload + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster preserveUnknownFields: false diff --git a/vendor/github.com/openshift/api/console/v1/0000_10_consoleexternalloglink.crd.yaml b/vendor/github.com/openshift/api/console/v1/0000_10_consoleexternalloglink.crd.yaml index 9a31cf92dd37..f19efbef043d 100644 --- a/vendor/github.com/openshift/api/console/v1/0000_10_consoleexternalloglink.crd.yaml +++ b/vendor/github.com/openshift/api/console/v1/0000_10_consoleexternalloglink.crd.yaml @@ -3,10 +3,12 @@ kind: CustomResourceDefinition metadata: name: consoleexternalloglinks.console.openshift.io annotations: - include.release.openshift.io/self-managed-high-availability: "true" - displayName: ConsoleExternalLogLinks description: ConsoleExternalLogLink is an extension for customizing OpenShift web console log links. + displayName: ConsoleExternalLogLinks + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster preserveUnknownFields: false diff --git a/vendor/github.com/openshift/api/console/v1/0000_10_consolelink.crd.yaml b/vendor/github.com/openshift/api/console/v1/0000_10_consolelink.crd.yaml index f62f541f6fbb..421ba7ae14ff 100644 --- a/vendor/github.com/openshift/api/console/v1/0000_10_consolelink.crd.yaml +++ b/vendor/github.com/openshift/api/console/v1/0000_10_consolelink.crd.yaml @@ -3,9 +3,11 @@ kind: CustomResourceDefinition metadata: name: consolelinks.console.openshift.io annotations: - include.release.openshift.io/self-managed-high-availability: "true" - displayName: ConsoleLinks description: Extension for customizing OpenShift web console links + displayName: ConsoleLinks + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster preserveUnknownFields: false diff --git a/vendor/github.com/openshift/api/console/v1/0000_10_consolenotification.crd.yaml b/vendor/github.com/openshift/api/console/v1/0000_10_consolenotification.crd.yaml index 8b5f62a9f002..cb3e9b7c75e1 100644 --- a/vendor/github.com/openshift/api/console/v1/0000_10_consolenotification.crd.yaml +++ b/vendor/github.com/openshift/api/console/v1/0000_10_consolenotification.crd.yaml @@ -3,9 +3,11 @@ kind: CustomResourceDefinition metadata: name: consolenotifications.console.openshift.io annotations: - include.release.openshift.io/self-managed-high-availability: "true" - displayName: ConsoleNotification description: Extension for configuring openshift web console notifications. + displayName: ConsoleNotification + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster preserveUnknownFields: false diff --git a/vendor/github.com/openshift/api/console/v1/0000_10_consolequickstart.crd.yaml b/vendor/github.com/openshift/api/console/v1/0000_10_consolequickstart.crd.yaml new file mode 100644 index 000000000000..24aef40791ef --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/0000_10_consolequickstart.crd.yaml @@ -0,0 +1,202 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: consolequickstarts.console.openshift.io + annotations: + description: Extension for guiding user through various workflows in the OpenShift + web console. + displayName: ConsoleQuickStart + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" +spec: + scope: Cluster + group: console.openshift.io + preserveUnknownFields: false + versions: + - name: v1 + served: true + storage: true + names: + plural: consolequickstarts + singular: consolequickstart + kind: ConsoleQuickStart + listKind: ConsoleQuickStartList + "validation": + "openAPIV3Schema": + description: ConsoleQuickStart is an extension for guiding user through various + workflows in the OpenShift web console. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsoleQuickStartSpec is the desired quick start configuration. + type: object + required: + - description + - displayName + - durationMinutes + - introduction + - tasks + properties: + accessReviewResources: + description: accessReviewResources contains a list of resources that + the user's access will be reviewed against in order for the user to + complete the Quick Start. The Quick Start will be hidden if any of + the access reviews fail. + type: array + items: + description: ResourceAttributes includes the authorization attributes + available for resource requests to the Authorizer interface + type: object + properties: + group: + description: Group is the API Group of the Resource. "*" means + all. + type: string + name: + description: Name is the name of the resource being requested + for a "get" or deleted for a "delete". "" (empty) means all. + type: string + namespace: + description: Namespace is the namespace of the action being requested. Currently, + there is no distinction between no namespace and all namespaces + "" (empty) is defaulted for LocalSubjectAccessReviews "" (empty) + is empty for cluster-scoped resources "" (empty) means "all" + for namespace scoped resources from a SubjectAccessReview or + SelfSubjectAccessReview + type: string + resource: + description: Resource is one of the existing resource types. "*" + means all. + type: string + subresource: + description: Subresource is one of the existing resource types. "" + means none. + type: string + verb: + description: 'Verb is a kubernetes resource API verb, like: get, + list, watch, create, update, delete, proxy. "*" means all.' + type: string + version: + description: Version is the API Version of the Resource. "*" + means all. + type: string + conclusion: + description: conclusion sums up the Quick Start and suggests the possible + next steps. (includes markdown) + type: string + description: + description: description is the description of the Quick Start. (includes + markdown) + type: string + maxLength: 256 + minLength: 1 + displayName: + description: displayName is the display name of the Quick Start. + type: string + minLength: 1 + durationMinutes: + description: durationMinutes describes approximately how many minutes + it will take to complete the Quick Start. + type: integer + minimum: 1 + icon: + description: icon is a base64 encoded image that will be displayed beside + the Quick Start display name. The icon should be an vector image for + easy scaling. The size of the icon should be 40x40. + type: string + introduction: + description: introduction describes the purpose of the Quick Start. + (includes markdown) + type: string + minLength: 1 + nextQuickStart: + description: nextQuickStart is a list of the following Quick Starts, + suggested for the user to try. + type: array + items: + type: string + prerequisites: + description: prerequisites contains all prerequisites that need to be + met before taking a Quick Start. (includes markdown) + type: array + items: + type: string + tags: + description: tags is a list of strings that describe the Quick Start. + type: array + items: + type: string + tasks: + description: tasks is the list of steps the user has to perform to complete + the Quick Start. + type: array + minItems: 1 + items: + description: ConsoleQuickStartTask is a single step in a Quick Start. + type: object + required: + - description + - title + properties: + description: + description: description describes the steps needed to complete + the task. (includes markdown) + type: string + minLength: 1 + review: + description: review contains instructions to validate the task + is complete. The user will select 'Yes' or 'No'. using a radio + button, which indicates whether the step was completed successfully. + type: object + required: + - failedTaskHelp + - instructions + properties: + failedTaskHelp: + description: failedTaskHelp contains suggestions for a failed + task review and is shown at the end of task. (includes markdown) + type: string + minLength: 1 + instructions: + description: instructions contains steps that user needs to + take in order to validate his work after going through a + task. (includes markdown) + type: string + minLength: 1 + summary: + description: summary contains information about the passed step. + type: object + required: + - failed + - success + properties: + failed: + description: failed briefly describes the unsuccessfully passed + task. (includes markdown) + type: string + maxLength: 128 + minLength: 1 + success: + description: success describes the succesfully passed task. + type: string + minLength: 1 + title: + description: title describes the task and is displayed as a step + heading. + type: string + minLength: 1 diff --git a/vendor/github.com/openshift/api/console/v1/0000_10_consoleyamlsample.crd.yaml b/vendor/github.com/openshift/api/console/v1/0000_10_consoleyamlsample.crd.yaml index e0e3796ea7ac..48eab01fffba 100644 --- a/vendor/github.com/openshift/api/console/v1/0000_10_consoleyamlsample.crd.yaml +++ b/vendor/github.com/openshift/api/console/v1/0000_10_consoleyamlsample.crd.yaml @@ -3,9 +3,11 @@ kind: CustomResourceDefinition metadata: name: consoleyamlsamples.console.openshift.io annotations: - include.release.openshift.io/self-managed-high-availability: "true" - displayName: ConsoleYAMLSample description: Extension for configuring openshift web console YAML samples. + displayName: ConsoleYAMLSample + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster group: console.openshift.io diff --git a/vendor/github.com/openshift/api/console/v1/register.go b/vendor/github.com/openshift/api/console/v1/register.go index 87e0c8ed7615..2b13fe7ecc7f 100644 --- a/vendor/github.com/openshift/api/console/v1/register.go +++ b/vendor/github.com/openshift/api/console/v1/register.go @@ -41,6 +41,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { &ConsoleExternalLogLinkList{}, &ConsoleYAMLSample{}, &ConsoleYAMLSampleList{}, + &ConsoleQuickStart{}, + &ConsoleQuickStartList{}, ) metav1.AddToGroupVersion(scheme, GroupVersion) return nil diff --git a/vendor/github.com/openshift/api/console/v1/types_console_quick_start.go b/vendor/github.com/openshift/api/console/v1/types_console_quick_start.go new file mode 100644 index 000000000000..5e24d790eb94 --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/types_console_quick_start.go @@ -0,0 +1,132 @@ +package v1 + +import ( + authorizationv1 "k8s.io/api/authorization/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ConsoleQuickStart is an extension for guiding user through various +// workflows in the OpenShift web console. +type ConsoleQuickStart struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // +kubebuilder:validation:Required + // +required + Spec ConsoleQuickStartSpec `json:"spec"` +} + +// ConsoleQuickStartSpec is the desired quick start configuration. +type ConsoleQuickStartSpec struct { + // displayName is the display name of the Quick Start. + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +required + DisplayName string `json:"displayName"` + // icon is a base64 encoded image that will be displayed beside the Quick Start display name. + // The icon should be an vector image for easy scaling. The size of the icon should be 40x40. + // +optional + Icon string `json:"icon,omitempty"` + // tags is a list of strings that describe the Quick Start. + // +optional + Tags []string `json:"tags,omitempty"` + // durationMinutes describes approximately how many minutes it will take to complete the Quick Start. + // +kubebuilder:validation:Required + // +kubebuilder:validation:Minimum=1 + // +required + DurationMinutes int `json:"durationMinutes"` + // description is the description of the Quick Start. (includes markdown) + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + // +required + Description string `json:"description"` + // prerequisites contains all prerequisites that need to be met before taking a Quick Start. (includes markdown) + // +optional + Prerequisites []string `json:"prerequisites,omitempty"` + // introduction describes the purpose of the Quick Start. (includes markdown) + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +required + Introduction string `json:"introduction"` + // tasks is the list of steps the user has to perform to complete the Quick Start. + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinItems=1 + // +required + Tasks []ConsoleQuickStartTask `json:"tasks"` + // conclusion sums up the Quick Start and suggests the possible next steps. (includes markdown) + // +optional + Conclusion string `json:"conclusion,omitempty"` + // nextQuickStart is a list of the following Quick Starts, suggested for the user to try. + // +optional + NextQuickStart []string `json:"nextQuickStart,omitempty"` + // accessReviewResources contains a list of resources that the user's access + // will be reviewed against in order for the user to complete the Quick Start. + // The Quick Start will be hidden if any of the access reviews fail. + // +optional + AccessReviewResources []authorizationv1.ResourceAttributes `json:"accessReviewResources,omitempty"` +} + +// ConsoleQuickStartTask is a single step in a Quick Start. +type ConsoleQuickStartTask struct { + // title describes the task and is displayed as a step heading. + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +required + Title string `json:"title"` + // description describes the steps needed to complete the task. (includes markdown) + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +required + Description string `json:"description"` + // review contains instructions to validate the task is complete. The user will select 'Yes' or 'No'. + // using a radio button, which indicates whether the step was completed successfully. + // +optional + Review *ConsoleQuickStartTaskReview `json:"review,omitempty"` + // summary contains information about the passed step. + // +optional + Summary *ConsoleQuickStartTaskSummary `json:"summary,omitempty"` +} + +// ConsoleQuickStartTaskReview contains instructions that validate a task was completed successfully. +type ConsoleQuickStartTaskReview struct { + // instructions contains steps that user needs to take in order + // to validate his work after going through a task. (includes markdown) + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +required + Instructions string `json:"instructions"` + // failedTaskHelp contains suggestions for a failed task review and is shown at the end of task. (includes markdown) + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +required + FailedTaskHelp string `json:"failedTaskHelp"` +} + +// ConsoleQuickStartTaskSummary contains information about a passed step. +type ConsoleQuickStartTaskSummary struct { + // success describes the succesfully passed task. + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +required + Success string `json:"success"` + // failed briefly describes the unsuccessfully passed task. (includes markdown) + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + // +required + Failed string `json:"failed"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type ConsoleQuickStartList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + + Items []ConsoleQuickStart `json:"items"` +} diff --git a/vendor/github.com/openshift/api/console/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/console/v1/zz_generated.deepcopy.go index 4e8d568ccfab..4308fad07527 100644 --- a/vendor/github.com/openshift/api/console/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/console/v1/zz_generated.deepcopy.go @@ -5,6 +5,7 @@ package v1 import ( + authorizationv1 "k8s.io/api/authorization/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -366,6 +367,167 @@ func (in *ConsoleNotificationSpec) DeepCopy() *ConsoleNotificationSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConsoleQuickStart) DeepCopyInto(out *ConsoleQuickStart) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleQuickStart. +func (in *ConsoleQuickStart) DeepCopy() *ConsoleQuickStart { + if in == nil { + return nil + } + out := new(ConsoleQuickStart) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ConsoleQuickStart) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConsoleQuickStartList) DeepCopyInto(out *ConsoleQuickStartList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ConsoleQuickStart, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleQuickStartList. +func (in *ConsoleQuickStartList) DeepCopy() *ConsoleQuickStartList { + if in == nil { + return nil + } + out := new(ConsoleQuickStartList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ConsoleQuickStartList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConsoleQuickStartSpec) DeepCopyInto(out *ConsoleQuickStartSpec) { + *out = *in + if in.Tags != nil { + in, out := &in.Tags, &out.Tags + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Prerequisites != nil { + in, out := &in.Prerequisites, &out.Prerequisites + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Tasks != nil { + in, out := &in.Tasks, &out.Tasks + *out = make([]ConsoleQuickStartTask, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.NextQuickStart != nil { + in, out := &in.NextQuickStart, &out.NextQuickStart + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AccessReviewResources != nil { + in, out := &in.AccessReviewResources, &out.AccessReviewResources + *out = make([]authorizationv1.ResourceAttributes, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleQuickStartSpec. +func (in *ConsoleQuickStartSpec) DeepCopy() *ConsoleQuickStartSpec { + if in == nil { + return nil + } + out := new(ConsoleQuickStartSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConsoleQuickStartTask) DeepCopyInto(out *ConsoleQuickStartTask) { + *out = *in + if in.Review != nil { + in, out := &in.Review, &out.Review + *out = new(ConsoleQuickStartTaskReview) + **out = **in + } + if in.Summary != nil { + in, out := &in.Summary, &out.Summary + *out = new(ConsoleQuickStartTaskSummary) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleQuickStartTask. +func (in *ConsoleQuickStartTask) DeepCopy() *ConsoleQuickStartTask { + if in == nil { + return nil + } + out := new(ConsoleQuickStartTask) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConsoleQuickStartTaskReview) DeepCopyInto(out *ConsoleQuickStartTaskReview) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleQuickStartTaskReview. +func (in *ConsoleQuickStartTaskReview) DeepCopy() *ConsoleQuickStartTaskReview { + if in == nil { + return nil + } + out := new(ConsoleQuickStartTaskReview) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConsoleQuickStartTaskSummary) DeepCopyInto(out *ConsoleQuickStartTaskSummary) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleQuickStartTaskSummary. +func (in *ConsoleQuickStartTaskSummary) DeepCopy() *ConsoleQuickStartTaskSummary { + if in == nil { + return nil + } + out := new(ConsoleQuickStartTaskSummary) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConsoleYAMLSample) DeepCopyInto(out *ConsoleYAMLSample) { *out = *in diff --git a/vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go index de5e35238017..9461b42baf9c 100644 --- a/vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go @@ -128,6 +128,65 @@ func (ConsoleNotificationSpec) SwaggerDoc() map[string]string { return map_ConsoleNotificationSpec } +var map_ConsoleQuickStart = map[string]string{ + "": "ConsoleQuickStart is an extension for guiding user through various workflows in the OpenShift web console.", +} + +func (ConsoleQuickStart) SwaggerDoc() map[string]string { + return map_ConsoleQuickStart +} + +var map_ConsoleQuickStartSpec = map[string]string{ + "": "ConsoleQuickStartSpec is the desired quick start configuration.", + "displayName": "displayName is the display name of the Quick Start.", + "icon": "icon is a base64 encoded image that will be displayed beside the Quick Start display name. The icon should be an vector image for easy scaling. The size of the icon should be 40x40.", + "tags": "tags is a list of strings that describe the Quick Start.", + "durationMinutes": "durationMinutes describes approximately how many minutes it will take to complete the Quick Start.", + "description": "description is the description of the Quick Start. (includes markdown)", + "prerequisites": "prerequisites contains all prerequisites that need to be met before taking a Quick Start. (includes markdown)", + "introduction": "introduction describes the purpose of the Quick Start. (includes markdown)", + "tasks": "tasks is the list of steps the user has to perform to complete the Quick Start.", + "conclusion": "conclusion sums up the Quick Start and suggests the possible next steps. (includes markdown)", + "nextQuickStart": "nextQuickStart is a list of the following Quick Starts, suggested for the user to try.", + "accessReviewResources": "accessReviewResources contains a list of resources that the user's access will be reviewed against in order for the user to complete the Quick Start. The Quick Start will be hidden if any of the access reviews fail.", +} + +func (ConsoleQuickStartSpec) SwaggerDoc() map[string]string { + return map_ConsoleQuickStartSpec +} + +var map_ConsoleQuickStartTask = map[string]string{ + "": "ConsoleQuickStartTask is a single step in a Quick Start.", + "title": "title describes the task and is displayed as a step heading.", + "description": "description describes the steps needed to complete the task. (includes markdown)", + "review": "review contains instructions to validate the task is complete. The user will select 'Yes' or 'No'. using a radio button, which indicates whether the step was completed successfully.", + "summary": "summary contains information about the passed step.", +} + +func (ConsoleQuickStartTask) SwaggerDoc() map[string]string { + return map_ConsoleQuickStartTask +} + +var map_ConsoleQuickStartTaskReview = map[string]string{ + "": "ConsoleQuickStartTaskReview contains instructions that validate a task was completed successfully.", + "instructions": "instructions contains steps that user needs to take in order to validate his work after going through a task. (includes markdown)", + "failedTaskHelp": "failedTaskHelp contains suggestions for a failed task review and is shown at the end of task. (includes markdown)", +} + +func (ConsoleQuickStartTaskReview) SwaggerDoc() map[string]string { + return map_ConsoleQuickStartTaskReview +} + +var map_ConsoleQuickStartTaskSummary = map[string]string{ + "": "ConsoleQuickStartTaskSummary contains information about a passed step.", + "success": "success describes the succesfully passed task.", + "failed": "failed briefly describes the unsuccessfully passed task. (includes markdown)", +} + +func (ConsoleQuickStartTaskSummary) SwaggerDoc() map[string]string { + return map_ConsoleQuickStartTaskSummary +} + var map_ConsoleYAMLSample = map[string]string{ "": "ConsoleYAMLSample is an extension for customizing OpenShift web console YAML samples.", } diff --git a/vendor/github.com/openshift/api/go.mod b/vendor/github.com/openshift/api/go.mod index cc20c653d7d4..9ca9642a67f7 100644 --- a/vendor/github.com/openshift/api/go.mod +++ b/vendor/github.com/openshift/api/go.mod @@ -7,8 +7,8 @@ require ( github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab github.com/spf13/pflag v1.0.5 golang.org/x/tools v0.0.0-20200616133436-c1934b75d054 - k8s.io/api v0.19.2 - k8s.io/apimachinery v0.19.2 - k8s.io/code-generator v0.19.2 - k8s.io/klog/v2 v2.2.0 + k8s.io/api v0.20.0 + k8s.io/apimachinery v0.20.0 + k8s.io/code-generator v0.20.0 + k8s.io/klog/v2 v2.4.0 ) diff --git a/vendor/github.com/openshift/api/go.sum b/vendor/github.com/openshift/api/go.sum index f6055166adaf..443a2c564f01 100644 --- a/vendor/github.com/openshift/api/go.sum +++ b/vendor/github.com/openshift/api/go.sum @@ -1,12 +1,11 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -28,25 +27,21 @@ github.com/go-logr/logr v0.1.0 h1:M1Tv3VzNlEHg6uyACnRdtrploV2P7wZqH8BoQMtz0cg= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0 h1:QvGt2nLcHH0WK9orKa+ppBPAxREcH364nPUedEpK0TY= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3 h1:gihV7YNZK1iK6Tgwwsxo2rJbD1GTbdm72325Bq8FI3w= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= github.com/go-openapi/jsonreference v0.19.3 h1:5cxNfTy0UVC3X8JL5ymxzyoUZmo8iZb+jeTWn7tUa8o= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/spec v0.19.3 h1:0XRyw8kguri6Yw4SxhsQA/atC88yqrk0+G4YhI2wabc= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -57,19 +52,23 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3 h1:JjCZWpVbqXDqFVmTfYWEVTMIYrL/NPdPSCHPJ0T/raM= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.2 h1:X2ev0eStA3AbceY54o37/0PQ/UWqKEiiO2dKL5OPaFM= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= @@ -86,11 +85,11 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.0 h1:aizVhC/NAAcKWb+5QsU1iNOZb4Yws5UO2I+aIprQITM= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -116,8 +115,8 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= -github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 h1:1wopBVtVdWnn03fZelqdXTqk7U7zPQCb+T4rbU9ZEoU= @@ -143,8 +142,8 @@ golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e h1:3G+cUijn7XD+S4eJFddp53Pv7+slrESplyjG25HgL+k= golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200707034311-ab3426394381 h1:VXak5I6aEWmAXeQjA+QSZzlgNrpq9mjcfDemuexIKsU= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -158,15 +157,16 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4 h1:5/PjkGUjvEU5Gl6BxmvKRPpqo2uNMv4rcHBMwzk/st8= -golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4 h1:0YWbFKbhXG/wIiuHDSKpS0Iy7FSA+u45VtBMfQcFTTc= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -174,12 +174,15 @@ golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200616133436-c1934b75d054 h1:HHeAlu5H9b71C+Fx0K+1dGgVFN1DM1/wz4aoGOA5qS8= golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= @@ -197,8 +200,8 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.0 h1:4MY060fB1DLGMB/7MBTLnwQUY6+F09GEiz6SsrNqyzM= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -212,25 +215,29 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.19.2 h1:q+/krnHWKsL7OBZg/rxnycsl9569Pud76UJ77MvKXms= -k8s.io/api v0.19.2/go.mod h1:IQpK0zFQ1xc5iNIQPqzgoOwuFugaYHK4iCknlAQP9nI= -k8s.io/apimachinery v0.19.2 h1:5Gy9vQpAGTKHPVOh5c4plE274X8D/6cuEiTO2zve7tc= -k8s.io/apimachinery v0.19.2/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= -k8s.io/code-generator v0.19.2 h1:7uaWJll6fyCPj2j3sfNN1AiY2gZU1VFN2dFR2uoxGWI= -k8s.io/code-generator v0.19.2/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= +k8s.io/api v0.20.0 h1:WwrYoZNM1W1aQEbyl8HNG+oWGzLpZQBlcerS9BQw9yI= +k8s.io/api v0.20.0/go.mod h1:HyLC5l5eoS/ygQYl1BXBgFzWNlkHiAuyNAbevIn+FKg= +k8s.io/apimachinery v0.20.0 h1:jjzbTJRXk0unNS71L7h3lxGDH/2HPxMPaQY+MjECKL8= +k8s.io/apimachinery v0.20.0/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= +k8s.io/code-generator v0.20.0 h1:c8JaABvEEZPDE8MICTOtveHX2axchl+EptM+o4OGvbg= +k8s.io/code-generator v0.20.0/go.mod h1:UsqdF+VX4PU2g46NC2JRs4gc+IfrctnwHb76RNbWHJg= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14 h1:t4L10Qfx/p7ASH3gXCdIUtPbbIuegCoUJf3TMSFekjw= -k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20201113003025-83324d819ded h1:JApXBKYyB7l9xx+DK7/+mFjC7A9Bt5A93FPvFD0HIFE= +k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.0.0 h1:Foj74zO6RbjjP4hBEKjnYtjjAhGg4jNynUdYF6fJrok= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0 h1:XRvcwJozkgZ1UQJmfMGpvRthQHOvihEhYtDfAaxMz/A= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6 h1:+WnxoVtG8TMiudHBSEtrVL1egv36TkkJm+bA8AxicmQ= -k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= -sigs.k8s.io/structured-merge-diff/v4 v4.0.1 h1:YXTMot5Qz/X1iBRJhAt+vI+HVttY0WkSqqhKxQ0xVbA= -sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +k8s.io/klog/v2 v2.4.0 h1:7+X0fUguPyrKEC4WjH8iGDg3laWgMo5tMnRTIGTTxGQ= +k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= +k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd h1:sOHNzJIkytDF6qadMNKhhDRpc6ODik8lVC6nOur7B2c= +k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2 h1:YHQV7Dajm86OuqnIR6zAelnDWBRjo+YhYV9PmGrh1s8= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= diff --git a/vendor/github.com/openshift/api/helm/v1beta1/0000_10-helm-chart-repository.crd.yaml b/vendor/github.com/openshift/api/helm/v1beta1/0000_10-helm-chart-repository.crd.yaml index 75af27ec29cd..21416cad7443 100644 --- a/vendor/github.com/openshift/api/helm/v1beta1/0000_10-helm-chart-repository.crd.yaml +++ b/vendor/github.com/openshift/api/helm/v1beta1/0000_10-helm-chart-repository.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: helmchartrepositories.helm.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster preserveUnknownFields: false @@ -87,6 +89,9 @@ spec: type: string maxLength: 2048 minLength: 1 + disabled: + description: If set to true, disable the repo usage in the cluster + type: boolean name: description: Optional associated human readable repository name, it can be used by UI for displaying purposes diff --git a/vendor/github.com/openshift/api/helm/v1beta1/types_helm.go b/vendor/github.com/openshift/api/helm/v1beta1/types_helm.go index 33613f65cf3e..6b22476e4ad3 100644 --- a/vendor/github.com/openshift/api/helm/v1beta1/types_helm.go +++ b/vendor/github.com/openshift/api/helm/v1beta1/types_helm.go @@ -36,6 +36,10 @@ type HelmChartRepositoryList struct { // Helm chart repository exposed within the cluster type HelmChartRepositorySpec struct { + // If set to true, disable the repo usage in the cluster + // +optional + Disabled bool `json:"disabled,omitempty"` + // Optional associated human readable repository name, it can be used by UI for displaying purposes // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=100 diff --git a/vendor/github.com/openshift/api/image/v1/generated.pb.go b/vendor/github.com/openshift/api/image/v1/generated.pb.go index 1a6b9e69fe8c..a599ff4e3618 100644 --- a/vendor/github.com/openshift/api/image/v1/generated.pb.go +++ b/vendor/github.com/openshift/api/image/v1/generated.pb.go @@ -787,10 +787,38 @@ func (m *RepositoryImportStatus) XXX_DiscardUnknown() { var xxx_messageInfo_RepositoryImportStatus proto.InternalMessageInfo +func (m *SecretList) Reset() { *m = SecretList{} } +func (*SecretList) ProtoMessage() {} +func (*SecretList) Descriptor() ([]byte, []int) { + return fileDescriptor_650a0b34f65fde60, []int{27} +} +func (m *SecretList) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *SecretList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil +} +func (m *SecretList) XXX_Merge(src proto.Message) { + xxx_messageInfo_SecretList.Merge(m, src) +} +func (m *SecretList) XXX_Size() int { + return m.Size() +} +func (m *SecretList) XXX_DiscardUnknown() { + xxx_messageInfo_SecretList.DiscardUnknown(m) +} + +var xxx_messageInfo_SecretList proto.InternalMessageInfo + func (m *SignatureCondition) Reset() { *m = SignatureCondition{} } func (*SignatureCondition) ProtoMessage() {} func (*SignatureCondition) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{27} + return fileDescriptor_650a0b34f65fde60, []int{28} } func (m *SignatureCondition) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -818,7 +846,7 @@ var xxx_messageInfo_SignatureCondition proto.InternalMessageInfo func (m *SignatureGenericEntity) Reset() { *m = SignatureGenericEntity{} } func (*SignatureGenericEntity) ProtoMessage() {} func (*SignatureGenericEntity) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{28} + return fileDescriptor_650a0b34f65fde60, []int{29} } func (m *SignatureGenericEntity) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -846,7 +874,7 @@ var xxx_messageInfo_SignatureGenericEntity proto.InternalMessageInfo func (m *SignatureIssuer) Reset() { *m = SignatureIssuer{} } func (*SignatureIssuer) ProtoMessage() {} func (*SignatureIssuer) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{29} + return fileDescriptor_650a0b34f65fde60, []int{30} } func (m *SignatureIssuer) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -874,7 +902,7 @@ var xxx_messageInfo_SignatureIssuer proto.InternalMessageInfo func (m *SignatureSubject) Reset() { *m = SignatureSubject{} } func (*SignatureSubject) ProtoMessage() {} func (*SignatureSubject) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{30} + return fileDescriptor_650a0b34f65fde60, []int{31} } func (m *SignatureSubject) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -902,7 +930,7 @@ var xxx_messageInfo_SignatureSubject proto.InternalMessageInfo func (m *TagEvent) Reset() { *m = TagEvent{} } func (*TagEvent) ProtoMessage() {} func (*TagEvent) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{31} + return fileDescriptor_650a0b34f65fde60, []int{32} } func (m *TagEvent) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -930,7 +958,7 @@ var xxx_messageInfo_TagEvent proto.InternalMessageInfo func (m *TagEventCondition) Reset() { *m = TagEventCondition{} } func (*TagEventCondition) ProtoMessage() {} func (*TagEventCondition) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{32} + return fileDescriptor_650a0b34f65fde60, []int{33} } func (m *TagEventCondition) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -958,7 +986,7 @@ var xxx_messageInfo_TagEventCondition proto.InternalMessageInfo func (m *TagImportPolicy) Reset() { *m = TagImportPolicy{} } func (*TagImportPolicy) ProtoMessage() {} func (*TagImportPolicy) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{33} + return fileDescriptor_650a0b34f65fde60, []int{34} } func (m *TagImportPolicy) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -986,7 +1014,7 @@ var xxx_messageInfo_TagImportPolicy proto.InternalMessageInfo func (m *TagReference) Reset() { *m = TagReference{} } func (*TagReference) ProtoMessage() {} func (*TagReference) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{34} + return fileDescriptor_650a0b34f65fde60, []int{35} } func (m *TagReference) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1014,7 +1042,7 @@ var xxx_messageInfo_TagReference proto.InternalMessageInfo func (m *TagReferencePolicy) Reset() { *m = TagReferencePolicy{} } func (*TagReferencePolicy) ProtoMessage() {} func (*TagReferencePolicy) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{35} + return fileDescriptor_650a0b34f65fde60, []int{36} } func (m *TagReferencePolicy) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1070,6 +1098,7 @@ func init() { proto.RegisterType((*NamedTagEventList)(nil), "github.com.openshift.api.image.v1.NamedTagEventList") proto.RegisterType((*RepositoryImportSpec)(nil), "github.com.openshift.api.image.v1.RepositoryImportSpec") proto.RegisterType((*RepositoryImportStatus)(nil), "github.com.openshift.api.image.v1.RepositoryImportStatus") + proto.RegisterType((*SecretList)(nil), "github.com.openshift.api.image.v1.SecretList") proto.RegisterType((*SignatureCondition)(nil), "github.com.openshift.api.image.v1.SignatureCondition") proto.RegisterType((*SignatureGenericEntity)(nil), "github.com.openshift.api.image.v1.SignatureGenericEntity") proto.RegisterType((*SignatureIssuer)(nil), "github.com.openshift.api.image.v1.SignatureIssuer") @@ -1087,164 +1116,165 @@ func init() { } var fileDescriptor_650a0b34f65fde60 = []byte{ - // 2502 bytes of a gzipped FileDescriptorProto + // 2527 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x5a, 0x4d, 0x6c, 0x1c, 0x49, - 0x15, 0x4e, 0xcf, 0x9f, 0xc7, 0xcf, 0x8e, 0x1d, 0x57, 0xe2, 0xdd, 0xd9, 0x49, 0xd6, 0xf6, 0x76, - 0x48, 0x14, 0x20, 0x3b, 0x83, 0x4d, 0x76, 0x71, 0x82, 0xc4, 0x6e, 0x26, 0x13, 0xa2, 0x01, 0x7b, - 0xe3, 0x2d, 0x0f, 0x11, 0x8a, 0x82, 0x44, 0xb9, 0xa7, 0xdc, 0x6e, 0x3c, 0xd3, 0x3d, 0x74, 0xf7, - 0x78, 0xd7, 0x11, 0x48, 0x1c, 0xd0, 0x6a, 0x0f, 0x1c, 0xe0, 0xc4, 0x61, 0x8f, 0x68, 0x85, 0x38, - 0x23, 0x10, 0x27, 0x2e, 0x80, 0x14, 0x71, 0x61, 0xb5, 0x5c, 0xf6, 0x82, 0xb5, 0x19, 0x38, 0x73, - 0xe3, 0xb2, 0x27, 0x54, 0xd5, 0xd5, 0xdd, 0xd5, 0x3d, 0x3d, 0x4e, 0xb7, 0x89, 0x07, 0xb8, 0x4d, - 0xd7, 0x7b, 0xef, 0x7b, 0xaf, 0xdf, 0xab, 0x7a, 0x3f, 0xd5, 0x03, 0xab, 0xba, 0xe1, 0xee, 0x0d, - 0x76, 0x6a, 0x9a, 0xd5, 0xab, 0x5b, 0x7d, 0x6a, 0x3a, 0x7b, 0xc6, 0xae, 0x5b, 0x27, 0x7d, 0xa3, - 0x6e, 0xf4, 0x88, 0x4e, 0xeb, 0x07, 0xab, 0x75, 0x9d, 0x9a, 0xd4, 0x26, 0x2e, 0xed, 0xd4, 0xfa, - 0xb6, 0xe5, 0x5a, 0xe8, 0x95, 0x50, 0xa4, 0x16, 0x88, 0xd4, 0x48, 0xdf, 0xa8, 0x71, 0x91, 0xda, - 0xc1, 0x6a, 0xf5, 0x55, 0x09, 0x55, 0xb7, 0x74, 0xab, 0xce, 0x25, 0x77, 0x06, 0xbb, 0xfc, 0x89, - 0x3f, 0xf0, 0x5f, 0x1e, 0x62, 0x55, 0xdd, 0x5f, 0x77, 0x6a, 0x86, 0xc5, 0xd5, 0x6a, 0x96, 0x9d, - 0xa4, 0xb5, 0x7a, 0x23, 0xe4, 0xe9, 0x11, 0x6d, 0xcf, 0x30, 0xa9, 0x7d, 0x58, 0xef, 0xef, 0xeb, - 0x6c, 0xc1, 0xa9, 0xf7, 0xa8, 0x4b, 0x92, 0xa4, 0xea, 0xe3, 0xa4, 0xec, 0x81, 0xe9, 0x1a, 0x3d, - 0x3a, 0x22, 0xf0, 0xfa, 0xb3, 0x04, 0x1c, 0x6d, 0x8f, 0xf6, 0x48, 0x5c, 0x4e, 0xfd, 0x58, 0x81, - 0x0b, 0x4d, 0x4b, 0xdb, 0xa7, 0x76, 0x8b, 0x39, 0x01, 0xd3, 0x5d, 0x6a, 0x53, 0x53, 0xa3, 0xe8, - 0x3a, 0x94, 0x6d, 0xaa, 0x1b, 0x8e, 0x6b, 0x1f, 0x56, 0x94, 0x15, 0xe5, 0xda, 0x74, 0xe3, 0xdc, - 0x93, 0xa3, 0xe5, 0x33, 0xc3, 0xa3, 0xe5, 0x32, 0x16, 0xeb, 0x38, 0xe0, 0x40, 0x75, 0x98, 0x36, - 0x49, 0x8f, 0x3a, 0x7d, 0xa2, 0xd1, 0x4a, 0x8e, 0xb3, 0x2f, 0x08, 0xf6, 0xe9, 0xb7, 0x7c, 0x02, - 0x0e, 0x79, 0xd0, 0x0a, 0x14, 0xd8, 0x43, 0x25, 0xcf, 0x79, 0x67, 0x05, 0x6f, 0x81, 0xf1, 0x62, - 0x4e, 0x41, 0x2f, 0x43, 0xde, 0x25, 0x7a, 0xa5, 0xc0, 0x19, 0x66, 0x04, 0x43, 0xbe, 0x4d, 0x74, - 0xcc, 0xd6, 0x51, 0x15, 0x72, 0x46, 0xb3, 0x52, 0xe4, 0x54, 0x10, 0xd4, 0x5c, 0xab, 0x89, 0x73, - 0x46, 0x53, 0xfd, 0xcb, 0x14, 0x14, 0xf9, 0xeb, 0xa0, 0xef, 0x42, 0x99, 0xb9, 0xb8, 0x43, 0x5c, - 0xc2, 0xdf, 0x62, 0x66, 0xed, 0x4b, 0x35, 0xcf, 0x53, 0x35, 0xd9, 0x53, 0xb5, 0xfe, 0xbe, 0xce, - 0x16, 0x9c, 0x1a, 0xe3, 0xae, 0x1d, 0xac, 0xd6, 0xee, 0xef, 0x7c, 0x8f, 0x6a, 0xee, 0x26, 0x75, - 0x49, 0x03, 0x09, 0x74, 0x08, 0xd7, 0x70, 0x80, 0x8a, 0xb6, 0xe0, 0x42, 0x27, 0xc1, 0x7f, 0xc2, - 0x09, 0x97, 0x84, 0x6c, 0xa2, 0x8f, 0x71, 0xa2, 0x24, 0xfa, 0x01, 0x9c, 0x97, 0xd6, 0x37, 0x7d, - 0xf3, 0xf3, 0xdc, 0xfc, 0x57, 0xc7, 0x9a, 0x2f, 0x02, 0x5d, 0xc3, 0xe4, 0x9d, 0xbb, 0xef, 0xba, - 0xd4, 0x74, 0x0c, 0xcb, 0x6c, 0x5c, 0x14, 0xfa, 0xcf, 0x37, 0x47, 0x11, 0x71, 0x92, 0x1a, 0xb4, - 0x03, 0xd5, 0x84, 0xe5, 0x07, 0xd4, 0x66, 0x78, 0x22, 0x1a, 0xaa, 0x40, 0xad, 0x36, 0xc7, 0x72, - 0xe2, 0x63, 0x50, 0xd0, 0x66, 0xf4, 0x0d, 0x89, 0x69, 0xec, 0x52, 0xc7, 0x15, 0xc1, 0x4c, 0x34, - 0x59, 0xb0, 0xe0, 0x24, 0x39, 0x74, 0x00, 0x0b, 0xd2, 0xf2, 0x06, 0x39, 0xa4, 0xb6, 0x53, 0x29, - 0xad, 0xe4, 0xb9, 0xbb, 0x9e, 0x79, 0xe8, 0x6b, 0xa1, 0x54, 0xe3, 0x25, 0xa1, 0x7b, 0xa1, 0x19, - 0xc7, 0xc3, 0xa3, 0x2a, 0x10, 0x05, 0x70, 0x0c, 0xdd, 0x24, 0xee, 0xc0, 0xa6, 0x4e, 0x65, 0x8a, - 0x2b, 0x5c, 0x4d, 0xab, 0x70, 0xdb, 0x97, 0x0c, 0xf7, 0x57, 0xb0, 0xe4, 0x60, 0x09, 0x18, 0xdd, - 0x87, 0x45, 0x49, 0x77, 0xc8, 0x54, 0x29, 0xaf, 0xe4, 0xaf, 0xcd, 0x36, 0x5e, 0x1a, 0x1e, 0x2d, - 0x2f, 0x36, 0x93, 0x18, 0x70, 0xb2, 0x1c, 0xda, 0x83, 0x4b, 0x09, 0x6e, 0xdc, 0xa4, 0x1d, 0x83, - 0xb4, 0x0f, 0xfb, 0xb4, 0x32, 0xcd, 0xe3, 0xf0, 0x39, 0x61, 0xd6, 0xa5, 0xe6, 0x31, 0xbc, 0xf8, - 0x58, 0x24, 0x74, 0x2f, 0x12, 0x99, 0x3b, 0x96, 0xb9, 0x6b, 0xe8, 0x15, 0xe0, 0xf0, 0x49, 0xae, - 0xf6, 0x18, 0xf0, 0xa8, 0x8c, 0xfa, 0x73, 0x05, 0xce, 0xf3, 0xe7, 0x46, 0xd7, 0xda, 0x09, 0x8e, - 0x8a, 0x83, 0xd6, 0x61, 0x96, 0xbb, 0x75, 0xd3, 0x70, 0x1c, 0xc3, 0xd4, 0xf9, 0x21, 0x29, 0x37, - 0x2e, 0x08, 0xec, 0xd9, 0x96, 0x44, 0xc3, 0x11, 0x4e, 0xa4, 0x42, 0xa9, 0xeb, 0xed, 0x14, 0x65, - 0x25, 0xcf, 0x72, 0xc8, 0xf0, 0x68, 0xb9, 0x24, 0x62, 0x2d, 0x28, 0x8c, 0x47, 0xf3, 0x6c, 0xf6, - 0x4e, 0x33, 0xe7, 0x11, 0x46, 0x0a, 0x8a, 0xfa, 0xa7, 0x3c, 0xcc, 0x73, 0x35, 0xad, 0x5e, 0xdf, - 0xb2, 0xdd, 0xed, 0x3e, 0xd5, 0xd0, 0x5d, 0x28, 0xec, 0xda, 0x56, 0x4f, 0x64, 0x9c, 0xcb, 0xd2, - 0x91, 0xad, 0xb1, 0x32, 0x11, 0xe6, 0x97, 0xe0, 0x4d, 0xc2, 0x0c, 0xf8, 0x75, 0xdb, 0xea, 0x61, - 0x2e, 0x8e, 0xde, 0x84, 0x9c, 0x6b, 0x71, 0xd5, 0x33, 0x6b, 0xd7, 0x92, 0x40, 0x36, 0x2c, 0x8d, - 0x74, 0xe3, 0x48, 0x25, 0x96, 0x08, 0xdb, 0x16, 0xce, 0xb9, 0x16, 0xea, 0x32, 0xf7, 0x30, 0xb3, - 0xb6, 0xac, 0xae, 0xa1, 0x1d, 0x8a, 0x1c, 0xb2, 0x96, 0x62, 0x8f, 0xb6, 0x89, 0xde, 0x92, 0x24, - 0x65, 0x97, 0x86, 0xab, 0x38, 0x82, 0x8e, 0xde, 0x85, 0x79, 0xdb, 0x37, 0x43, 0x28, 0x2c, 0x72, - 0x85, 0xaf, 0xa5, 0x53, 0x88, 0xa3, 0xc2, 0x8d, 0x17, 0x85, 0xce, 0xf9, 0x18, 0x01, 0xc7, 0xd5, - 0xa0, 0xdb, 0x30, 0x6f, 0x98, 0x5a, 0x77, 0xd0, 0x09, 0x93, 0x49, 0x81, 0xef, 0x84, 0x00, 0xa2, - 0x15, 0x25, 0xe3, 0x38, 0xbf, 0xfa, 0x57, 0x05, 0x16, 0xe4, 0x38, 0xba, 0xc4, 0x1d, 0x38, 0xa8, - 0x0d, 0x25, 0x87, 0xff, 0x12, 0xb1, 0xbc, 0x9e, 0xae, 0x7a, 0x78, 0xd2, 0x8d, 0x39, 0xa1, 0xbd, - 0xe4, 0x3d, 0x63, 0x81, 0x85, 0x5a, 0x50, 0xe4, 0xef, 0x1d, 0xc4, 0x36, 0x65, 0xce, 0x68, 0x4c, - 0x0f, 0x8f, 0x96, 0xbd, 0xca, 0x86, 0x3d, 0x04, 0xbf, 0x4a, 0xe6, 0x93, 0xab, 0xa4, 0xfa, 0x9e, - 0x02, 0x10, 0xa6, 0xac, 0xa0, 0xea, 0x2a, 0x63, 0xab, 0xee, 0x15, 0x28, 0x38, 0xc6, 0x63, 0xcf, - 0xb2, 0x7c, 0x58, 0xc3, 0xb9, 0xf8, 0xb6, 0xf1, 0x98, 0x62, 0x4e, 0x66, 0xf5, 0xbe, 0x17, 0xe4, - 0x8b, 0x7c, 0xb4, 0xde, 0x87, 0xc9, 0x21, 0xe4, 0x51, 0x3b, 0x30, 0x17, 0xda, 0xd1, 0x64, 0x85, - 0xe6, 0x15, 0xa1, 0x49, 0xe1, 0x9a, 0xce, 0x3e, 0x53, 0x4b, 0x2e, 0x85, 0x96, 0xdf, 0x29, 0x30, - 0xed, 0xa9, 0x31, 0x1c, 0x17, 0x3d, 0x1a, 0x29, 0xfe, 0xb5, 0x74, 0xe1, 0x63, 0xd2, 0xbc, 0xf4, - 0x07, 0x2d, 0x8f, 0xbf, 0x22, 0x15, 0xfe, 0x4d, 0x28, 0x1a, 0x2e, 0xed, 0x39, 0x95, 0x1c, 0x4f, - 0xfc, 0xe9, 0x83, 0x78, 0x56, 0x80, 0x16, 0x5b, 0x4c, 0x1c, 0x7b, 0x28, 0xea, 0xba, 0xd8, 0x7e, - 0x1b, 0x96, 0xb5, 0x3f, 0xe8, 0x8b, 0x7d, 0x7d, 0x19, 0x8a, 0x5d, 0x76, 0xc6, 0x45, 0x5e, 0x0b, - 0x24, 0xf9, 0xc1, 0xc7, 0x1e, 0x4d, 0xfd, 0x75, 0x49, 0xf8, 0x36, 0x48, 0xf1, 0x13, 0x68, 0x7b, - 0x56, 0xa0, 0xe0, 0x86, 0x51, 0x09, 0x76, 0x12, 0x0f, 0x08, 0xa7, 0xa0, 0x2b, 0x30, 0xa5, 0x59, - 0xa6, 0x4b, 0x4d, 0x97, 0x5b, 0x3f, 0xdb, 0x98, 0x19, 0x1e, 0x2d, 0x4f, 0xdd, 0xf1, 0x96, 0xb0, - 0x4f, 0x43, 0x06, 0x80, 0x66, 0x99, 0x1d, 0xc3, 0x35, 0x2c, 0xd3, 0xa9, 0x14, 0xb8, 0x2f, 0xd3, - 0xe4, 0x8b, 0xe0, 0x65, 0xef, 0xf8, 0xd2, 0xa1, 0xc5, 0xc1, 0x92, 0x83, 0x25, 0x70, 0xf4, 0x55, - 0x38, 0xcb, 0xc5, 0x5b, 0x1d, 0x6a, 0xba, 0x86, 0x7b, 0x28, 0x1a, 0x8e, 0x45, 0x21, 0x76, 0xb6, - 0x25, 0x13, 0x71, 0x94, 0x17, 0xfd, 0x10, 0x66, 0x59, 0x4d, 0xa6, 0x9d, 0x3b, 0x5d, 0x62, 0xf4, - 0xfc, 0xfe, 0xe2, 0x4e, 0xe6, 0x72, 0xcf, 0x0d, 0xf7, 0x51, 0xee, 0x9a, 0xae, 0x2d, 0xe5, 0x56, - 0x99, 0x84, 0x23, 0xea, 0xd0, 0xdb, 0x30, 0xa5, 0xd9, 0x94, 0x35, 0xee, 0x95, 0x29, 0x1e, 0xd0, - 0x2f, 0xa4, 0x0b, 0x68, 0xdb, 0xe8, 0x51, 0xe1, 0x79, 0x4f, 0x1c, 0xfb, 0x38, 0xec, 0x78, 0x18, - 0x8e, 0x33, 0xa0, 0x9d, 0xc6, 0x61, 0xa5, 0x9c, 0xba, 0x30, 0x04, 0x2f, 0xd2, 0x62, 0xb2, 0x76, - 0x63, 0x96, 0x1d, 0x8f, 0x96, 0xc0, 0xc1, 0x01, 0x22, 0xfa, 0x8e, 0x8f, 0xde, 0xb6, 0x78, 0x43, - 0x31, 0xb3, 0xf6, 0xe5, 0x2c, 0xe8, 0xdb, 0x03, 0xbe, 0xeb, 0x64, 0xf8, 0xb6, 0x85, 0x03, 0xc8, - 0xea, 0x1b, 0xb0, 0x30, 0xe2, 0x48, 0x74, 0x0e, 0xf2, 0xfb, 0x54, 0x8c, 0x2b, 0x98, 0xfd, 0x44, - 0x17, 0xa0, 0x78, 0x40, 0xba, 0x03, 0xb1, 0x4f, 0xb1, 0xf7, 0x70, 0x2b, 0xb7, 0xae, 0xa8, 0xbf, - 0xc8, 0xc1, 0x8c, 0x17, 0x19, 0xd7, 0xa6, 0xa4, 0x37, 0x81, 0x23, 0xd3, 0x86, 0x82, 0xd3, 0xa7, - 0x9a, 0x48, 0xfa, 0x6b, 0xa9, 0x77, 0x0e, 0xb7, 0x8f, 0xf5, 0x15, 0xe1, 0x31, 0x63, 0x4f, 0x98, - 0xa3, 0xa1, 0x47, 0x41, 0x85, 0xf2, 0x8a, 0xfb, 0x8d, 0x8c, 0xb8, 0xc7, 0x56, 0x2a, 0xf5, 0x0f, - 0x0a, 0x9c, 0x93, 0xb8, 0x27, 0x35, 0x54, 0x6d, 0x9e, 0xb4, 0x40, 0x86, 0xb9, 0x55, 0x2a, 0x92, - 0xea, 0x6f, 0x72, 0x22, 0xb9, 0xfa, 0x6f, 0xc1, 0x2a, 0xfc, 0x04, 0x5e, 0xe3, 0x61, 0x24, 0xe2, - 0xeb, 0xd9, 0x22, 0x13, 0xf6, 0x93, 0x89, 0x71, 0xdf, 0x89, 0xc5, 0xfd, 0xd6, 0x89, 0xd0, 0x8f, - 0x8f, 0xfe, 0x8f, 0x73, 0xb0, 0x98, 0x68, 0x11, 0xba, 0x0a, 0x25, 0xaf, 0xf5, 0xe3, 0x9e, 0x2b, - 0x87, 0x08, 0x1e, 0x0f, 0x16, 0x54, 0xa4, 0x03, 0xd8, 0xb4, 0x6f, 0x39, 0x86, 0x6b, 0xd9, 0x87, - 0xc2, 0x0f, 0x5f, 0x49, 0x61, 0x29, 0x0e, 0x84, 0x24, 0x37, 0xcc, 0x31, 0x47, 0x87, 0x14, 0x2c, - 0x41, 0xa3, 0x87, 0xcc, 0x20, 0xa2, 0x53, 0xe6, 0x8e, 0x7c, 0x96, 0xe3, 0x25, 0xe3, 0x87, 0x2f, - 0xc1, 0x90, 0xb0, 0x40, 0x54, 0x7f, 0x9b, 0x83, 0x17, 0xc7, 0xb8, 0x0e, 0xe1, 0x88, 0x23, 0x58, - 0x87, 0x91, 0x29, 0x0c, 0xde, 0x48, 0x11, 0x73, 0x9a, 0x91, 0xe0, 0xb4, 0x9b, 0x27, 0x71, 0x9a, - 0x88, 0xee, 0x31, 0x6e, 0x7b, 0x14, 0x73, 0xdb, 0x8d, 0x8c, 0x6e, 0x8b, 0xed, 0x9f, 0x98, 0xe3, - 0x3e, 0x2c, 0x44, 0xce, 0x9d, 0x18, 0x9b, 0x4f, 0xff, 0xdc, 0x75, 0xa0, 0xb8, 0xd3, 0xb5, 0x76, - 0xfc, 0xd6, 0xec, 0x8d, 0x6c, 0x31, 0xf1, 0xcc, 0xac, 0xb1, 0x49, 0x53, 0x14, 0xe8, 0x20, 0xab, - 0xf0, 0x35, 0xec, 0x81, 0xa3, 0xbd, 0x98, 0xef, 0xde, 0x3c, 0x91, 0x1a, 0xcf, 0x65, 0x9e, 0x9e, - 0x31, 0x7e, 0xac, 0xee, 0x03, 0x84, 0xd6, 0x24, 0x54, 0xb9, 0x7b, 0x72, 0x95, 0xcb, 0x70, 0x07, - 0x11, 0x34, 0xe3, 0x52, 0x61, 0xac, 0x7e, 0x5f, 0xd4, 0xc5, 0xb1, 0xda, 0x36, 0xa2, 0xda, 0x5e, - 0x4f, 0x9d, 0x9c, 0x23, 0xa3, 0xbb, 0x5c, 0x8b, 0xff, 0xa8, 0x88, 0x19, 0x5a, 0x78, 0xe6, 0xf4, - 0x9b, 0xf7, 0xed, 0x68, 0xf3, 0x9e, 0xf5, 0xd4, 0x26, 0xb7, 0xf0, 0xff, 0x50, 0x00, 0x49, 0x5c, - 0x9b, 0xa4, 0xdf, 0x37, 0x4c, 0xfd, 0xff, 0xae, 0x5c, 0x3e, 0x6b, 0xa6, 0xfc, 0x55, 0x2e, 0x12, - 0x2d, 0x5e, 0x0f, 0x4c, 0x98, 0xed, 0x4a, 0x83, 0x4b, 0xd6, 0x5e, 0x44, 0x1e, 0x7a, 0xc2, 0x76, - 0x58, 0x5e, 0xc5, 0x11, 0x7c, 0xb4, 0x1d, 0xb9, 0x13, 0x0b, 0x93, 0x9b, 0x98, 0x6c, 0x5f, 0x16, - 0x10, 0x8b, 0xcd, 0x24, 0x26, 0x9c, 0x2c, 0x8b, 0xde, 0x86, 0x82, 0x4b, 0x74, 0x7f, 0x4f, 0xd4, - 0x33, 0x5e, 0x5a, 0x48, 0x43, 0x10, 0xd1, 0x1d, 0xcc, 0xa1, 0xd4, 0x5f, 0x46, 0x3b, 0x0f, 0x51, - 0x34, 0x4e, 0xc5, 0x7a, 0x0a, 0x17, 0xfb, 0x83, 0x9d, 0xae, 0xa1, 0x25, 0x4a, 0x89, 0x68, 0x5e, - 0x16, 0xd0, 0x17, 0xb7, 0xc6, 0xb3, 0xe2, 0xe3, 0x70, 0xd0, 0x83, 0x88, 0x93, 0xd2, 0x44, 0xf8, - 0x2d, 0xd2, 0xa3, 0x9d, 0x36, 0xd1, 0xef, 0x1e, 0x50, 0xd3, 0x65, 0x67, 0x31, 0xd1, 0x53, 0x1f, - 0x14, 0xfc, 0x29, 0x96, 0x7b, 0xaa, 0x4d, 0x26, 0x71, 0x70, 0xbe, 0xe1, 0xed, 0x74, 0xef, 0xd8, - 0x64, 0x0e, 0xf8, 0x54, 0xe4, 0x83, 0xc4, 0x1a, 0x80, 0xf8, 0xb8, 0x62, 0x58, 0x26, 0x77, 0x77, - 0x3e, 0xd4, 0x7e, 0x2f, 0xa0, 0x60, 0x89, 0x6b, 0xe4, 0xd8, 0x94, 0x4e, 0xf9, 0xd8, 0xec, 0x25, - 0x0c, 0xdb, 0x37, 0xd2, 0xbd, 0x36, 0x8f, 0x5e, 0xfa, 0x59, 0x3b, 0x48, 0x49, 0xc5, 0xe7, 0xd2, - 0xc1, 0xff, 0x39, 0x9a, 0x5a, 0xdb, 0x44, 0x9f, 0x40, 0x91, 0x78, 0x10, 0x2d, 0x12, 0xab, 0xd9, - 0x8a, 0x44, 0x9b, 0xe8, 0x63, 0xea, 0xc4, 0xa7, 0x39, 0x28, 0x73, 0xc6, 0xc9, 0x6c, 0xf2, 0xcd, - 0xc8, 0x14, 0x92, 0x79, 0x97, 0x97, 0x63, 0x83, 0xc7, 0xb7, 0x4f, 0x30, 0x70, 0x8e, 0xa6, 0x00, - 0x38, 0xee, 0x5a, 0xb4, 0xf0, 0x9f, 0x5e, 0x8b, 0xaa, 0xbf, 0x57, 0x60, 0xd6, 0x77, 0xf1, 0x04, - 0x76, 0xca, 0x56, 0x74, 0xa7, 0x7c, 0x31, 0xad, 0xe5, 0xe3, 0xf7, 0xc8, 0x3f, 0x15, 0x58, 0x18, - 0xf1, 0x9a, 0x5f, 0x99, 0x95, 0x31, 0xdf, 0x44, 0x4f, 0x60, 0x86, 0x0f, 0x9f, 0x6c, 0x46, 0x2c, - 0x61, 0xe4, 0x4f, 0x2f, 0x61, 0xa8, 0xef, 0xe7, 0xe1, 0x42, 0xd2, 0xd4, 0xf7, 0xbc, 0x3e, 0xa6, - 0xc4, 0x3f, 0x85, 0xe4, 0x26, 0xfd, 0x29, 0xa4, 0xf0, 0x5f, 0xfb, 0x14, 0x92, 0xcf, 0xf8, 0x29, - 0xe4, 0xfd, 0x1c, 0xbc, 0x90, 0x3c, 0x4b, 0x9e, 0xd2, 0xf7, 0x90, 0x70, 0x0a, 0xcd, 0x3d, 0xff, - 0x29, 0x14, 0xdd, 0x82, 0x39, 0xd2, 0xf1, 0xb6, 0x19, 0xe9, 0xb2, 0x8e, 0x83, 0xef, 0xe3, 0xe9, - 0x06, 0x1a, 0x1e, 0x2d, 0xcf, 0xdd, 0x8e, 0x50, 0x70, 0x8c, 0x53, 0xfd, 0x38, 0x0f, 0x68, 0xf4, - 0xa6, 0x19, 0xdd, 0x12, 0xb7, 0xdf, 0xde, 0x41, 0xbc, 0x2a, 0xdf, 0x7e, 0x7f, 0x76, 0xb4, 0xfc, - 0xc2, 0xa8, 0x84, 0x74, 0x2f, 0xbe, 0x11, 0xb8, 0xd0, 0xbb, 0x3b, 0xbf, 0x11, 0x75, 0xca, 0x67, - 0x47, 0xcb, 0x09, 0x7f, 0x2b, 0xa9, 0x05, 0x48, 0x31, 0xd7, 0xe9, 0x70, 0xb6, 0x4b, 0x1c, 0x77, - 0xcb, 0xb6, 0x76, 0x68, 0xdb, 0x10, 0x7f, 0xa8, 0xc8, 0x76, 0x3b, 0x1c, 0xdc, 0x7f, 0x6f, 0xc8, - 0x40, 0x38, 0x8a, 0x8b, 0x0e, 0x00, 0xb1, 0x85, 0xb6, 0x4d, 0x4c, 0xc7, 0x7b, 0x25, 0xa6, 0xad, - 0x90, 0x59, 0x5b, 0x55, 0x68, 0x43, 0x1b, 0x23, 0x68, 0x38, 0x41, 0x03, 0xba, 0x0a, 0x25, 0x9b, - 0x12, 0xc7, 0x32, 0xc5, 0x6d, 0x7d, 0x10, 0x65, 0xcc, 0x57, 0xb1, 0xa0, 0xa2, 0xcf, 0xc3, 0x54, - 0x8f, 0x3a, 0x0e, 0x2b, 0x1f, 0x25, 0xce, 0x38, 0x2f, 0x18, 0xa7, 0x36, 0xbd, 0x65, 0xec, 0xd3, - 0xd5, 0xf7, 0x14, 0x08, 0x43, 0xc4, 0x3b, 0x33, 0x43, 0xbb, 0xeb, 0xdd, 0xf2, 0xaf, 0xc3, 0xac, - 0x65, 0xeb, 0xc4, 0x34, 0x1e, 0x7b, 0x6d, 0x9c, 0x17, 0xe0, 0xe0, 0xc4, 0xdf, 0x97, 0x68, 0x38, - 0xc2, 0xc9, 0xda, 0x3f, 0xcd, 0xea, 0xf5, 0x2c, 0x93, 0x65, 0x6d, 0x11, 0x5a, 0x29, 0xe7, 0xf9, - 0x14, 0x2c, 0x71, 0xa9, 0x1f, 0x2a, 0x30, 0x1f, 0xbb, 0x4f, 0x47, 0x3f, 0x53, 0xe0, 0x05, 0x27, - 0xd1, 0x38, 0x71, 0xe4, 0x6e, 0x66, 0xb9, 0x46, 0x8f, 0x00, 0x34, 0x96, 0x84, 0x3d, 0x63, 0xde, - 0x1e, 0x8f, 0x51, 0xac, 0xfe, 0x4d, 0x81, 0x73, 0xf1, 0x9b, 0xf9, 0xff, 0x45, 0x43, 0xd1, 0x6b, - 0x30, 0xe3, 0xcd, 0x2e, 0xdf, 0xa4, 0x87, 0xad, 0xa6, 0x88, 0xc2, 0x79, 0x01, 0x36, 0xb3, 0x15, - 0x92, 0xb0, 0xcc, 0xa7, 0xfe, 0x24, 0x07, 0x65, 0xbf, 0x62, 0xa1, 0x6f, 0x85, 0x5f, 0x5a, 0x94, - 0xcc, 0xbb, 0x3b, 0xd8, 0x74, 0x23, 0x5f, 0x5b, 0x9e, 0xff, 0xff, 0x84, 0x2e, 0xfb, 0xed, 0x92, - 0x37, 0xda, 0x25, 0xcf, 0xf2, 0xd1, 0xa9, 0xa4, 0x90, 0x66, 0x2a, 0x51, 0x3f, 0xc8, 0xc3, 0xc2, - 0x48, 0x01, 0x47, 0x37, 0x23, 0x39, 0xef, 0x4a, 0x2c, 0xe7, 0x2d, 0x8e, 0x08, 0x9c, 0x5a, 0xca, - 0x4b, 0xce, 0x44, 0xf9, 0x09, 0x66, 0xa2, 0x42, 0xda, 0x4c, 0x54, 0x3c, 0x3e, 0x13, 0xc5, 0xa2, - 0x53, 0x4a, 0x15, 0x9d, 0x3e, 0xcc, 0xc7, 0x3a, 0x12, 0x74, 0x1d, 0xca, 0x86, 0xe9, 0x50, 0x6d, - 0x60, 0x53, 0x71, 0x1f, 0x1f, 0x34, 0xab, 0x2d, 0xb1, 0x8e, 0x03, 0x0e, 0x54, 0x87, 0x69, 0x47, - 0xdb, 0xa3, 0x9d, 0x41, 0x97, 0x76, 0x78, 0x40, 0xca, 0xe1, 0x57, 0xf5, 0x6d, 0x9f, 0x80, 0x43, - 0x1e, 0xf5, 0x5f, 0x05, 0x98, 0x95, 0x7b, 0x92, 0x14, 0x7f, 0x23, 0x78, 0x07, 0x66, 0x88, 0x69, - 0x5a, 0x2e, 0xf1, 0x1a, 0xc7, 0x5c, 0xea, 0x0b, 0x52, 0x59, 0x4f, 0xed, 0x76, 0x08, 0xe1, 0x5d, - 0x90, 0x06, 0x47, 0x59, 0xa2, 0x60, 0x59, 0x13, 0xba, 0x2d, 0xba, 0xc5, 0x7c, 0xfa, 0x6e, 0xb1, - 0x1c, 0xeb, 0x14, 0xeb, 0x30, 0x1d, 0x34, 0x55, 0xe2, 0x6f, 0x24, 0x81, 0x7f, 0xc2, 0x33, 0x19, - 0xf2, 0xa0, 0x5a, 0x24, 0x8a, 0x45, 0x1e, 0xc5, 0xb9, 0x63, 0xa6, 0xfe, 0x78, 0x2b, 0x5a, 0x9a, - 0x74, 0x2b, 0x3a, 0x35, 0x91, 0x56, 0xb4, 0xfa, 0x35, 0x38, 0x17, 0x8f, 0x60, 0xa6, 0x4f, 0xb4, - 0x5b, 0x80, 0x46, 0xf5, 0x3f, 0xab, 0xf7, 0x1a, 0x95, 0x08, 0x13, 0x51, 0xe3, 0xda, 0x93, 0xa7, - 0x4b, 0x67, 0x3e, 0x7a, 0xba, 0x74, 0xe6, 0x93, 0xa7, 0x4b, 0x67, 0x7e, 0x34, 0x5c, 0x52, 0x9e, - 0x0c, 0x97, 0x94, 0x8f, 0x86, 0x4b, 0xca, 0x27, 0xc3, 0x25, 0xe5, 0xd3, 0xe1, 0x92, 0xf2, 0xd3, - 0xbf, 0x2f, 0x9d, 0x79, 0x98, 0x3b, 0x58, 0xfd, 0x77, 0x00, 0x00, 0x00, 0xff, 0xff, 0x39, 0xdb, - 0xfe, 0xb3, 0x60, 0x2c, 0x00, 0x00, + 0xf5, 0x4f, 0xcf, 0x97, 0xc7, 0xcf, 0x13, 0x3b, 0xae, 0xc4, 0xd9, 0xd9, 0x49, 0xd6, 0xf6, 0x76, + 0xfe, 0x89, 0xf2, 0x87, 0xec, 0x0c, 0x36, 0xd9, 0xc5, 0x09, 0x12, 0xd9, 0x4c, 0x26, 0x44, 0x03, + 0xf6, 0xc6, 0x5b, 0x1e, 0x22, 0x14, 0x05, 0x89, 0x72, 0x4f, 0xb9, 0xdd, 0x78, 0xa6, 0x7b, 0xe8, + 0xee, 0xf1, 0xae, 0x23, 0x90, 0x38, 0xa0, 0xd5, 0x1e, 0x38, 0xc0, 0x89, 0xc3, 0x1e, 0xd1, 0x0a, + 0x21, 0x8e, 0x08, 0xc4, 0x89, 0x0b, 0x20, 0x45, 0x5c, 0x58, 0x2d, 0x97, 0xbd, 0x60, 0x6d, 0x06, + 0xce, 0xdc, 0xb8, 0xec, 0x09, 0x55, 0x75, 0x75, 0x77, 0x75, 0x4f, 0x8f, 0xdd, 0x63, 0xe2, 0x01, + 0x6e, 0xd3, 0x55, 0xef, 0xfd, 0xde, 0xab, 0xf7, 0xaa, 0xde, 0x47, 0xd5, 0xc0, 0x8a, 0x6e, 0xb8, + 0xbb, 0xfd, 0xed, 0xaa, 0x66, 0x75, 0x6b, 0x56, 0x8f, 0x9a, 0xce, 0xae, 0xb1, 0xe3, 0xd6, 0x48, + 0xcf, 0xa8, 0x19, 0x5d, 0xa2, 0xd3, 0xda, 0xfe, 0x4a, 0x4d, 0xa7, 0x26, 0xb5, 0x89, 0x4b, 0xdb, + 0xd5, 0x9e, 0x6d, 0xb9, 0x16, 0x7a, 0x35, 0x64, 0xa9, 0x06, 0x2c, 0x55, 0xd2, 0x33, 0xaa, 0x9c, + 0xa5, 0xba, 0xbf, 0x52, 0x79, 0x4d, 0x42, 0xd5, 0x2d, 0xdd, 0xaa, 0x71, 0xce, 0xed, 0xfe, 0x0e, + 0xff, 0xe2, 0x1f, 0xfc, 0x97, 0x87, 0x58, 0x51, 0xf7, 0xd6, 0x9c, 0xaa, 0x61, 0x71, 0xb1, 0x9a, + 0x65, 0x27, 0x49, 0xad, 0xdc, 0x0c, 0x69, 0xba, 0x44, 0xdb, 0x35, 0x4c, 0x6a, 0x1f, 0xd4, 0x7a, + 0x7b, 0x3a, 0x1b, 0x70, 0x6a, 0x5d, 0xea, 0x92, 0x24, 0xae, 0xda, 0x28, 0x2e, 0xbb, 0x6f, 0xba, + 0x46, 0x97, 0x0e, 0x31, 0xbc, 0x71, 0x1c, 0x83, 0xa3, 0xed, 0xd2, 0x2e, 0x89, 0xf3, 0xa9, 0x1f, + 0x2b, 0x70, 0xa1, 0x61, 0x69, 0x7b, 0xd4, 0x6e, 0x32, 0x23, 0x60, 0xba, 0x43, 0x6d, 0x6a, 0x6a, + 0x14, 0xdd, 0x80, 0xa2, 0x4d, 0x75, 0xc3, 0x71, 0xed, 0x83, 0xb2, 0xb2, 0xac, 0x5c, 0x9f, 0xae, + 0x9f, 0x7b, 0x76, 0xb8, 0x74, 0x66, 0x70, 0xb8, 0x54, 0xc4, 0x62, 0x1c, 0x07, 0x14, 0xa8, 0x06, + 0xd3, 0x26, 0xe9, 0x52, 0xa7, 0x47, 0x34, 0x5a, 0xce, 0x70, 0xf2, 0x79, 0x41, 0x3e, 0xfd, 0x96, + 0x3f, 0x81, 0x43, 0x1a, 0xb4, 0x0c, 0x39, 0xf6, 0x51, 0xce, 0x72, 0xda, 0x92, 0xa0, 0xcd, 0x31, + 0x5a, 0xcc, 0x67, 0xd0, 0x2b, 0x90, 0x75, 0x89, 0x5e, 0xce, 0x71, 0x82, 0x19, 0x41, 0x90, 0x6d, + 0x11, 0x1d, 0xb3, 0x71, 0x54, 0x81, 0x8c, 0xd1, 0x28, 0xe7, 0xf9, 0x2c, 0x88, 0xd9, 0x4c, 0xb3, + 0x81, 0x33, 0x46, 0x43, 0xfd, 0xf3, 0x14, 0xe4, 0xf9, 0x72, 0xd0, 0xb7, 0xa1, 0xc8, 0x4c, 0xdc, + 0x26, 0x2e, 0xe1, 0xab, 0x98, 0x59, 0xfd, 0x42, 0xd5, 0xb3, 0x54, 0x55, 0xb6, 0x54, 0xb5, 0xb7, + 0xa7, 0xb3, 0x01, 0xa7, 0xca, 0xa8, 0xab, 0xfb, 0x2b, 0xd5, 0x87, 0xdb, 0xdf, 0xa1, 0x9a, 0xbb, + 0x41, 0x5d, 0x52, 0x47, 0x02, 0x1d, 0xc2, 0x31, 0x1c, 0xa0, 0xa2, 0x4d, 0xb8, 0xd0, 0x4e, 0xb0, + 0x9f, 0x30, 0xc2, 0x65, 0xc1, 0x9b, 0x68, 0x63, 0x9c, 0xc8, 0x89, 0xbe, 0x07, 0xe7, 0xa5, 0xf1, + 0x0d, 0x5f, 0xfd, 0x2c, 0x57, 0xff, 0xb5, 0x91, 0xea, 0x0b, 0x47, 0x57, 0x31, 0x79, 0xe7, 0xfe, + 0xbb, 0x2e, 0x35, 0x1d, 0xc3, 0x32, 0xeb, 0x97, 0x84, 0xfc, 0xf3, 0x8d, 0x61, 0x44, 0x9c, 0x24, + 0x06, 0x6d, 0x43, 0x25, 0x61, 0xf8, 0x11, 0xb5, 0x19, 0x9e, 0xf0, 0x86, 0x2a, 0x50, 0x2b, 0x8d, + 0x91, 0x94, 0xf8, 0x08, 0x14, 0xb4, 0x11, 0x5d, 0x21, 0x31, 0x8d, 0x1d, 0xea, 0xb8, 0xc2, 0x99, + 0x89, 0x2a, 0x0b, 0x12, 0x9c, 0xc4, 0x87, 0xf6, 0x61, 0x5e, 0x1a, 0x5e, 0x27, 0x07, 0xd4, 0x76, + 0xca, 0x85, 0xe5, 0x2c, 0x37, 0xd7, 0xb1, 0x87, 0xbe, 0x1a, 0x72, 0xd5, 0x5f, 0x16, 0xb2, 0xe7, + 0x1b, 0x71, 0x3c, 0x3c, 0x2c, 0x02, 0x51, 0x00, 0xc7, 0xd0, 0x4d, 0xe2, 0xf6, 0x6d, 0xea, 0x94, + 0xa7, 0xb8, 0xc0, 0x95, 0xb4, 0x02, 0xb7, 0x7c, 0xce, 0x70, 0x7f, 0x05, 0x43, 0x0e, 0x96, 0x80, + 0xd1, 0x43, 0x58, 0x90, 0x64, 0x87, 0x44, 0xe5, 0xe2, 0x72, 0xf6, 0x7a, 0xa9, 0xfe, 0xf2, 0xe0, + 0x70, 0x69, 0xa1, 0x91, 0x44, 0x80, 0x93, 0xf9, 0xd0, 0x2e, 0x5c, 0x4e, 0x30, 0xe3, 0x06, 0x6d, + 0x1b, 0xa4, 0x75, 0xd0, 0xa3, 0xe5, 0x69, 0xee, 0x87, 0xff, 0x13, 0x6a, 0x5d, 0x6e, 0x1c, 0x41, + 0x8b, 0x8f, 0x44, 0x42, 0x0f, 0x22, 0x9e, 0xb9, 0x67, 0x99, 0x3b, 0x86, 0x5e, 0x06, 0x0e, 0x9f, + 0x64, 0x6a, 0x8f, 0x00, 0x0f, 0xf3, 0xa8, 0x3f, 0x55, 0xe0, 0x3c, 0xff, 0xae, 0x77, 0xac, 0xed, + 0xe0, 0xa8, 0x38, 0x68, 0x0d, 0x4a, 0xdc, 0xac, 0x1b, 0x86, 0xe3, 0x18, 0xa6, 0xce, 0x0f, 0x49, + 0xb1, 0x7e, 0x41, 0x60, 0x97, 0x9a, 0xd2, 0x1c, 0x8e, 0x50, 0x22, 0x15, 0x0a, 0x1d, 0x6f, 0xa7, + 0x28, 0xcb, 0x59, 0x16, 0x43, 0x06, 0x87, 0x4b, 0x05, 0xe1, 0x6b, 0x31, 0xc3, 0x68, 0x34, 0x4f, + 0x67, 0xef, 0x34, 0x73, 0x1a, 0xa1, 0xa4, 0x98, 0x51, 0xff, 0x98, 0x85, 0x39, 0x2e, 0xa6, 0xd9, + 0xed, 0x59, 0xb6, 0xbb, 0xd5, 0xa3, 0x1a, 0xba, 0x0f, 0xb9, 0x1d, 0xdb, 0xea, 0x8a, 0x88, 0x73, + 0x45, 0x3a, 0xb2, 0x55, 0x96, 0x26, 0xc2, 0xf8, 0x12, 0xac, 0x24, 0x8c, 0x80, 0x5f, 0xb5, 0xad, + 0x2e, 0xe6, 0xec, 0xe8, 0x4d, 0xc8, 0xb8, 0x16, 0x17, 0x3d, 0xb3, 0x7a, 0x3d, 0x09, 0x64, 0xdd, + 0xd2, 0x48, 0x27, 0x8e, 0x54, 0x60, 0x81, 0xb0, 0x65, 0xe1, 0x8c, 0x6b, 0xa1, 0x0e, 0x33, 0x0f, + 0x53, 0x6b, 0xd3, 0xea, 0x18, 0xda, 0x81, 0x88, 0x21, 0xab, 0x29, 0xf6, 0x68, 0x8b, 0xe8, 0x4d, + 0x89, 0x53, 0x36, 0x69, 0x38, 0x8a, 0x23, 0xe8, 0xe8, 0x5d, 0x98, 0xb3, 0x7d, 0x35, 0x84, 0xc0, + 0x3c, 0x17, 0xf8, 0x7a, 0x3a, 0x81, 0x38, 0xca, 0x5c, 0x7f, 0x49, 0xc8, 0x9c, 0x8b, 0x4d, 0xe0, + 0xb8, 0x18, 0x74, 0x17, 0xe6, 0x0c, 0x53, 0xeb, 0xf4, 0xdb, 0x61, 0x30, 0xc9, 0xf1, 0x9d, 0x10, + 0x40, 0x34, 0xa3, 0xd3, 0x38, 0x4e, 0xaf, 0xfe, 0x45, 0x81, 0x79, 0xd9, 0x8f, 0x2e, 0x71, 0xfb, + 0x0e, 0x6a, 0x41, 0xc1, 0xe1, 0xbf, 0x84, 0x2f, 0x6f, 0xa4, 0xcb, 0x1e, 0x1e, 0x77, 0x7d, 0x56, + 0x48, 0x2f, 0x78, 0xdf, 0x58, 0x60, 0xa1, 0x26, 0xe4, 0xf9, 0xba, 0x03, 0xdf, 0xa6, 0x8c, 0x19, + 0xf5, 0xe9, 0xc1, 0xe1, 0x92, 0x97, 0xd9, 0xb0, 0x87, 0xe0, 0x67, 0xc9, 0x6c, 0x72, 0x96, 0x54, + 0xdf, 0x53, 0x00, 0xc2, 0x90, 0x15, 0x64, 0x5d, 0x65, 0x64, 0xd6, 0xbd, 0x0a, 0x39, 0xc7, 0x78, + 0xea, 0x69, 0x96, 0x0d, 0x73, 0x38, 0x67, 0xdf, 0x32, 0x9e, 0x52, 0xcc, 0xa7, 0x59, 0xbe, 0xef, + 0x06, 0xf1, 0x22, 0x1b, 0xcd, 0xf7, 0x61, 0x70, 0x08, 0x69, 0xd4, 0x36, 0xcc, 0x86, 0x7a, 0x34, + 0x58, 0xa2, 0x79, 0x55, 0x48, 0x52, 0xb8, 0xa4, 0xb3, 0xc7, 0x4a, 0xc9, 0xa4, 0x90, 0xf2, 0x5b, + 0x05, 0xa6, 0x3d, 0x31, 0x86, 0xe3, 0xa2, 0x27, 0x43, 0xc9, 0xbf, 0x9a, 0xce, 0x7d, 0x8c, 0x9b, + 0xa7, 0xfe, 0xa0, 0xe4, 0xf1, 0x47, 0xa4, 0xc4, 0xbf, 0x01, 0x79, 0xc3, 0xa5, 0x5d, 0xa7, 0x9c, + 0xe1, 0x81, 0x3f, 0xbd, 0x13, 0xcf, 0x0a, 0xd0, 0x7c, 0x93, 0xb1, 0x63, 0x0f, 0x45, 0x5d, 0x13, + 0xdb, 0x6f, 0xdd, 0xb2, 0xf6, 0xfa, 0x3d, 0xb1, 0xaf, 0xaf, 0x40, 0xbe, 0xc3, 0xce, 0xb8, 0x88, + 0x6b, 0x01, 0x27, 0x3f, 0xf8, 0xd8, 0x9b, 0x53, 0x7f, 0x55, 0x10, 0xb6, 0x0d, 0x42, 0xfc, 0x04, + 0xca, 0x9e, 0x65, 0xc8, 0xb9, 0xa1, 0x57, 0x82, 0x9d, 0xc4, 0x1d, 0xc2, 0x67, 0xd0, 0x55, 0x98, + 0xd2, 0x2c, 0xd3, 0xa5, 0xa6, 0xcb, 0xb5, 0x2f, 0xd5, 0x67, 0x06, 0x87, 0x4b, 0x53, 0xf7, 0xbc, + 0x21, 0xec, 0xcf, 0x21, 0x03, 0x40, 0xb3, 0xcc, 0xb6, 0xe1, 0x1a, 0x96, 0xe9, 0x94, 0x73, 0xdc, + 0x96, 0x69, 0xe2, 0x45, 0xb0, 0xd8, 0x7b, 0x3e, 0x77, 0xa8, 0x71, 0x30, 0xe4, 0x60, 0x09, 0x1c, + 0x7d, 0x19, 0xce, 0x72, 0xf6, 0x66, 0x9b, 0x9a, 0xae, 0xe1, 0x1e, 0x88, 0x82, 0x63, 0x41, 0xb0, + 0x9d, 0x6d, 0xca, 0x93, 0x38, 0x4a, 0x8b, 0xbe, 0x0f, 0x25, 0x96, 0x93, 0x69, 0xfb, 0x5e, 0x87, + 0x18, 0x5d, 0xbf, 0xbe, 0xb8, 0x37, 0x76, 0xba, 0xe7, 0x8a, 0xfb, 0x28, 0xf7, 0x4d, 0xd7, 0x96, + 0x62, 0xab, 0x3c, 0x85, 0x23, 0xe2, 0xd0, 0xdb, 0x30, 0xa5, 0xd9, 0x94, 0x15, 0xee, 0xe5, 0x29, + 0xee, 0xd0, 0xcf, 0xa5, 0x73, 0x68, 0xcb, 0xe8, 0x52, 0x61, 0x79, 0x8f, 0x1d, 0xfb, 0x38, 0xec, + 0x78, 0x18, 0x8e, 0xd3, 0xa7, 0xed, 0xfa, 0x41, 0xb9, 0x98, 0x3a, 0x31, 0x04, 0x0b, 0x69, 0x32, + 0x5e, 0xbb, 0x5e, 0x62, 0xc7, 0xa3, 0x29, 0x70, 0x70, 0x80, 0x88, 0xbe, 0xe5, 0xa3, 0xb7, 0x2c, + 0x5e, 0x50, 0xcc, 0xac, 0x7e, 0x71, 0x1c, 0xf4, 0xad, 0x3e, 0xdf, 0x75, 0x32, 0x7c, 0xcb, 0xc2, + 0x01, 0x64, 0xe5, 0x0e, 0xcc, 0x0f, 0x19, 0x12, 0x9d, 0x83, 0xec, 0x1e, 0x15, 0xed, 0x0a, 0x66, + 0x3f, 0xd1, 0x05, 0xc8, 0xef, 0x93, 0x4e, 0x5f, 0xec, 0x53, 0xec, 0x7d, 0xdc, 0xce, 0xac, 0x29, + 0xea, 0xcf, 0x32, 0x30, 0xe3, 0x79, 0xc6, 0xb5, 0x29, 0xe9, 0x4e, 0xe0, 0xc8, 0xb4, 0x20, 0xe7, + 0xf4, 0xa8, 0x26, 0x82, 0xfe, 0x6a, 0xea, 0x9d, 0xc3, 0xf5, 0x63, 0x75, 0x45, 0x78, 0xcc, 0xd8, + 0x17, 0xe6, 0x68, 0xe8, 0x49, 0x90, 0xa1, 0xbc, 0xe4, 0x7e, 0x73, 0x4c, 0xdc, 0x23, 0x33, 0x95, + 0xfa, 0x7b, 0x05, 0xce, 0x49, 0xd4, 0x93, 0x6a, 0xaa, 0x36, 0x4e, 0x9a, 0x20, 0xc3, 0xd8, 0x2a, + 0x25, 0x49, 0xf5, 0xd7, 0x19, 0x11, 0x5c, 0xfd, 0x55, 0xb0, 0x0c, 0x3f, 0x81, 0x65, 0x3c, 0x8e, + 0x78, 0x7c, 0x6d, 0x3c, 0xcf, 0x84, 0xf5, 0x64, 0xa2, 0xdf, 0xb7, 0x63, 0x7e, 0xbf, 0x7d, 0x22, + 0xf4, 0xa3, 0xbd, 0xff, 0xc3, 0x0c, 0x2c, 0x24, 0x6a, 0x84, 0xae, 0x41, 0xc1, 0x2b, 0xfd, 0xb8, + 0xe5, 0x8a, 0x21, 0x82, 0x47, 0x83, 0xc5, 0x2c, 0xd2, 0x01, 0x6c, 0xda, 0xb3, 0x1c, 0xc3, 0xb5, + 0xec, 0x03, 0x61, 0x87, 0x2f, 0xa5, 0xd0, 0x14, 0x07, 0x4c, 0x92, 0x19, 0x66, 0x99, 0xa1, 0xc3, + 0x19, 0x2c, 0x41, 0xa3, 0xc7, 0x4c, 0x21, 0xa2, 0x53, 0x66, 0x8e, 0xec, 0x38, 0xc7, 0x4b, 0xc6, + 0x0f, 0x17, 0xc1, 0x90, 0xb0, 0x40, 0x54, 0x7f, 0x93, 0x81, 0x97, 0x46, 0x98, 0x0e, 0xe1, 0x88, + 0x21, 0x58, 0x85, 0x31, 0x96, 0x1b, 0xbc, 0x96, 0x22, 0x66, 0x34, 0x23, 0xc1, 0x68, 0xb7, 0x4e, + 0x62, 0x34, 0xe1, 0xdd, 0x23, 0xcc, 0xf6, 0x24, 0x66, 0xb6, 0x9b, 0x63, 0x9a, 0x2d, 0xb6, 0x7f, + 0x62, 0x86, 0xfb, 0x30, 0x17, 0x39, 0x77, 0xa2, 0x6d, 0x3e, 0xfd, 0x73, 0xd7, 0x86, 0xfc, 0x76, + 0xc7, 0xda, 0xf6, 0x4b, 0xb3, 0x3b, 0xe3, 0xf9, 0xc4, 0x53, 0xb3, 0xca, 0x3a, 0x4d, 0x91, 0xa0, + 0x83, 0xa8, 0xc2, 0xc7, 0xb0, 0x07, 0x8e, 0x76, 0x63, 0xb6, 0x7b, 0xf3, 0x44, 0x62, 0x3c, 0x93, + 0x79, 0x72, 0x46, 0xd8, 0xb1, 0xb2, 0x07, 0x10, 0x6a, 0x93, 0x90, 0xe5, 0x1e, 0xc8, 0x59, 0x6e, + 0x8c, 0x3b, 0x88, 0xa0, 0x18, 0x97, 0x12, 0x63, 0xe5, 0xbb, 0x22, 0x2f, 0x8e, 0x94, 0xb6, 0x1e, + 0x95, 0xf6, 0x46, 0xea, 0xe0, 0x1c, 0x69, 0xdd, 0xe5, 0x5c, 0xfc, 0x07, 0x45, 0xf4, 0xd0, 0xc2, + 0x32, 0xa7, 0x5f, 0xbc, 0x6f, 0x45, 0x8b, 0xf7, 0x71, 0x4f, 0x6d, 0x72, 0x09, 0xff, 0x77, 0x05, + 0x90, 0x44, 0xb5, 0x41, 0x7a, 0x3d, 0xc3, 0xd4, 0xff, 0xe7, 0xd2, 0xe5, 0x71, 0x3d, 0xe5, 0x2f, + 0x32, 0x11, 0x6f, 0xf1, 0x7c, 0x60, 0x42, 0xa9, 0x23, 0x35, 0x2e, 0xe3, 0xd6, 0x22, 0x72, 0xd3, + 0x13, 0x96, 0xc3, 0xf2, 0x28, 0x8e, 0xe0, 0xa3, 0xad, 0xc8, 0x9d, 0x58, 0x18, 0xdc, 0x44, 0x67, + 0xfb, 0x8a, 0x80, 0x58, 0x68, 0x24, 0x11, 0xe1, 0x64, 0x5e, 0xf4, 0x36, 0xe4, 0x5c, 0xa2, 0xfb, + 0x7b, 0xa2, 0x36, 0xe6, 0xa5, 0x85, 0xd4, 0x04, 0x11, 0xdd, 0xc1, 0x1c, 0x4a, 0xfd, 0x79, 0xb4, + 0xf2, 0x10, 0x49, 0xe3, 0x54, 0xb4, 0xa7, 0x70, 0xa9, 0xd7, 0xdf, 0xee, 0x18, 0x5a, 0x22, 0x97, + 0xf0, 0xe6, 0x15, 0x01, 0x7d, 0x69, 0x73, 0x34, 0x29, 0x3e, 0x0a, 0x07, 0x3d, 0x8a, 0x18, 0x29, + 0x8d, 0x87, 0xdf, 0x22, 0x5d, 0xda, 0x6e, 0x11, 0xfd, 0xfe, 0x3e, 0x35, 0x5d, 0x76, 0x16, 0x13, + 0x2d, 0xf5, 0x41, 0xce, 0xef, 0x62, 0xb9, 0xa5, 0x5a, 0x64, 0x12, 0x07, 0xe7, 0x6b, 0xde, 0x4e, + 0xf7, 0x8e, 0xcd, 0xd8, 0x0e, 0x9f, 0x8a, 0x3c, 0x48, 0xac, 0x02, 0x88, 0xc7, 0x15, 0xc3, 0x32, + 0xb9, 0xb9, 0xb3, 0xa1, 0xf4, 0x07, 0xc1, 0x0c, 0x96, 0xa8, 0x86, 0x8e, 0x4d, 0xe1, 0x94, 0x8f, + 0xcd, 0x6e, 0x42, 0xb3, 0x7d, 0x33, 0xdd, 0xb2, 0xb9, 0xf7, 0xd2, 0xf7, 0xda, 0x41, 0x48, 0xca, + 0xbf, 0x90, 0x0a, 0xfe, 0x4f, 0xd1, 0xd0, 0xda, 0x22, 0xfa, 0x04, 0x92, 0xc4, 0xa3, 0x68, 0x92, + 0x58, 0x19, 0x2f, 0x49, 0xb4, 0x88, 0x3e, 0x22, 0x4f, 0x7c, 0x9a, 0x81, 0x22, 0x27, 0x9c, 0xcc, + 0x26, 0xdf, 0x88, 0x74, 0x21, 0x63, 0xef, 0xf2, 0x62, 0xac, 0xf1, 0xf8, 0xe6, 0x09, 0x1a, 0xce, + 0xe1, 0x10, 0x00, 0x47, 0x5d, 0x8b, 0xe6, 0xfe, 0xdd, 0x6b, 0x51, 0xf5, 0x77, 0x0a, 0x94, 0x7c, + 0x13, 0x4f, 0x60, 0xa7, 0x6c, 0x46, 0x77, 0xca, 0xe7, 0xd3, 0x6a, 0x3e, 0x7a, 0x8f, 0xfc, 0x43, + 0x81, 0xf9, 0x21, 0xab, 0xf9, 0x99, 0x59, 0x19, 0xf1, 0x26, 0x7a, 0x02, 0x35, 0x7c, 0xf8, 0x64, + 0x35, 0x62, 0x01, 0x23, 0x7b, 0x7a, 0x01, 0x43, 0x7d, 0x3f, 0x0b, 0x17, 0x92, 0xba, 0xbe, 0x17, + 0xf5, 0x98, 0x12, 0x7f, 0x0a, 0xc9, 0x4c, 0xfa, 0x29, 0x24, 0xf7, 0x1f, 0x7b, 0x0a, 0xc9, 0x8e, + 0xf9, 0x14, 0xf2, 0x7e, 0x06, 0x2e, 0x26, 0xf7, 0x92, 0xa7, 0xf4, 0x1e, 0x12, 0x76, 0xa1, 0x99, + 0x17, 0xdf, 0x85, 0xa2, 0xdb, 0x30, 0x4b, 0xda, 0xde, 0x36, 0x23, 0x1d, 0x56, 0x71, 0xf0, 0x7d, + 0x3c, 0x5d, 0x47, 0x83, 0xc3, 0xa5, 0xd9, 0xbb, 0x91, 0x19, 0x1c, 0xa3, 0x54, 0x7f, 0xa9, 0x00, + 0x6c, 0x51, 0xcd, 0xa6, 0xee, 0x04, 0xa2, 0xc8, 0x9d, 0xe8, 0xf1, 0xad, 0x24, 0x6d, 0x75, 0x4f, + 0x99, 0x11, 0x41, 0xe3, 0xe3, 0x2c, 0xa0, 0xe1, 0x7b, 0x71, 0x74, 0x5b, 0xdc, 0xd5, 0x7b, 0x61, + 0xe3, 0x9a, 0x7c, 0x57, 0xff, 0xd9, 0xe1, 0xd2, 0xc5, 0x61, 0x0e, 0xe9, 0x16, 0x7f, 0x3d, 0x70, + 0xb8, 0x77, 0xd3, 0x7f, 0x33, 0xea, 0xc2, 0xcf, 0x0e, 0x97, 0x12, 0xfe, 0x04, 0x53, 0x0d, 0x90, + 0x62, 0x8e, 0xd6, 0xe1, 0x6c, 0x87, 0x38, 0xee, 0xa6, 0x6d, 0x6d, 0xd3, 0x96, 0x21, 0xfe, 0xfe, + 0x31, 0xde, 0x5d, 0x76, 0x70, 0x5b, 0xbf, 0x2e, 0x03, 0xe1, 0x28, 0x2e, 0xda, 0x07, 0xc4, 0x06, + 0x5a, 0x36, 0x31, 0x1d, 0x6f, 0x49, 0x4c, 0x5a, 0x6e, 0x6c, 0x69, 0x15, 0x21, 0x0d, 0xad, 0x0f, + 0xa1, 0xe1, 0x04, 0x09, 0xe8, 0x1a, 0x14, 0x6c, 0x4a, 0x1c, 0xcb, 0x14, 0x6f, 0x0b, 0xc1, 0x9e, + 0xc4, 0x7c, 0x14, 0x8b, 0x59, 0xf4, 0xff, 0x30, 0xd5, 0xa5, 0x8e, 0xc3, 0x92, 0x5d, 0x81, 0x13, + 0xce, 0x09, 0xc2, 0xa9, 0x0d, 0x6f, 0x18, 0xfb, 0xf3, 0xea, 0x7b, 0x0a, 0x84, 0x2e, 0xe2, 0x75, + 0xa4, 0xa1, 0xdd, 0xf7, 0xde, 0x24, 0xd6, 0xa0, 0x64, 0xd9, 0x3a, 0x31, 0x8d, 0xa7, 0x5e, 0xd1, + 0xe9, 0x39, 0x38, 0x88, 0x4f, 0x0f, 0xa5, 0x39, 0x1c, 0xa1, 0x64, 0xc5, 0xaa, 0x66, 0x75, 0xbb, + 0x96, 0xc9, 0x72, 0x8c, 0x70, 0xad, 0x14, 0xa1, 0xfd, 0x19, 0x2c, 0x51, 0xa9, 0x1f, 0x2a, 0x30, + 0x17, 0xbb, 0xfd, 0x47, 0x3f, 0x51, 0xe0, 0xa2, 0x93, 0xa8, 0x9c, 0x38, 0x1f, 0xb7, 0xc6, 0xb9, + 0xf4, 0x8f, 0x00, 0xd4, 0x17, 0x85, 0x3e, 0x23, 0x56, 0x8f, 0x47, 0x08, 0x56, 0xff, 0xaa, 0xc0, + 0xb9, 0xf8, 0x3b, 0xc2, 0x7f, 0xa3, 0xa2, 0xe8, 0x75, 0x98, 0xf1, 0x3a, 0xad, 0xaf, 0xd3, 0x83, + 0x66, 0x43, 0x78, 0xe1, 0xbc, 0x00, 0x9b, 0xd9, 0x0c, 0xa7, 0xb0, 0x4c, 0xa7, 0xfe, 0x28, 0x03, + 0x45, 0x3f, 0xbf, 0xa2, 0x6f, 0x84, 0xef, 0x42, 0xca, 0xd8, 0xbb, 0x3b, 0xd8, 0x74, 0x43, 0x6f, + 0x43, 0x2f, 0xfe, 0x5f, 0x4d, 0x57, 0xfc, 0xe2, 0xce, 0x6b, 0x44, 0x93, 0x6f, 0x1e, 0xa2, 0x3d, + 0x54, 0x2e, 0x4d, 0x0f, 0xa5, 0x7e, 0x90, 0x85, 0xf9, 0xa1, 0x72, 0x03, 0xdd, 0x8a, 0xc4, 0xbc, + 0xab, 0xb1, 0x98, 0xb7, 0x30, 0xc4, 0x70, 0x6a, 0x21, 0x2f, 0x39, 0x12, 0x65, 0x27, 0x18, 0x89, + 0x72, 0x69, 0x23, 0x51, 0xfe, 0xe8, 0x48, 0x14, 0xf3, 0x4e, 0x21, 0x95, 0x77, 0x7a, 0x30, 0x17, + 0xab, 0x9f, 0xd0, 0x0d, 0x28, 0x1a, 0xa6, 0x43, 0xb5, 0xbe, 0x4d, 0xc5, 0xeb, 0x41, 0x90, 0x14, + 0x9b, 0x62, 0x1c, 0x07, 0x14, 0xa8, 0x06, 0xd3, 0x8e, 0xb6, 0x4b, 0xdb, 0xfd, 0x0e, 0x6d, 0x73, + 0x87, 0x14, 0xc3, 0xff, 0x00, 0x6c, 0xf9, 0x13, 0x38, 0xa4, 0x51, 0xff, 0x99, 0x83, 0x92, 0x5c, + 0x41, 0xa5, 0xf8, 0xd3, 0xc3, 0x3b, 0x30, 0x43, 0x4c, 0xd3, 0x72, 0x89, 0x57, 0xe6, 0x66, 0x52, + 0x5f, 0xe7, 0xca, 0x72, 0xaa, 0x77, 0x43, 0x08, 0xef, 0x3a, 0x37, 0x38, 0xca, 0xd2, 0x0c, 0x96, + 0x25, 0xa1, 0xbb, 0xa2, 0xb6, 0xcd, 0xa6, 0xaf, 0x6d, 0x8b, 0xb1, 0xba, 0xb6, 0x06, 0xd3, 0x41, + 0x09, 0x28, 0xfe, 0xf4, 0x12, 0xd8, 0x27, 0x3c, 0x93, 0x21, 0x0d, 0xaa, 0x46, 0xbc, 0x98, 0xe7, + 0x5e, 0x9c, 0x3d, 0xe2, 0x8e, 0x22, 0x5e, 0x38, 0x17, 0x26, 0x5d, 0x38, 0x4f, 0x4d, 0xa4, 0x70, + 0xae, 0x7c, 0x05, 0xce, 0xc5, 0x3d, 0x38, 0xd6, 0x83, 0xf2, 0x26, 0xa0, 0x61, 0xf9, 0xc7, 0xd5, + 0x5e, 0xc3, 0x1c, 0x61, 0x20, 0xaa, 0x5f, 0x7f, 0xf6, 0x7c, 0xf1, 0xcc, 0x47, 0xcf, 0x17, 0xcf, + 0x7c, 0xf2, 0x7c, 0xf1, 0xcc, 0x0f, 0x06, 0x8b, 0xca, 0xb3, 0xc1, 0xa2, 0xf2, 0xd1, 0x60, 0x51, + 0xf9, 0x64, 0xb0, 0xa8, 0x7c, 0x3a, 0x58, 0x54, 0x7e, 0xfc, 0xb7, 0xc5, 0x33, 0x8f, 0x33, 0xfb, + 0x2b, 0xff, 0x0a, 0x00, 0x00, 0xff, 0xff, 0xee, 0x69, 0x81, 0xbe, 0x0e, 0x2d, 0x00, 0x00, } func (m *DockerImageReference) Marshal() (dAtA []byte, err error) { @@ -2811,6 +2841,53 @@ func (m *RepositoryImportStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) return len(dAtA) - i, nil } +func (m *SecretList) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *SecretList) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *SecretList) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.Items) > 0 { + for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + } + { + size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0xa + return len(dAtA) - i, nil +} + func (m *SignatureCondition) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -3802,6 +3879,23 @@ func (m *RepositoryImportStatus) Size() (n int) { return n } +func (m *SecretList) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = m.ListMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) + if len(m.Items) > 0 { + for _, e := range m.Items { + l = e.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + } + return n +} + func (m *SignatureCondition) Size() (n int) { if m == nil { return 0 @@ -4398,6 +4492,22 @@ func (this *RepositoryImportStatus) String() string { }, "") return s } +func (this *SecretList) String() string { + if this == nil { + return "nil" + } + repeatedStringForItems := "[]Secret{" + for _, f := range this.Items { + repeatedStringForItems += fmt.Sprintf("%v", f) + "," + } + repeatedStringForItems += "}" + s := strings.Join([]string{`&SecretList{`, + `ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`, + `Items:` + repeatedStringForItems + `,`, + `}`, + }, "") + return s +} func (this *SignatureCondition) String() string { if this == nil { return "nil" @@ -9302,6 +9412,126 @@ func (m *RepositoryImportStatus) Unmarshal(dAtA []byte) error { } return nil } +func (m *SecretList) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: SecretList: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: SecretList: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Items = append(m.Items, v11.Secret{}) + if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func (m *SignatureCondition) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 diff --git a/vendor/github.com/openshift/api/image/v1/generated.proto b/vendor/github.com/openshift/api/image/v1/generated.proto index 69ed48e89c9d..8f606b04fa70 100644 --- a/vendor/github.com/openshift/api/image/v1/generated.proto +++ b/vendor/github.com/openshift/api/image/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.image.v1; @@ -483,6 +483,18 @@ message RepositoryImportStatus { repeated string additionalTags = 3; } +// SecretList is a list of Secret. +message SecretList { + // Standard list metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + // +optional + optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; + + // Items is a list of secret objects. + // More info: https://kubernetes.io/docs/concepts/configuration/secret + repeated k8s.io.api.core.v1.Secret items = 2; +} + // SignatureCondition describes an image signature condition of particular kind at particular probe time. message SignatureCondition { // Type of signature condition, Complete or Failed. diff --git a/vendor/github.com/openshift/api/image/v1/register.go b/vendor/github.com/openshift/api/image/v1/register.go index fc0910c24686..0d924103a642 100644 --- a/vendor/github.com/openshift/api/image/v1/register.go +++ b/vendor/github.com/openshift/api/image/v1/register.go @@ -47,7 +47,7 @@ func addKnownTypes(scheme *runtime.Scheme) error { &ImageStreamImport{}, &ImageTag{}, &ImageTagList{}, - &corev1.SecretList{}, + &SecretList{}, ) metav1.AddToGroupVersion(scheme, GroupVersion) return nil diff --git a/vendor/github.com/openshift/api/image/v1/types.go b/vendor/github.com/openshift/api/image/v1/types.go index c29cad9b25d2..8319921e9dd4 100644 --- a/vendor/github.com/openshift/api/image/v1/types.go +++ b/vendor/github.com/openshift/api/image/v1/types.go @@ -162,7 +162,7 @@ type ImageStreamList struct { } // +genclient -// +genclient:method=Secrets,verb=get,subresource=secrets,result=k8s.io/api/core/v1.SecretList +// +genclient:method=Secrets,verb=get,subresource=secrets,result=github.com/openshift/api/image/v1.SecretList // +genclient:method=Layers,verb=get,subresource=layers,result=github.com/openshift/api/image/v1.ImageStreamLayers // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -632,3 +632,8 @@ type ImageImportStatus struct { // Tag is the tag this image was located under, if any Tag string `json:"tag,omitempty" protobuf:"bytes,3,opt,name=tag"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// SecretList is a list of Secret. +type SecretList corev1.SecretList diff --git a/vendor/github.com/openshift/api/image/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/image/v1/zz_generated.deepcopy.go index aab4664823ce..654fd31d6787 100644 --- a/vendor/github.com/openshift/api/image/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/image/v1/zz_generated.deepcopy.go @@ -808,6 +808,39 @@ func (in *RepositoryImportStatus) DeepCopy() *RepositoryImportStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretList) DeepCopyInto(out *SecretList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]corev1.Secret, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretList. +func (in *SecretList) DeepCopy() *SecretList { + if in == nil { + return nil + } + out := new(SecretList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SecretList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SignatureCondition) DeepCopyInto(out *SignatureCondition) { *out = *in diff --git a/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml b/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml index 8f7d5c5ce05a..e987dec84ec0 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml +++ b/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml @@ -2,6 +2,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: configs.imageregistry.operator.openshift.io + annotations: + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: imageregistry.operator.openshift.io scope: Cluster diff --git a/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml b/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml index 8f1ac607738b..df11f8f4f208 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml +++ b/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml @@ -2,6 +2,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: imagepruners.imageregistry.operator.openshift.io + annotations: + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: imageregistry.operator.openshift.io scope: Cluster diff --git a/vendor/github.com/openshift/api/install.go b/vendor/github.com/openshift/api/install.go index 8422d2015824..6d68704d1611 100644 --- a/vendor/github.com/openshift/api/install.go +++ b/vendor/github.com/openshift/api/install.go @@ -27,7 +27,6 @@ import ( krbacv1beta1 "k8s.io/api/rbac/v1beta1" kschedulingv1alpha1 "k8s.io/api/scheduling/v1alpha1" kschedulingv1beta1 "k8s.io/api/scheduling/v1beta1" - ksettingsv1alpha1 "k8s.io/api/settings/v1alpha1" kstoragev1 "k8s.io/api/storage/v1" kstoragev1alpha1 "k8s.io/api/storage/v1alpha1" kstoragev1beta1 "k8s.io/api/storage/v1beta1" @@ -115,7 +114,6 @@ var ( krbacv1alpha1.AddToScheme, kschedulingv1alpha1.AddToScheme, kschedulingv1beta1.AddToScheme, - ksettingsv1alpha1.AddToScheme, kstoragev1.AddToScheme, kstoragev1beta1.AddToScheme, kstoragev1alpha1.AddToScheme, diff --git a/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml b/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml index 16bc8b5f2263..773530104aec 100644 --- a/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml +++ b/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml @@ -10,26 +10,26 @@ spec: plural: clusternetworks singular: clusternetwork scope: Cluster - additionalPrinterColumns: - - name: Cluster Network - type: string - description: The primary cluster network CIDR - JSONPath: .network - - name: Service Network - type: string - description: The service network CIDR - JSONPath: .serviceNetwork - - name: Plugin Name - type: string - description: The OpenShift SDN network plug-in in use - JSONPath: .pluginName version: v1 versions: - name: v1 served: true storage: true - "schema": - "openAPIV3Schema": + additionalPrinterColumns: + - name: Cluster Network + type: string + description: The primary cluster network CIDR + jsonPath: .network + - name: Service Network + type: string + description: The service network CIDR + jsonPath: .serviceNetwork + - name: Plugin Name + type: string + description: The OpenShift SDN network plug-in in use + jsonPath: .pluginName + schema: + openAPIV3Schema: description: ClusterNetwork describes the cluster network. There is normally only one object of this type, named "default", which is created by the SDN network plugin based on the master configuration when the cluster is brought diff --git a/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml b/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml index 1cc4ebd5f758..61cd99c4a7e6 100644 --- a/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml +++ b/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml @@ -10,36 +10,36 @@ spec: plural: hostsubnets singular: hostsubnet scope: Cluster - additionalPrinterColumns: - - name: Host - type: string - description: The name of the node - JSONPath: .host - - name: Host IP - type: string - description: The IP address to be used as a VTEP by other nodes in the overlay - network - JSONPath: .hostIP - - name: Subnet - type: string - description: The CIDR range of the overlay network assigned to the node for its - pods - JSONPath: .subnet - - name: Egress CIDRs - type: string - description: The network egress CIDRs - JSONPath: .egressCIDRs - - name: Egress IPs - type: string - description: The network egress IP addresses - JSONPath: .egressIPs version: v1 versions: - name: v1 served: true storage: true - "schema": - "openAPIV3Schema": + additionalPrinterColumns: + - name: Host + type: string + description: The name of the node + jsonPath: .host + - name: Host IP + type: string + description: The IP address to be used as a VTEP by other nodes in the overlay + network + jsonPath: .hostIP + - name: Subnet + type: string + description: The CIDR range of the overlay network assigned to the node for + its pods + jsonPath: .subnet + - name: Egress CIDRs + type: string + description: The network egress CIDRs + jsonPath: .egressCIDRs + - name: Egress IPs + type: string + description: The network egress IP addresses + jsonPath: .egressIPs + schema: + openAPIV3Schema: description: HostSubnet describes the container subnet network on a node. The HostSubnet object must have the same name as the Node object it corresponds to. diff --git a/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml b/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml index efe4ebec590d..ac2772d542f6 100644 --- a/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml +++ b/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml @@ -10,22 +10,22 @@ spec: plural: netnamespaces singular: netnamespace scope: Cluster - additionalPrinterColumns: - - name: NetID - type: integer - description: The network identifier of the network namespace - JSONPath: .netid - - name: Egress IPs - type: string - description: The network egress IP addresses - JSONPath: .egressIPs version: v1 versions: - name: v1 served: true storage: true - "schema": - "openAPIV3Schema": + additionalPrinterColumns: + - name: NetID + type: integer + description: The network identifier of the network namespace + jsonPath: .netid + - name: Egress IPs + type: string + description: The network egress IP addresses + jsonPath: .egressIPs + schema: + openAPIV3Schema: description: NetNamespace describes a single isolated network. When using the redhat/openshift-ovs-multitenant plugin, every Namespace will have a corresponding NetNamespace object with the same name. (When using redhat/openshift-ovs-subnet, diff --git a/vendor/github.com/openshift/api/network/v1/generated.proto b/vendor/github.com/openshift/api/network/v1/generated.proto index e57003f4fcda..4c368890811e 100644 --- a/vendor/github.com/openshift/api/network/v1/generated.proto +++ b/vendor/github.com/openshift/api/network/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.network.v1; diff --git a/vendor/github.com/openshift/api/oauth/v1/generated.proto b/vendor/github.com/openshift/api/oauth/v1/generated.proto index 02ae5085f963..0c088f9db495 100644 --- a/vendor/github.com/openshift/api/oauth/v1/generated.proto +++ b/vendor/github.com/openshift/api/oauth/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.oauth.v1; diff --git a/vendor/github.com/openshift/api/oauth/v1/types.go b/vendor/github.com/openshift/api/oauth/v1/types.go index 741f7a475d5c..0f4bcf536929 100644 --- a/vendor/github.com/openshift/api/oauth/v1/types.go +++ b/vendor/github.com/openshift/api/oauth/v1/types.go @@ -253,6 +253,8 @@ type RedirectReference struct { Name string `json:"name" protobuf:"bytes,3,opt,name=name"` } +// +genclient +// +genclient:nonNamespaced // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // UserOAuthAccessToken is a virtual resource to mirror OAuthAccessTokens to diff --git a/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml index 5fe799ffe647..5a90f45dbe3d 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: configs.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml index 150a872661a5..654ea4accd61 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: etcds.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml index 58a1d3bc137f..e57cb7f60b4a 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml @@ -2,7 +2,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" name: kubeapiservers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml index efd88b3c986f..dca1e00822a8 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml @@ -2,7 +2,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" name: kubecontrollermanagers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml index 3cb62b80b200..e5eae5d77d1b 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml @@ -2,7 +2,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" name: kubeschedulers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml index 269edb4d85a3..ad20dab67d2b 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: openshiftapiservers.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml index 74dac215cbf2..30c75bab86d7 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml @@ -4,6 +4,7 @@ metadata: name: cloudcredentials.operator.openshift.io annotations: include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml index d0133c88a392..bb616a307d66 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: kubestorageversionmigrators.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: operator.openshift.io names: diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml index ceb754a52cec..a1339e4ddc6e 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml @@ -4,6 +4,7 @@ metadata: name: authentications.operator.openshift.io annotations: include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml index ce10a157622b..7dc44d28b4ed 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: openshiftcontrollermanagers.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml index 0ae3d9568958..18926b9d4b51 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: storages.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: operator.openshift.io names: diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml index 75d757d99132..5816c9c629be 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml @@ -2,7 +2,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" name: ingresscontrollers.operator.openshift.io spec: group: operator.openshift.io @@ -229,6 +231,30 @@ spec: - IfNone - Never type: string + headerNameCaseAdjustments: + description: "headerNameCaseAdjustments specifies case adjustments + that can be applied to HTTP header names. Each adjustment is + specified as an HTTP header name with the desired capitalization. + \ For example, specifying \"X-Forwarded-For\" indicates that + the \"x-forwarded-for\" HTTP header should be adjusted to have + the specified capitalization. \n These adjustments are only + applied to cleartext, edge-terminated, and re-encrypt routes, + and only when using HTTP/1. \n For request headers, these adjustments + are applied only for routes that have the haproxy.router.openshift.io/h1-adjust-case=true + annotation. For response headers, these adjustments are applied + to all HTTP responses. \n If this field is empty, no request + headers are adjusted." + items: + description: IngressControllerHTTPHeaderNameCaseAdjustment is + the name of an HTTP header (for example, "X-Forwarded-For") + in the desired capitalization. The value must be a valid + HTTP header name as defined in RFC 2616 section 4.2. + maxLength: 1024 + minLength: 0 + pattern: ^$|^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ + type: string + nullable: true + type: array uniqueId: description: "uniqueId describes configuration for a custom HTTP header that the ingress controller should inject into incoming diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml index b33eff67f841..40acfb0810f3 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: servicecas.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml index 0e396059627c..d3d2b7279b66 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml @@ -4,6 +4,7 @@ metadata: name: networks.operator.openshift.io annotations: include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: operator.openshift.io names: @@ -319,6 +320,10 @@ spec: Default is 4789 type: integer format: int32 + ipsecConfig: + description: ipsecConfig enables and configures IPsec for + pods on the pod network within the cluster. + type: object mtu: description: mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default @@ -342,6 +347,14 @@ spec: pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled. type: boolean + disableNetworkDiagnostics: + description: disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck + CRs from a test pod to every node, apiserver and LB should be disabled + or not. If unset, this property defaults to 'false' and network + diagnostics is enabled. Setting this to 'true' would reduce the + additional load of the pods performing the checks. + type: boolean + default: false kubeProxyConfig: description: kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift @@ -370,12 +383,37 @@ spec: items: type: string logLevel: - description: "logLevel allows configuring the logging level of the - components deployed by the operator. Currently only Kuryr SDN is - affected by this setting. Please note that turning on extensive - logging may affect performance. The default value is \"Normal\". - \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". - Defaults to \"Normal\"." + description: "logLevel is an intent based logging for an overall component. + \ It does not give fine grained control, but it is a simple way + to manage coarse grained logging choices that operators have to + interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", + \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + managementState: + description: managementState indicates whether and how the operator + should manage the component + type: string + pattern: ^(Managed|Unmanaged|Force|Removed)$ + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + type: object + nullable: true + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal enum: @@ -391,7 +429,79 @@ spec: type: array items: type: string + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + type: object + nullable: true + x-kubernetes-preserve-unknown-fields: true status: - description: NetworkStatus is currently unused. Instead, status is reported - in the Network.config.openshift.io object. + description: NetworkStatus is detailed operator status, which is distilled + up to the Network clusteroperator object. type: object + properties: + conditions: + description: conditions is a list of conditions and their status + type: array + items: + description: OperatorCondition is just the standard condition fields. + type: object + properties: + lastTransitionTime: + type: string + format: date-time + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + type: array + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + type: object + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + type: integer + format: int64 + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + type: integer + format: int64 + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + type: integer + format: int32 + version: + description: version is the level this availability applies to + type: string diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml index ae39ae7164d9..7435ac92c86c 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: consoles.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster group: operator.openshift.io @@ -80,6 +82,78 @@ spec: in page titles, logo alt text, and the about dialog instead of the normal OpenShift product name. type: string + developerCatalog: + description: developerCatalog allows to configure the shown developer + catalog categories. + type: object + properties: + categories: + description: categories which are shown in the developer catalog. + type: array + items: + description: DeveloperConsoleCatalogCategory for the developer + console catalog. + type: object + required: + - id + - label + properties: + id: + description: ID is an identifier used in the URL to + enable deep linking in console. ID is required and + must have 1-32 URL safe (A-Z, a-z, 0-9, - and _) characters. + type: string + maxLength: 32 + minLength: 1 + pattern: ^[A-Za-z0-9-_]+$ + label: + description: label defines a category display label. + It is required and must have 1-64 characters. + type: string + maxLength: 64 + minLength: 1 + subcategories: + description: subcategories defines a list of child categories. + type: array + items: + description: DeveloperConsoleCatalogCategoryMeta are + the key identifiers of a developer catalog category. + type: object + required: + - id + - label + properties: + id: + description: ID is an identifier used in the URL + to enable deep linking in console. ID is required + and must have 1-32 URL safe (A-Z, a-z, 0-9, + - and _) characters. + type: string + maxLength: 32 + minLength: 1 + pattern: ^[A-Za-z0-9-_]+$ + label: + description: label defines a category display + label. It is required and must have 1-64 characters. + type: string + maxLength: 64 + minLength: 1 + tags: + description: tags is a list of strings that will + match the category. A selected category show + all items which has at least one overlapping + tag between category and item. + type: array + items: + type: string + tags: + description: tags is a list of strings that will match + the category. A selected category show all items which + has at least one overlapping tag between category + and item. + type: array + items: + type: string documentationBaseURL: description: documentationBaseURL links to external documentation are shown in various sections of the web console. Providing diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00-custom-resource-definition.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00-custom-resource-definition.yaml index 09bb779084ca..d891ca4ed82f 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00-custom-resource-definition.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00-custom-resource-definition.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: dnses.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: operator.openshift.io names: diff --git a/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml index 709eff4fe4e6..720253030523 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: csisnapshotcontrollers.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: operator.openshift.io names: diff --git a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml index 9ac8d6d151c8..9d47aa2d6d32 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml @@ -2,7 +2,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" name: clustercsidrivers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/types_console.go b/vendor/github.com/openshift/api/operator/v1/types_console.go index 1ef92853575b..d893cae78a6b 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_console.go +++ b/vendor/github.com/openshift/api/operator/v1/types_console.go @@ -106,6 +106,51 @@ type ConsoleCustomization struct { // SVG format preferred // +optional CustomLogoFile configv1.ConfigMapFileReference `json:"customLogoFile,omitempty"` + // developerCatalog allows to configure the shown developer catalog categories. + // +kubebuilder:validation:Optional + // +optional + DeveloperCatalog DeveloperConsoleCatalogCustomization `json:"developerCatalog,omitempty"` +} + +// DeveloperConsoleCatalogCustomization allow cluster admin to configure developer catalog. +type DeveloperConsoleCatalogCustomization struct { + // categories which are shown in the developer catalog. + // +kubebuilder:validation:Optional + // +optional + Categories []DeveloperConsoleCatalogCategory `json:"categories,omitempty"` +} + +// DeveloperConsoleCatalogCategoryMeta are the key identifiers of a developer catalog category. +type DeveloperConsoleCatalogCategoryMeta struct { + // ID is an identifier used in the URL to enable deep linking in console. + // ID is required and must have 1-32 URL safe (A-Z, a-z, 0-9, - and _) characters. + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=32 + // +kubebuilder:validation:Pattern=`^[A-Za-z0-9-_]+$` + // +required + ID string `json:"id"` + // label defines a category display label. It is required and must have 1-64 characters. + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=64 + // +required + Label string `json:"label"` + // tags is a list of strings that will match the category. A selected category + // show all items which has at least one overlapping tag between category and item. + // +kubebuilder:validation:Optional + // +optional + Tags []string `json:"tags,omitempty"` +} + +// DeveloperConsoleCatalogCategory for the developer console catalog. +type DeveloperConsoleCatalogCategory struct { + // defines top level category ID, label and filter tags. + DeveloperConsoleCatalogCategoryMeta `json:",inline"` + // subcategories defines a list of child categories. + // +kubebuilder:validation:Optional + // +optional + Subcategories []DeveloperConsoleCatalogCategoryMeta `json:"subcategories,omitempty"` } // Brand is a specific supported brand within the console. diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go index 4f83e4c15e1c..11086adaa8d4 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go @@ -815,6 +815,16 @@ type IngressControllerHTTPUniqueIdHeaderPolicy struct { Format string `json:"format,omitempty"` } +// IngressControllerHTTPHeaderNameCaseAdjustment is the name of an HTTP header +// (for example, "X-Forwarded-For") in the desired capitalization. The value +// must be a valid HTTP header name as defined in RFC 2616 section 4.2. +// +// +optional +// +kubebuilder:validation:Pattern="^$|^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$" +// +kubebuilder:validation:MinLength=0 +// +kubebuilder:validation:MaxLength=1024 +type IngressControllerHTTPHeaderNameCaseAdjustment string + // IngressControllerHTTPHeaders specifies how the IngressController handles // certain HTTP headers. type IngressControllerHTTPHeaders struct { @@ -851,6 +861,26 @@ type IngressControllerHTTPHeaders struct { // // +optional UniqueId IngressControllerHTTPUniqueIdHeaderPolicy `json:"uniqueId,omitempty"` + + // headerNameCaseAdjustments specifies case adjustments that can be + // applied to HTTP header names. Each adjustment is specified as an + // HTTP header name with the desired capitalization. For example, + // specifying "X-Forwarded-For" indicates that the "x-forwarded-for" + // HTTP header should be adjusted to have the specified capitalization. + // + // These adjustments are only applied to cleartext, edge-terminated, and + // re-encrypt routes, and only when using HTTP/1. + // + // For request headers, these adjustments are applied only for routes + // that have the haproxy.router.openshift.io/h1-adjust-case=true + // annotation. For response headers, these adjustments are applied to + // all HTTP responses. + // + // If this field is empty, no request headers are adjusted. + // + // +nullable + // +optional + HeaderNameCaseAdjustments []IngressControllerHTTPHeaderNameCaseAdjustment `json:"headerNameCaseAdjustments,omitempty"` } var ( diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 71cf5a35e59d..ef022dc554f4 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -19,9 +19,10 @@ type Network struct { Status NetworkStatus `json:"status,omitempty"` } -// NetworkStatus is currently unused. Instead, status -// is reported in the Network.config.openshift.io object. +// NetworkStatus is detailed operator status, which is distilled +// up to the Network clusteroperator object. type NetworkStatus struct { + OperatorStatus `json:",inline"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -35,6 +36,8 @@ type NetworkList struct { // NetworkSpec is the top-level network configuration object. type NetworkSpec struct { + OperatorSpec `json:",inline"` + // clusterNetwork is the IP address pool to use for pod IPs. // Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. // Others only support one. This is equivalent to the cluster-cidr. @@ -65,21 +68,18 @@ type NetworkSpec struct { // +optional DeployKubeProxy *bool `json:"deployKubeProxy,omitempty"` + // disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck + // CRs from a test pod to every node, apiserver and LB should be disabled or not. + // If unset, this property defaults to 'false' and network diagnostics is enabled. + // Setting this to 'true' would reduce the additional load of the pods performing the checks. + // +optional + // +kubebuilder:default:=false + DisableNetworkDiagnostics bool `json:"disableNetworkDiagnostics"` + // kubeProxyConfig lets us configure desired proxy configuration. // If not specified, sensible defaults will be chosen by OpenShift directly. // Not consumed by all network providers - currently only openshift-sdn. KubeProxyConfig *ProxyConfig `json:"kubeProxyConfig,omitempty"` - - // logLevel allows configuring the logging level of the components deployed - // by the operator. Currently only Kuryr SDN is affected by this setting. - // Please note that turning on extensive logging may affect performance. - // The default value is "Normal". - // - // Valid values are: "Normal", "Debug", "Trace", "TraceAll". - // Defaults to "Normal". - // +optional - // +kubebuilder:default=Normal - LogLevel LogLevel `json:"logLevel,omitempty"` } // ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size @@ -321,6 +321,10 @@ type OVNKubernetesConfig struct { // not using OVN. // +optional HybridOverlayConfig *HybridOverlayConfig `json:"hybridOverlayConfig,omitempty"` + // ipsecConfig enables and configures IPsec for pods on the pod network within the + // cluster. + // +optional + IPsecConfig *IPsecConfig `json:"ipsecConfig,omitempty"` } type HybridOverlayConfig struct { @@ -332,6 +336,9 @@ type HybridOverlayConfig struct { HybridOverlayVXLANPort *uint32 `json:"hybridOverlayVXLANPort,omitempty"` } +type IPsecConfig struct { +} + // NetworkType describes the network plugin type to configure type NetworkType string diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index 97439f4028a6..695873afcd6f 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -654,6 +654,7 @@ func (in *ConsoleConfigRoute) DeepCopy() *ConsoleConfigRoute { func (in *ConsoleCustomization) DeepCopyInto(out *ConsoleCustomization) { *out = *in out.CustomLogoFile = in.CustomLogoFile + in.DeveloperCatalog.DeepCopyInto(&out.DeveloperCatalog) return } @@ -725,7 +726,7 @@ func (in *ConsoleProviders) DeepCopy() *ConsoleProviders { func (in *ConsoleSpec) DeepCopyInto(out *ConsoleSpec) { *out = *in in.OperatorSpec.DeepCopyInto(&out.OperatorSpec) - out.Customization = in.Customization + in.Customization.DeepCopyInto(&out.Customization) in.Providers.DeepCopyInto(&out.Providers) out.Route = in.Route return @@ -912,6 +913,74 @@ func (in *DefaultNetworkDefinition) DeepCopy() *DefaultNetworkDefinition { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeveloperConsoleCatalogCategory) DeepCopyInto(out *DeveloperConsoleCatalogCategory) { + *out = *in + in.DeveloperConsoleCatalogCategoryMeta.DeepCopyInto(&out.DeveloperConsoleCatalogCategoryMeta) + if in.Subcategories != nil { + in, out := &in.Subcategories, &out.Subcategories + *out = make([]DeveloperConsoleCatalogCategoryMeta, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeveloperConsoleCatalogCategory. +func (in *DeveloperConsoleCatalogCategory) DeepCopy() *DeveloperConsoleCatalogCategory { + if in == nil { + return nil + } + out := new(DeveloperConsoleCatalogCategory) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeveloperConsoleCatalogCategoryMeta) DeepCopyInto(out *DeveloperConsoleCatalogCategoryMeta) { + *out = *in + if in.Tags != nil { + in, out := &in.Tags, &out.Tags + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeveloperConsoleCatalogCategoryMeta. +func (in *DeveloperConsoleCatalogCategoryMeta) DeepCopy() *DeveloperConsoleCatalogCategoryMeta { + if in == nil { + return nil + } + out := new(DeveloperConsoleCatalogCategoryMeta) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeveloperConsoleCatalogCustomization) DeepCopyInto(out *DeveloperConsoleCatalogCustomization) { + *out = *in + if in.Categories != nil { + in, out := &in.Categories, &out.Categories + *out = make([]DeveloperConsoleCatalogCategory, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeveloperConsoleCatalogCustomization. +func (in *DeveloperConsoleCatalogCustomization) DeepCopy() *DeveloperConsoleCatalogCustomization { + if in == nil { + return nil + } + out := new(DeveloperConsoleCatalogCustomization) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EndpointPublishingStrategy) DeepCopyInto(out *EndpointPublishingStrategy) { *out = *in @@ -1143,6 +1212,22 @@ func (in *IPAMConfig) DeepCopy() *IPAMConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPsecConfig) DeepCopyInto(out *IPsecConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPsecConfig. +func (in *IPsecConfig) DeepCopy() *IPsecConfig { + if in == nil { + return nil + } + out := new(IPsecConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IngressController) DeepCopyInto(out *IngressController) { *out = *in @@ -1250,6 +1335,11 @@ func (in *IngressControllerCaptureHTTPHeaders) DeepCopy() *IngressControllerCapt func (in *IngressControllerHTTPHeaders) DeepCopyInto(out *IngressControllerHTTPHeaders) { *out = *in out.UniqueId = in.UniqueId + if in.HeaderNameCaseAdjustments != nil { + in, out := &in.HeaderNameCaseAdjustments, &out.HeaderNameCaseAdjustments + *out = make([]IngressControllerHTTPHeaderNameCaseAdjustment, len(*in)) + copy(*out, *in) + } return } @@ -1384,7 +1474,7 @@ func (in *IngressControllerSpec) DeepCopyInto(out *IngressControllerSpec) { if in.HTTPHeaders != nil { in, out := &in.HTTPHeaders, &out.HTTPHeaders *out = new(IngressControllerHTTPHeaders) - **out = **in + (*in).DeepCopyInto(*out) } return } @@ -1950,7 +2040,7 @@ func (in *Network) DeepCopyInto(out *Network) { out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status + in.Status.DeepCopyInto(&out.Status) return } @@ -2008,6 +2098,7 @@ func (in *NetworkList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) { *out = *in + in.OperatorSpec.DeepCopyInto(&out.OperatorSpec) if in.ClusterNetwork != nil { in, out := &in.ClusterNetwork, &out.ClusterNetwork *out = make([]ClusterNetworkEntry, len(*in)) @@ -2057,6 +2148,7 @@ func (in *NetworkSpec) DeepCopy() *NetworkSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworkStatus) DeepCopyInto(out *NetworkStatus) { *out = *in + in.OperatorStatus.DeepCopyInto(&out.OperatorStatus) return } @@ -2169,6 +2261,11 @@ func (in *OVNKubernetesConfig) DeepCopyInto(out *OVNKubernetesConfig) { *out = new(HybridOverlayConfig) (*in).DeepCopyInto(*out) } + if in.IPsecConfig != nil { + in, out := &in.IPsecConfig, &out.IPsecConfig + *out = new(IPsecConfig) + **out = **in + } return } diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index e95447cd9eec..d9eea42bfa0d 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -202,6 +202,7 @@ var map_ConsoleCustomization = map[string]string{ "documentationBaseURL": "documentationBaseURL links to external documentation are shown in various sections of the web console. Providing documentationBaseURL will override the default documentation URL. Invalid value will prevent a console rollout.", "customProductName": "customProductName is the name that will be displayed in page titles, logo alt text, and the about dialog instead of the normal OpenShift product name.", "customLogoFile": "customLogoFile replaces the default OpenShift logo in the masthead and about dialog. It is a reference to a ConfigMap in the openshift-config namespace. This can be created with a command like 'oc create configmap custom-logo --from-file=/path/to/file -n openshift-config'. Image size must be less than 1 MB due to constraints on the ConfigMap size. The ConfigMap key should include a file extension so that the console serves the file with the correct MIME type. Recommended logo specifications: Dimensions: Max height of 68px and max width of 200px SVG format preferred", + "developerCatalog": "developerCatalog allows to configure the shown developer catalog categories.", } func (ConsoleCustomization) SwaggerDoc() map[string]string { @@ -236,6 +237,35 @@ func (ConsoleStatus) SwaggerDoc() map[string]string { return map_ConsoleStatus } +var map_DeveloperConsoleCatalogCategory = map[string]string{ + "": "DeveloperConsoleCatalogCategory for the developer console catalog.", + "subcategories": "subcategories defines a list of child categories.", +} + +func (DeveloperConsoleCatalogCategory) SwaggerDoc() map[string]string { + return map_DeveloperConsoleCatalogCategory +} + +var map_DeveloperConsoleCatalogCategoryMeta = map[string]string{ + "": "DeveloperConsoleCatalogCategoryMeta are the key identifiers of a developer catalog category.", + "id": "ID is an identifier used in the URL to enable deep linking in console. ID is required and must have 1-32 URL safe (A-Z, a-z, 0-9, - and _) characters.", + "label": "label defines a category display label. It is required and must have 1-64 characters.", + "tags": "tags is a list of strings that will match the category. A selected category show all items which has at least one overlapping tag between category and item.", +} + +func (DeveloperConsoleCatalogCategoryMeta) SwaggerDoc() map[string]string { + return map_DeveloperConsoleCatalogCategoryMeta +} + +var map_DeveloperConsoleCatalogCustomization = map[string]string{ + "": "DeveloperConsoleCatalogCustomization allow cluster admin to configure developer catalog.", + "categories": "categories which are shown in the developer catalog.", +} + +func (DeveloperConsoleCatalogCustomization) SwaggerDoc() map[string]string { + return map_DeveloperConsoleCatalogCustomization +} + var map_StatuspageProvider = map[string]string{ "": "StatuspageProvider provides identity for statuspage account.", "pageID": "pageID is the unique ID assigned by Statuspage for your page. This must be a public page.", @@ -507,9 +537,10 @@ func (IngressControllerCaptureHTTPHeaders) SwaggerDoc() map[string]string { } var map_IngressControllerHTTPHeaders = map[string]string{ - "": "IngressControllerHTTPHeaders specifies how the IngressController handles certain HTTP headers.", - "forwardedHeaderPolicy": "forwardedHeaderPolicy specifies when and how the IngressController sets the Forwarded, X-Forwarded-For, X-Forwarded-Host, X-Forwarded-Port, X-Forwarded-Proto, and X-Forwarded-Proto-Version HTTP headers. The value may be one of the following:\n\n* \"Append\", which specifies that the IngressController appends the\n headers, preserving existing headers.\n\n* \"Replace\", which specifies that the IngressController sets the\n headers, replacing any existing Forwarded or X-Forwarded-* headers.\n\n* \"IfNone\", which specifies that the IngressController sets the\n headers if they are not already set.\n\n* \"Never\", which specifies that the IngressController never sets the\n headers, preserving any existing headers.\n\nBy default, the policy is \"Append\".", - "uniqueId": "uniqueId describes configuration for a custom HTTP header that the ingress controller should inject into incoming HTTP requests. Typically, this header is configured to have a value that is unique to the HTTP request. The header can be used by applications or included in access logs to facilitate tracing individual HTTP requests.\n\nIf this field is empty, no such header is injected into requests.", + "": "IngressControllerHTTPHeaders specifies how the IngressController handles certain HTTP headers.", + "forwardedHeaderPolicy": "forwardedHeaderPolicy specifies when and how the IngressController sets the Forwarded, X-Forwarded-For, X-Forwarded-Host, X-Forwarded-Port, X-Forwarded-Proto, and X-Forwarded-Proto-Version HTTP headers. The value may be one of the following:\n\n* \"Append\", which specifies that the IngressController appends the\n headers, preserving existing headers.\n\n* \"Replace\", which specifies that the IngressController sets the\n headers, replacing any existing Forwarded or X-Forwarded-* headers.\n\n* \"IfNone\", which specifies that the IngressController sets the\n headers if they are not already set.\n\n* \"Never\", which specifies that the IngressController never sets the\n headers, preserving any existing headers.\n\nBy default, the policy is \"Append\".", + "uniqueId": "uniqueId describes configuration for a custom HTTP header that the ingress controller should inject into incoming HTTP requests. Typically, this header is configured to have a value that is unique to the HTTP request. The header can be used by applications or included in access logs to facilitate tracing individual HTTP requests.\n\nIf this field is empty, no such header is injected into requests.", + "headerNameCaseAdjustments": "headerNameCaseAdjustments specifies case adjustments that can be applied to HTTP header names. Each adjustment is specified as an HTTP header name with the desired capitalization. For example, specifying \"X-Forwarded-For\" indicates that the \"x-forwarded-for\" HTTP header should be adjusted to have the specified capitalization.\n\nThese adjustments are only applied to cleartext, edge-terminated, and re-encrypt routes, and only when using HTTP/1.\n\nFor request headers, these adjustments are applied only for routes that have the haproxy.router.openshift.io/h1-adjust-case=true annotation. For response headers, these adjustments are applied to all HTTP responses.\n\nIf this field is empty, no request headers are adjusted.", } func (IngressControllerHTTPHeaders) SwaggerDoc() map[string]string { @@ -794,15 +825,15 @@ func (NetworkList) SwaggerDoc() map[string]string { } var map_NetworkSpec = map[string]string{ - "": "NetworkSpec is the top-level network configuration object.", - "clusterNetwork": "clusterNetwork is the IP address pool to use for pod IPs. Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr.", - "serviceNetwork": "serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth.", - "defaultNetwork": "defaultNetwork is the \"default\" network that all pods will receive", - "additionalNetworks": "additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled.", - "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.", - "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.", - "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn.", - "logLevel": "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive logging may affect performance. The default value is \"Normal\".\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", + "": "NetworkSpec is the top-level network configuration object.", + "clusterNetwork": "clusterNetwork is the IP address pool to use for pod IPs. Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr.", + "serviceNetwork": "serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth.", + "defaultNetwork": "defaultNetwork is the \"default\" network that all pods will receive", + "additionalNetworks": "additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled.", + "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.", + "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.", + "disableNetworkDiagnostics": "disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck CRs from a test pod to every node, apiserver and LB should be disabled or not. If unset, this property defaults to 'false' and network diagnostics is enabled. Setting this to 'true' would reduce the additional load of the pods performing the checks.", + "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn.", } func (NetworkSpec) SwaggerDoc() map[string]string { @@ -810,7 +841,7 @@ func (NetworkSpec) SwaggerDoc() map[string]string { } var map_NetworkStatus = map[string]string{ - "": "NetworkStatus is currently unused. Instead, status is reported in the Network.config.openshift.io object.", + "": "NetworkStatus is detailed operator status, which is distilled up to the Network clusteroperator object.", } func (NetworkStatus) SwaggerDoc() map[string]string { @@ -822,6 +853,7 @@ var map_OVNKubernetesConfig = map[string]string{ "mtu": "mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default is 1400", "genevePort": "geneve port is the UDP port to be used by geneve encapulation. Default is 6081", "hybridOverlayConfig": "HybridOverlayConfig configures an additional overlay network for peers that are not using OVN.", + "ipsecConfig": "ipsecConfig enables and configures IPsec for pods on the pod network within the cluster.", } func (OVNKubernetesConfig) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml index 66cb5c6a3eac..7ce8fa11765b 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml @@ -3,7 +3,9 @@ kind: CustomResourceDefinition metadata: name: imagecontentsourcepolicies.operator.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: operator.openshift.io scope: Cluster diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml index a11af8884c1b..1009c9162a5a 100644 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml @@ -3,6 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" name: podnetworkconnectivitychecks.controlplane.operator.openshift.io spec: group: controlplane.operator.openshift.io diff --git a/vendor/github.com/openshift/api/project/v1/generated.proto b/vendor/github.com/openshift/api/project/v1/generated.proto index 2baaf6a031bd..9b0637dea08a 100644 --- a/vendor/github.com/openshift/api/project/v1/generated.proto +++ b/vendor/github.com/openshift/api/project/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.project.v1; diff --git a/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml b/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml index 8382490414d4..ae60b571a95d 100644 --- a/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml +++ b/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml @@ -2,7 +2,9 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" name: clusterresourcequotas.quota.openshift.io spec: group: quota.openshift.io diff --git a/vendor/github.com/openshift/api/quota/v1/generated.proto b/vendor/github.com/openshift/api/quota/v1/generated.proto index ba3fe4659d14..7f2734761a4e 100644 --- a/vendor/github.com/openshift/api/quota/v1/generated.proto +++ b/vendor/github.com/openshift/api/quota/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.quota.v1; diff --git a/vendor/github.com/openshift/api/route/v1/generated.proto b/vendor/github.com/openshift/api/route/v1/generated.proto index abf11f4c4a6e..42031b3463c4 100644 --- a/vendor/github.com/openshift/api/route/v1/generated.proto +++ b/vendor/github.com/openshift/api/route/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.route.v1; diff --git a/vendor/github.com/openshift/api/samples/v1/0000_10_samplesconfig.crd.yaml b/vendor/github.com/openshift/api/samples/v1/0000_10_samplesconfig.crd.yaml index 1318d4fb107b..185fe4bd1d22 100644 --- a/vendor/github.com/openshift/api/samples/v1/0000_10_samplesconfig.crd.yaml +++ b/vendor/github.com/openshift/api/samples/v1/0000_10_samplesconfig.crd.yaml @@ -3,8 +3,11 @@ kind: CustomResourceDefinition metadata: name: configs.samples.operator.openshift.io annotations: - displayName: ConfigsSamples description: Extension for configuring openshif samples operator. + displayName: ConfigsSamples + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster subresources: diff --git a/vendor/github.com/openshift/api/samples/v1/generated.proto b/vendor/github.com/openshift/api/samples/v1/generated.proto index 47f5b93c1d78..4aecf67a794f 100644 --- a/vendor/github.com/openshift/api/samples/v1/generated.proto +++ b/vendor/github.com/openshift/api/samples/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.samples.v1; diff --git a/vendor/github.com/openshift/api/security/v1/0000_03_security-openshift_01_scc.crd.yaml b/vendor/github.com/openshift/api/security/v1/0000_03_security-openshift_01_scc.crd.yaml index e8f10ce7d876..480f7b273078 100644 --- a/vendor/github.com/openshift/api/security/v1/0000_03_security-openshift_01_scc.crd.yaml +++ b/vendor/github.com/openshift/api/security/v1/0000_03_security-openshift_01_scc.crd.yaml @@ -1,355 +1,362 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: securitycontextconstraints.security.openshift.io annotations: + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" spec: group: security.openshift.io + scope: Cluster names: kind: SecurityContextConstraints listKind: SecurityContextConstraintsList plural: securitycontextconstraints singular: securitycontextconstraints - scope: Cluster - preserveUnknownFields: false versions: - name: v1 served: true storage: true - additionalPrinterColumns: - - name: Priv - type: string - JSONPath: .allowPrivilegedContainer - description: Determines if a container can request to be run as privileged - - name: Caps - type: string - JSONPath: .allowedCapabilities - description: A list of capabilities that can be requested to add to the container - - name: SELinux - type: string - JSONPath: .seLinuxContext.type - description: Strategy that will dictate what labels will be set in the SecurityContext - - name: RunAsUser - type: string - JSONPath: .runAsUser.type - description: Strategy that will dictate what RunAsUser is used in the SecurityContext - - name: FSGroup - type: string - JSONPath: .fsGroup.type - description: Strategy that will dictate what fs group is used by the SecurityContext - - name: SupGroup - type: string - JSONPath: .supplementalGroups.type - description: Strategy that will dictate what supplemental groups are used by the - SecurityContext - - name: Priority - type: string - JSONPath: .priority - description: Sort order of SCCs - - name: ReadOnlyRootFS - type: string - JSONPath: .readOnlyRootFilesystem - description: Force containers to run with a read only root file system - - name: Volumes - type: string - JSONPath: .volumes - description: White list of allowed volume plugins - "validation": - "openAPIV3Schema": - description: SecurityContextConstraints governs the ability to make requests - that affect the SecurityContext that will be applied to a container. For historical - reasons SCC was exposed under the core Kubernetes API group. That exposure - is deprecated and will be removed in a future release - users should instead - use the security.openshift.io group to manage SecurityContextConstraints. - type: object - required: - - allowHostDirVolumePlugin - - allowHostIPC - - allowHostNetwork - - allowHostPID - - allowHostPorts - - allowPrivilegedContainer - - allowedCapabilities - - defaultAddCapabilities - - priority - - readOnlyRootFilesystem - - requiredDropCapabilities - - volumes - properties: - allowHostDirVolumePlugin: - description: AllowHostDirVolumePlugin determines if the policy allow containers - to use the HostDir volume plugin - type: boolean - allowHostIPC: - description: AllowHostIPC determines if the policy allows host ipc in the - containers. - type: boolean - allowHostNetwork: - description: AllowHostNetwork determines if the policy allows the use of - HostNetwork in the pod spec. - type: boolean - allowHostPID: - description: AllowHostPID determines if the policy allows host pid in the - containers. - type: boolean - allowHostPorts: - description: AllowHostPorts determines if the policy allows host ports in - the containers. - type: boolean - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation determines if a pod can request to - allow privilege escalation. If unspecified, defaults to true. - type: boolean - nullable: true - allowPrivilegedContainer: - description: AllowPrivilegedContainer determines if a container can request - to be run as privileged. - type: boolean - allowedCapabilities: - description: AllowedCapabilities is a list of capabilities that can be requested - to add to the container. Capabilities in this field maybe added at the - pod author's discretion. You must not list a capability in both AllowedCapabilities - and RequiredDropCapabilities. To allow all capabilities you may use '*'. - type: array - items: - description: Capability represent POSIX capabilities type + additionalPrinterColumns: + - name: Priv + type: string + jsonPath: .allowPrivilegedContainer + description: Determines if a container can request to be run as privileged + - name: Caps + type: string + jsonPath: .allowedCapabilities + description: A list of capabilities that can be requested to add to the container + - name: SELinux + type: string + jsonPath: .seLinuxContext.type + description: Strategy that will dictate what labels will be set in the SecurityContext + - name: RunAsUser + type: string + jsonPath: .runAsUser.type + description: Strategy that will dictate what RunAsUser is used in the SecurityContext + - name: FSGroup + type: string + jsonPath: .fsGroup.type + description: Strategy that will dictate what fs group is used by the SecurityContext + - name: SupGroup + type: string + jsonPath: .supplementalGroups.type + description: Strategy that will dictate what supplemental groups are used by + the SecurityContext + - name: Priority + type: string + jsonPath: .priority + description: Sort order of SCCs + - name: ReadOnlyRootFS + type: string + jsonPath: .readOnlyRootFilesystem + description: Force containers to run with a read only root file system + - name: Volumes + type: string + jsonPath: .volumes + description: White list of allowed volume plugins + schema: + openAPIV3Schema: + description: SecurityContextConstraints governs the ability to make requests + that affect the SecurityContext that will be applied to a container. For + historical reasons SCC was exposed under the core Kubernetes API group. + That exposure is deprecated and will be removed in a future release - users + should instead use the security.openshift.io group to manage SecurityContextConstraints. + type: object + required: + - allowHostDirVolumePlugin + - allowHostIPC + - allowHostNetwork + - allowHostPID + - allowHostPorts + - allowPrivilegedContainer + - allowedCapabilities + - defaultAddCapabilities + - priority + - readOnlyRootFilesystem + - requiredDropCapabilities + - volumes + properties: + allowHostDirVolumePlugin: + description: AllowHostDirVolumePlugin determines if the policy allow containers + to use the HostDir volume plugin + type: boolean + allowHostIPC: + description: AllowHostIPC determines if the policy allows host ipc in + the containers. + type: boolean + allowHostNetwork: + description: AllowHostNetwork determines if the policy allows the use + of HostNetwork in the pod spec. + type: boolean + allowHostPID: + description: AllowHostPID determines if the policy allows host pid in + the containers. + type: boolean + allowHostPorts: + description: AllowHostPorts determines if the policy allows host ports + in the containers. + type: boolean + allowPrivilegeEscalation: + description: AllowPrivilegeEscalation determines if a pod can request + to allow privilege escalation. If unspecified, defaults to true. + type: boolean + nullable: true + allowPrivilegedContainer: + description: AllowPrivilegedContainer determines if a container can request + to be run as privileged. + type: boolean + allowedCapabilities: + description: AllowedCapabilities is a list of capabilities that can be + requested to add to the container. Capabilities in this field maybe + added at the pod author's discretion. You must not list a capability + in both AllowedCapabilities and RequiredDropCapabilities. To allow all + capabilities you may use '*'. + type: array + items: + description: Capability represent POSIX capabilities type + type: string + nullable: true + allowedFlexVolumes: + description: AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty + or nil indicates that all Flexvolumes may be used. This parameter is + effective only when the usage of the Flexvolumes is allowed in the "Volumes" + field. + type: array + items: + description: AllowedFlexVolume represents a single Flexvolume that is + allowed to be used. + type: object + required: + - driver + properties: + driver: + description: Driver is the name of the Flexvolume driver. + type: string + nullable: true + allowedUnsafeSysctls: + description: "AllowedUnsafeSysctls is a list of explicitly allowed unsafe + sysctls, defaults to none. Each entry is either a plain sysctl name + or ends in \"*\" in which case it is considered as a prefix of allowed + sysctls. Single * means all unsafe sysctls are allowed. Kubelet has + to whitelist all allowed unsafe sysctls explicitly to avoid rejection. + \n Examples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. + \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc." + type: array + items: + type: string + nullable: true + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - nullable: true - allowedFlexVolumes: - description: AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty - or nil indicates that all Flexvolumes may be used. This parameter is - effective only when the usage of the Flexvolumes is allowed in the "Volumes" - field. - type: array - items: - description: AllowedFlexVolume represents a single Flexvolume that is - allowed to be used. + defaultAddCapabilities: + description: DefaultAddCapabilities is the default set of capabilities + that will be added to the container unless the pod spec specifically + drops the capability. You may not list a capabiility in both DefaultAddCapabilities + and RequiredDropCapabilities. + type: array + items: + description: Capability represent POSIX capabilities type + type: string + nullable: true + defaultAllowPrivilegeEscalation: + description: DefaultAllowPrivilegeEscalation controls the default setting + for whether a process can gain more privileges than its parent process. + type: boolean + nullable: true + forbiddenSysctls: + description: "ForbiddenSysctls is a list of explicitly forbidden sysctls, + defaults to none. Each entry is either a plain sysctl name or ends in + \"*\" in which case it is considered as a prefix of forbidden sysctls. + Single * means all sysctls are forbidden. \n Examples: e.g. \"foo/*\" + forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", + \"foo.baz\", etc." + type: array + items: + type: string + nullable: true + fsGroup: + description: FSGroup is the strategy that will dictate what fs group is + used by the SecurityContext. type: object - required: - - driver properties: - driver: - description: Driver is the name of the Flexvolume driver. + ranges: + description: Ranges are the allowed ranges of fs groups. If you would + like to force a single fs group then supply a single range with + the same start and end. + type: array + items: + description: 'IDRange provides a min/max of an allowed range of + IDs. TODO: this could be reused for UIDs.' + type: object + properties: + max: + description: Max is the end of the range, inclusive. + type: integer + format: int64 + min: + description: Min is the start of the range, inclusive. + type: integer + format: int64 + type: + description: Type is the strategy that will dictate what FSGroup is + used in the SecurityContext. type: string - nullable: true - allowedUnsafeSysctls: - description: "AllowedUnsafeSysctls is a list of explicitly allowed unsafe - sysctls, defaults to none. Each entry is either a plain sysctl name or - ends in \"*\" in which case it is considered as a prefix of allowed sysctls. - Single * means all unsafe sysctls are allowed. Kubelet has to whitelist - all allowed unsafe sysctls explicitly to avoid rejection. \n Examples: - e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows - \"foo.bar\", \"foo.baz\", etc." - type: array - items: - type: string - nullable: true - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - defaultAddCapabilities: - description: DefaultAddCapabilities is the default set of capabilities that - will be added to the container unless the pod spec specifically drops - the capability. You may not list a capabiility in both DefaultAddCapabilities - and RequiredDropCapabilities. - type: array - items: - description: Capability represent POSIX capabilities type - type: string - nullable: true - defaultAllowPrivilegeEscalation: - description: DefaultAllowPrivilegeEscalation controls the default setting - for whether a process can gain more privileges than its parent process. - type: boolean - nullable: true - forbiddenSysctls: - description: "ForbiddenSysctls is a list of explicitly forbidden sysctls, - defaults to none. Each entry is either a plain sysctl name or ends in - \"*\" in which case it is considered as a prefix of forbidden sysctls. - Single * means all sysctls are forbidden. \n Examples: e.g. \"foo/*\" - forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", - \"foo.baz\", etc." - type: array - items: - type: string - nullable: true - fsGroup: - description: FSGroup is the strategy that will dictate what fs group is - used by the SecurityContext. - type: object - properties: - ranges: - description: Ranges are the allowed ranges of fs groups. If you would - like to force a single fs group then supply a single range with the - same start and end. - type: array - items: - description: 'IDRange provides a min/max of an allowed range of IDs. - TODO: this could be reused for UIDs.' - type: object - properties: - max: - description: Max is the end of the range, inclusive. - type: integer - format: int64 - min: - description: Min is the start of the range, inclusive. - type: integer - format: int64 - type: - description: Type is the strategy that will dictate what FSGroup is - used in the SecurityContext. + nullable: true + groups: + description: The groups that have permission to use this security context + constraints + type: array + items: type: string - nullable: true - groups: - description: The groups that have permission to use this security context - constraints - type: array - items: - type: string - nullable: true - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - priority: - description: Priority influences the sort order of SCCs when evaluating - which SCCs to try first for a given pod request based on access in the - Users and Groups fields. The higher the int, the higher priority. An - unset value is considered a 0 priority. If scores for multiple SCCs are - equal they will be sorted from most restrictive to least restrictive. - If both priorities and restrictions are equal the SCCs will be sorted - by name. - type: integer - format: int32 - nullable: true - readOnlyRootFilesystem: - description: ReadOnlyRootFilesystem when set to true will force containers - to run with a read only root file system. If the container specifically - requests to run with a non-read only root file system the SCC should deny - the pod. If set to false the container may run with a read only root file - system if it wishes but it will not be forced to. - type: boolean - requiredDropCapabilities: - description: RequiredDropCapabilities are the capabilities that will be - dropped from the container. These are required to be dropped and cannot - be added. - type: array - items: - description: Capability represent POSIX capabilities type + nullable: true + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - nullable: true - runAsUser: - description: RunAsUser is the strategy that will dictate what RunAsUser - is used in the SecurityContext. - type: object - properties: - type: - description: Type is the strategy that will dictate what RunAsUser is - used in the SecurityContext. - type: string - uid: - description: UID is the user id that containers must run as. Required - for the MustRunAs strategy if not using namespace/service account - allocated uids. - type: integer - format: int64 - uidRangeMax: - description: UIDRangeMax defines the max value for a strategy that allocates - by range. - type: integer - format: int64 - uidRangeMin: - description: UIDRangeMin defines the min value for a strategy that allocates - by range. - type: integer - format: int64 - nullable: true - seLinuxContext: - description: SELinuxContext is the strategy that will dictate what labels - will be set in the SecurityContext. - type: object - properties: - seLinuxOptions: - description: seLinuxOptions required to run as; required for MustRunAs - type: object - properties: - level: - description: Level is SELinux level label that applies to the container. - type: string - role: - description: Role is a SELinux role label that applies to the container. - type: string - type: - description: Type is a SELinux type label that applies to the container. - type: string - user: - description: User is a SELinux user label that applies to the container. - type: string - type: - description: Type is the strategy that will dictate what SELinux context - is used in the SecurityContext. + metadata: + type: object + priority: + description: Priority influences the sort order of SCCs when evaluating + which SCCs to try first for a given pod request based on access in the + Users and Groups fields. The higher the int, the higher priority. An + unset value is considered a 0 priority. If scores for multiple SCCs + are equal they will be sorted from most restrictive to least restrictive. + If both priorities and restrictions are equal the SCCs will be sorted + by name. + type: integer + format: int32 + nullable: true + readOnlyRootFilesystem: + description: ReadOnlyRootFilesystem when set to true will force containers + to run with a read only root file system. If the container specifically + requests to run with a non-read only root file system the SCC should + deny the pod. If set to false the container may run with a read only + root file system if it wishes but it will not be forced to. + type: boolean + requiredDropCapabilities: + description: RequiredDropCapabilities are the capabilities that will be + dropped from the container. These are required to be dropped and cannot + be added. + type: array + items: + description: Capability represent POSIX capabilities type type: string - nullable: true - seccompProfiles: - description: "SeccompProfiles lists the allowed profiles that may be set - for the pod or container's seccomp annotations. An unset (nil) or empty - value means that no profiles may be specifid by the pod or container.\tThe - wildcard '*' may be used to allow all profiles. When used to generate - a value for a pod the first non-wildcard profile will be used as the default." - type: array - items: - type: string - nullable: true - supplementalGroups: - description: SupplementalGroups is the strategy that will dictate what supplemental - groups are used by the SecurityContext. - type: object - properties: - ranges: - description: Ranges are the allowed ranges of supplemental groups. If - you would like to force a single supplemental group then supply a - single range with the same start and end. - type: array - items: - description: 'IDRange provides a min/max of an allowed range of IDs. - TODO: this could be reused for UIDs.' + nullable: true + runAsUser: + description: RunAsUser is the strategy that will dictate what RunAsUser + is used in the SecurityContext. + type: object + properties: + type: + description: Type is the strategy that will dictate what RunAsUser + is used in the SecurityContext. + type: string + uid: + description: UID is the user id that containers must run as. Required + for the MustRunAs strategy if not using namespace/service account + allocated uids. + type: integer + format: int64 + uidRangeMax: + description: UIDRangeMax defines the max value for a strategy that + allocates by range. + type: integer + format: int64 + uidRangeMin: + description: UIDRangeMin defines the min value for a strategy that + allocates by range. + type: integer + format: int64 + nullable: true + seLinuxContext: + description: SELinuxContext is the strategy that will dictate what labels + will be set in the SecurityContext. + type: object + properties: + seLinuxOptions: + description: seLinuxOptions required to run as; required for MustRunAs type: object properties: - max: - description: Max is the end of the range, inclusive. - type: integer - format: int64 - min: - description: Min is the start of the range, inclusive. - type: integer - format: int64 - type: - description: Type is the strategy that will dictate what supplemental - groups is used in the SecurityContext. + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + type: + description: Type is the strategy that will dictate what SELinux context + is used in the SecurityContext. + type: string + nullable: true + seccompProfiles: + description: "SeccompProfiles lists the allowed profiles that may be set + for the pod or container's seccomp annotations. An unset (nil) or empty + value means that no profiles may be specifid by the pod or container.\tThe + wildcard '*' may be used to allow all profiles. When used to generate + a value for a pod the first non-wildcard profile will be used as the + default." + type: array + items: type: string - nullable: true - users: - description: The users who have permissions to use this security context - constraints - type: array - items: - type: string - nullable: true - volumes: - description: Volumes is a white list of allowed volume plugins. FSType - corresponds directly with the field names of a VolumeSource (azureFile, - configMap, emptyDir). To allow all volumes you may use "*". To allow - no volumes, set to ["none"]. - type: array - items: - description: FS Type gives strong typing to different file systems that - are used by volumes. - type: string - nullable: true + nullable: true + supplementalGroups: + description: SupplementalGroups is the strategy that will dictate what + supplemental groups are used by the SecurityContext. + type: object + properties: + ranges: + description: Ranges are the allowed ranges of supplemental groups. If + you would like to force a single supplemental group then supply + a single range with the same start and end. + type: array + items: + description: 'IDRange provides a min/max of an allowed range of + IDs. TODO: this could be reused for UIDs.' + type: object + properties: + max: + description: Max is the end of the range, inclusive. + type: integer + format: int64 + min: + description: Min is the start of the range, inclusive. + type: integer + format: int64 + type: + description: Type is the strategy that will dictate what supplemental + groups is used in the SecurityContext. + type: string + nullable: true + users: + description: The users who have permissions to use this security context + constraints + type: array + items: + type: string + nullable: true + volumes: + description: Volumes is a white list of allowed volume plugins. FSType + corresponds directly with the field names of a VolumeSource (azureFile, + configMap, emptyDir). To allow all volumes you may use "*". To allow + no volumes, set to ["none"]. + type: array + items: + description: FS Type gives strong typing to different file systems that + are used by volumes. + type: string + nullable: true diff --git a/vendor/github.com/openshift/api/security/v1/generated.proto b/vendor/github.com/openshift/api/security/v1/generated.proto index 2c1df243a40a..53534b56974b 100644 --- a/vendor/github.com/openshift/api/security/v1/generated.proto +++ b/vendor/github.com/openshift/api/security/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.security.v1; diff --git a/vendor/github.com/openshift/api/template/v1/generated.proto b/vendor/github.com/openshift/api/template/v1/generated.proto index 5c017e228f03..793553b92cdd 100644 --- a/vendor/github.com/openshift/api/template/v1/generated.proto +++ b/vendor/github.com/openshift/api/template/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.template.v1; diff --git a/vendor/github.com/openshift/api/user/v1/generated.proto b/vendor/github.com/openshift/api/user/v1/generated.proto index 7444d41ef07b..0442844faea0 100644 --- a/vendor/github.com/openshift/api/user/v1/generated.proto +++ b/vendor/github.com/openshift/api/user/v1/generated.proto @@ -1,7 +1,7 @@ // This file was autogenerated by go-to-protobuf. Do not edit it manually! -syntax = 'proto2'; +syntax = "proto2"; package github.com.openshift.api.user.v1; @@ -79,6 +79,7 @@ message User { optional string fullName = 2; // Identities are the identities associated with this user + // +optional repeated string identities = 3; // Groups specifies group names this user is a member of. diff --git a/vendor/github.com/openshift/api/user/v1/types.go b/vendor/github.com/openshift/api/user/v1/types.go index 8708d027353f..1e5362bca45d 100644 --- a/vendor/github.com/openshift/api/user/v1/types.go +++ b/vendor/github.com/openshift/api/user/v1/types.go @@ -24,7 +24,8 @@ type User struct { FullName string `json:"fullName,omitempty" protobuf:"bytes,2,opt,name=fullName"` // Identities are the identities associated with this user - Identities []string `json:"identities" protobuf:"bytes,3,rep,name=identities"` + // +optional + Identities []string `json:"identities,omitempty" protobuf:"bytes,3,rep,name=identities"` // Groups specifies group names this user is a member of. // This field is deprecated and will be removed in a future release. diff --git a/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/accessor.go b/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/accessor.go index 02c2fabf6547..2ec773b74553 100644 --- a/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/accessor.go +++ b/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/accessor.go @@ -11,9 +11,9 @@ import ( kapierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" utilwait "k8s.io/apimachinery/pkg/util/wait" + utilquota "k8s.io/apiserver/pkg/quota/v1" etcd "k8s.io/apiserver/pkg/storage/etcd3" corev1listers "k8s.io/client-go/listers/core/v1" - utilquota "k8s.io/kubernetes/pkg/quota/v1" quotav1 "github.com/openshift/api/quota/v1" quotatypedclient "github.com/openshift/client-go/quota/clientset/versioned/typed/quota/v1" diff --git a/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/admission.go b/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/admission.go index 741629e55c68..f2834d625ec9 100644 --- a/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/admission.go +++ b/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/admission.go @@ -9,18 +9,20 @@ import ( "time" corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" utilruntime "k8s.io/apimachinery/pkg/util/runtime" utilwait "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/admission/initializer" + "k8s.io/apiserver/pkg/admission/plugin/resourcequota" + resourcequotaapi "k8s.io/apiserver/pkg/admission/plugin/resourcequota/apis/resourcequota" + quota "k8s.io/apiserver/pkg/quota/v1" "k8s.io/client-go/informers" corev1listers "k8s.io/client-go/listers/core/v1" "k8s.io/client-go/rest" - "k8s.io/kubernetes/pkg/quota/v1" + "k8s.io/klog/v2" "k8s.io/kubernetes/pkg/quota/v1/install" - "k8s.io/kubernetes/plugin/pkg/admission/resourcequota" - resourcequotaapi "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota" quotatypedclient "github.com/openshift/client-go/quota/clientset/versioned/typed/quota/v1" quotainformer "github.com/openshift/client-go/quota/informers/externalversions/quota/v1" @@ -84,8 +86,19 @@ func (q *clusterQuotaAdmission) Validate(ctx context.Context, a admission.Attrib if len(a.GetSubresource()) != 0 { return nil } - // ignore cluster level resources - if len(a.GetNamespace()) == 0 { + + // Ignore cluster level resources. + // We can't get the namespace for the request because attributes namespace means "what namesapce is this scoped to", + // not "is this cluster scoped resource". This makes a different for namespaces that have attributes namespace set + // to its name. Namespaces are cluster level object that shouldn't go into this plugin or it get blocked listing + // the namespace that is just being created. + obj := a.GetObject() + objMeta, ok := obj.(metav1.ObjectMetaAccessor) + if !ok { + klog.Warningf("ClusterQuotaAdmission received non-meta object %T", obj) + return nil + } + if len(objMeta.GetObjectMeta().GetNamespace()) == 0 { return nil } diff --git a/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/intializers.go b/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/intializers.go index a7ed923c9276..45d35a62afd1 100644 --- a/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/intializers.go +++ b/vendor/github.com/openshift/apiserver-library-go/pkg/admission/quota/clusterresourcequota/intializers.go @@ -2,7 +2,7 @@ package clusterresourcequota import ( "k8s.io/apiserver/pkg/admission" - quota "k8s.io/kubernetes/pkg/quota/v1" + quota "k8s.io/apiserver/pkg/quota/v1" quotainformer "github.com/openshift/client-go/quota/informers/externalversions/quota/v1" "github.com/openshift/library-go/pkg/quota/clusterquotamapping" diff --git a/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sccadmission/admission.go b/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sccadmission/admission.go index 5679423fd6ec..7f7652a8f929 100644 --- a/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sccadmission/admission.go +++ b/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sccadmission/admission.go @@ -14,6 +14,7 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/admission/initializer" + "k8s.io/apiserver/pkg/authentication/serviceaccount" "k8s.io/apiserver/pkg/authentication/user" "k8s.io/apiserver/pkg/authorization/authorizer" "k8s.io/client-go/kubernetes" @@ -22,7 +23,6 @@ import ( coreapi "k8s.io/kubernetes/pkg/apis/core" kapihelper "k8s.io/kubernetes/pkg/apis/core/helper" rbacregistry "k8s.io/kubernetes/pkg/registry/rbac" - "k8s.io/kubernetes/pkg/serviceaccount" securityv1 "github.com/openshift/api/security/v1" securityv1informer "github.com/openshift/client-go/security/informers/externalversions/security/v1" diff --git a/vendor/github.com/openshift/client-go/image/clientset/versioned/typed/image/v1/imagestream.go b/vendor/github.com/openshift/client-go/image/clientset/versioned/typed/image/v1/imagestream.go index dcfb8942e4c0..dea85bc9a1c3 100644 --- a/vendor/github.com/openshift/client-go/image/clientset/versioned/typed/image/v1/imagestream.go +++ b/vendor/github.com/openshift/client-go/image/clientset/versioned/typed/image/v1/imagestream.go @@ -8,7 +8,6 @@ import ( v1 "github.com/openshift/api/image/v1" scheme "github.com/openshift/client-go/image/clientset/versioned/scheme" - corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" @@ -32,7 +31,7 @@ type ImageStreamInterface interface { List(ctx context.Context, opts metav1.ListOptions) (*v1.ImageStreamList, error) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.ImageStream, err error) - Secrets(ctx context.Context, imageStreamName string, options metav1.GetOptions) (*corev1.SecretList, error) + Secrets(ctx context.Context, imageStreamName string, options metav1.GetOptions) (*v1.SecretList, error) Layers(ctx context.Context, imageStreamName string, options metav1.GetOptions) (*v1.ImageStreamLayers, error) ImageStreamExpansion @@ -182,9 +181,9 @@ func (c *imageStreams) Patch(ctx context.Context, name string, pt types.PatchTyp return } -// Secrets takes name of the imageStream, and returns the corresponding corev1.SecretList object, and an error if there is any. -func (c *imageStreams) Secrets(ctx context.Context, imageStreamName string, options metav1.GetOptions) (result *corev1.SecretList, err error) { - result = &corev1.SecretList{} +// Secrets takes name of the imageStream, and returns the corresponding v1.SecretList object, and an error if there is any. +func (c *imageStreams) Secrets(ctx context.Context, imageStreamName string, options metav1.GetOptions) (result *v1.SecretList, err error) { + result = &v1.SecretList{} err = c.client.Get(). Namespace(c.ns). Resource("imagestreams"). diff --git a/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/generated_expansion.go b/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/generated_expansion.go index d5e00863715b..accf8a50443c 100644 --- a/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/generated_expansion.go @@ -9,3 +9,5 @@ type OAuthAuthorizeTokenExpansion interface{} type OAuthClientExpansion interface{} type OAuthClientAuthorizationExpansion interface{} + +type UserOAuthAccessTokenExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/oauth_client.go b/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/oauth_client.go index d0ee41087c19..f1eeb22cd1d0 100644 --- a/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/oauth_client.go +++ b/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/oauth_client.go @@ -14,6 +14,7 @@ type OauthV1Interface interface { OAuthAuthorizeTokensGetter OAuthClientsGetter OAuthClientAuthorizationsGetter + UserOAuthAccessTokensGetter } // OauthV1Client is used to interact with features provided by the oauth.openshift.io group. @@ -37,6 +38,10 @@ func (c *OauthV1Client) OAuthClientAuthorizations() OAuthClientAuthorizationInte return newOAuthClientAuthorizations(c) } +func (c *OauthV1Client) UserOAuthAccessTokens() UserOAuthAccessTokenInterface { + return newUserOAuthAccessTokens(c) +} + // NewForConfig creates a new OauthV1Client for the given config. func NewForConfig(c *rest.Config) (*OauthV1Client, error) { config := *c diff --git a/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/useroauthaccesstoken.go b/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/useroauthaccesstoken.go new file mode 100644 index 000000000000..e80a745ef0b0 --- /dev/null +++ b/vendor/github.com/openshift/client-go/oauth/clientset/versioned/typed/oauth/v1/useroauthaccesstoken.go @@ -0,0 +1,152 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + "time" + + v1 "github.com/openshift/api/oauth/v1" + scheme "github.com/openshift/client-go/oauth/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// UserOAuthAccessTokensGetter has a method to return a UserOAuthAccessTokenInterface. +// A group's client should implement this interface. +type UserOAuthAccessTokensGetter interface { + UserOAuthAccessTokens() UserOAuthAccessTokenInterface +} + +// UserOAuthAccessTokenInterface has methods to work with UserOAuthAccessToken resources. +type UserOAuthAccessTokenInterface interface { + Create(ctx context.Context, userOAuthAccessToken *v1.UserOAuthAccessToken, opts metav1.CreateOptions) (*v1.UserOAuthAccessToken, error) + Update(ctx context.Context, userOAuthAccessToken *v1.UserOAuthAccessToken, opts metav1.UpdateOptions) (*v1.UserOAuthAccessToken, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.UserOAuthAccessToken, error) + List(ctx context.Context, opts metav1.ListOptions) (*v1.UserOAuthAccessTokenList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.UserOAuthAccessToken, err error) + UserOAuthAccessTokenExpansion +} + +// userOAuthAccessTokens implements UserOAuthAccessTokenInterface +type userOAuthAccessTokens struct { + client rest.Interface +} + +// newUserOAuthAccessTokens returns a UserOAuthAccessTokens +func newUserOAuthAccessTokens(c *OauthV1Client) *userOAuthAccessTokens { + return &userOAuthAccessTokens{ + client: c.RESTClient(), + } +} + +// Get takes name of the userOAuthAccessToken, and returns the corresponding userOAuthAccessToken object, and an error if there is any. +func (c *userOAuthAccessTokens) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.UserOAuthAccessToken, err error) { + result = &v1.UserOAuthAccessToken{} + err = c.client.Get(). + Resource("useroauthaccesstokens"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of UserOAuthAccessTokens that match those selectors. +func (c *userOAuthAccessTokens) List(ctx context.Context, opts metav1.ListOptions) (result *v1.UserOAuthAccessTokenList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1.UserOAuthAccessTokenList{} + err = c.client.Get(). + Resource("useroauthaccesstokens"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested userOAuthAccessTokens. +func (c *userOAuthAccessTokens) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("useroauthaccesstokens"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a userOAuthAccessToken and creates it. Returns the server's representation of the userOAuthAccessToken, and an error, if there is any. +func (c *userOAuthAccessTokens) Create(ctx context.Context, userOAuthAccessToken *v1.UserOAuthAccessToken, opts metav1.CreateOptions) (result *v1.UserOAuthAccessToken, err error) { + result = &v1.UserOAuthAccessToken{} + err = c.client.Post(). + Resource("useroauthaccesstokens"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(userOAuthAccessToken). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a userOAuthAccessToken and updates it. Returns the server's representation of the userOAuthAccessToken, and an error, if there is any. +func (c *userOAuthAccessTokens) Update(ctx context.Context, userOAuthAccessToken *v1.UserOAuthAccessToken, opts metav1.UpdateOptions) (result *v1.UserOAuthAccessToken, err error) { + result = &v1.UserOAuthAccessToken{} + err = c.client.Put(). + Resource("useroauthaccesstokens"). + Name(userOAuthAccessToken.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(userOAuthAccessToken). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the userOAuthAccessToken and deletes it. Returns an error if one occurs. +func (c *userOAuthAccessTokens) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error { + return c.client.Delete(). + Resource("useroauthaccesstokens"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *userOAuthAccessTokens) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("useroauthaccesstokens"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched userOAuthAccessToken. +func (c *userOAuthAccessTokens) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.UserOAuthAccessToken, err error) { + result = &v1.UserOAuthAccessToken{} + err = c.client.Patch(pt). + Resource("useroauthaccesstokens"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/openshift/client-go/oauth/informers/externalversions/generic.go b/vendor/github.com/openshift/client-go/oauth/informers/externalversions/generic.go index bd51d836c874..1b9fc0780610 100644 --- a/vendor/github.com/openshift/client-go/oauth/informers/externalversions/generic.go +++ b/vendor/github.com/openshift/client-go/oauth/informers/externalversions/generic.go @@ -45,6 +45,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1().OAuthClients().Informer()}, nil case v1.SchemeGroupVersion.WithResource("oauthclientauthorizations"): return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1().OAuthClientAuthorizations().Informer()}, nil + case v1.SchemeGroupVersion.WithResource("useroauthaccesstokens"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1().UserOAuthAccessTokens().Informer()}, nil } diff --git a/vendor/github.com/openshift/client-go/oauth/informers/externalversions/oauth/v1/interface.go b/vendor/github.com/openshift/client-go/oauth/informers/externalversions/oauth/v1/interface.go index 241c47aa68b2..d32b5cdeff7d 100644 --- a/vendor/github.com/openshift/client-go/oauth/informers/externalversions/oauth/v1/interface.go +++ b/vendor/github.com/openshift/client-go/oauth/informers/externalversions/oauth/v1/interface.go @@ -16,6 +16,8 @@ type Interface interface { OAuthClients() OAuthClientInformer // OAuthClientAuthorizations returns a OAuthClientAuthorizationInformer. OAuthClientAuthorizations() OAuthClientAuthorizationInformer + // UserOAuthAccessTokens returns a UserOAuthAccessTokenInformer. + UserOAuthAccessTokens() UserOAuthAccessTokenInformer } type version struct { @@ -48,3 +50,8 @@ func (v *version) OAuthClients() OAuthClientInformer { func (v *version) OAuthClientAuthorizations() OAuthClientAuthorizationInformer { return &oAuthClientAuthorizationInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } + +// UserOAuthAccessTokens returns a UserOAuthAccessTokenInformer. +func (v *version) UserOAuthAccessTokens() UserOAuthAccessTokenInformer { + return &userOAuthAccessTokenInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/openshift/client-go/oauth/informers/externalversions/oauth/v1/useroauthaccesstoken.go b/vendor/github.com/openshift/client-go/oauth/informers/externalversions/oauth/v1/useroauthaccesstoken.go new file mode 100644 index 000000000000..e146fb47285a --- /dev/null +++ b/vendor/github.com/openshift/client-go/oauth/informers/externalversions/oauth/v1/useroauthaccesstoken.go @@ -0,0 +1,73 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + time "time" + + oauthv1 "github.com/openshift/api/oauth/v1" + versioned "github.com/openshift/client-go/oauth/clientset/versioned" + internalinterfaces "github.com/openshift/client-go/oauth/informers/externalversions/internalinterfaces" + v1 "github.com/openshift/client-go/oauth/listers/oauth/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// UserOAuthAccessTokenInformer provides access to a shared informer and lister for +// UserOAuthAccessTokens. +type UserOAuthAccessTokenInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1.UserOAuthAccessTokenLister +} + +type userOAuthAccessTokenInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewUserOAuthAccessTokenInformer constructs a new informer for UserOAuthAccessToken type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewUserOAuthAccessTokenInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredUserOAuthAccessTokenInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredUserOAuthAccessTokenInformer constructs a new informer for UserOAuthAccessToken type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredUserOAuthAccessTokenInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options metav1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OauthV1().UserOAuthAccessTokens().List(context.TODO(), options) + }, + WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OauthV1().UserOAuthAccessTokens().Watch(context.TODO(), options) + }, + }, + &oauthv1.UserOAuthAccessToken{}, + resyncPeriod, + indexers, + ) +} + +func (f *userOAuthAccessTokenInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredUserOAuthAccessTokenInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *userOAuthAccessTokenInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&oauthv1.UserOAuthAccessToken{}, f.defaultInformer) +} + +func (f *userOAuthAccessTokenInformer) Lister() v1.UserOAuthAccessTokenLister { + return v1.NewUserOAuthAccessTokenLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/openshift/client-go/oauth/listers/oauth/v1/expansion_generated.go b/vendor/github.com/openshift/client-go/oauth/listers/oauth/v1/expansion_generated.go index e7d8b5eb59e1..1d0d95c0e0a0 100644 --- a/vendor/github.com/openshift/client-go/oauth/listers/oauth/v1/expansion_generated.go +++ b/vendor/github.com/openshift/client-go/oauth/listers/oauth/v1/expansion_generated.go @@ -17,3 +17,7 @@ type OAuthClientListerExpansion interface{} // OAuthClientAuthorizationListerExpansion allows custom methods to be added to // OAuthClientAuthorizationLister. type OAuthClientAuthorizationListerExpansion interface{} + +// UserOAuthAccessTokenListerExpansion allows custom methods to be added to +// UserOAuthAccessTokenLister. +type UserOAuthAccessTokenListerExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/oauth/listers/oauth/v1/useroauthaccesstoken.go b/vendor/github.com/openshift/client-go/oauth/listers/oauth/v1/useroauthaccesstoken.go new file mode 100644 index 000000000000..639f00112b00 --- /dev/null +++ b/vendor/github.com/openshift/client-go/oauth/listers/oauth/v1/useroauthaccesstoken.go @@ -0,0 +1,52 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/oauth/v1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// UserOAuthAccessTokenLister helps list UserOAuthAccessTokens. +// All objects returned here must be treated as read-only. +type UserOAuthAccessTokenLister interface { + // List lists all UserOAuthAccessTokens in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1.UserOAuthAccessToken, err error) + // Get retrieves the UserOAuthAccessToken from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1.UserOAuthAccessToken, error) + UserOAuthAccessTokenListerExpansion +} + +// userOAuthAccessTokenLister implements the UserOAuthAccessTokenLister interface. +type userOAuthAccessTokenLister struct { + indexer cache.Indexer +} + +// NewUserOAuthAccessTokenLister returns a new UserOAuthAccessTokenLister. +func NewUserOAuthAccessTokenLister(indexer cache.Indexer) UserOAuthAccessTokenLister { + return &userOAuthAccessTokenLister{indexer: indexer} +} + +// List lists all UserOAuthAccessTokens in the indexer. +func (s *userOAuthAccessTokenLister) List(selector labels.Selector) (ret []*v1.UserOAuthAccessToken, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1.UserOAuthAccessToken)) + }) + return ret, err +} + +// Get retrieves the UserOAuthAccessToken from the index for a given name. +func (s *userOAuthAccessTokenLister) Get(name string) (*v1.UserOAuthAccessToken, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1.Resource("useroauthaccesstoken"), name) + } + return obj.(*v1.UserOAuthAccessToken), nil +} diff --git a/vendor/github.com/openshift/library-go/pkg/git/repository.go b/vendor/github.com/openshift/library-go/pkg/git/repository.go index 6789fa3f1435..b5a64ac97245 100644 --- a/vendor/github.com/openshift/library-go/pkg/git/repository.go +++ b/vendor/github.com/openshift/library-go/pkg/git/repository.go @@ -37,6 +37,7 @@ type Repository interface { Add(dir string, spec string) error Commit(dir string, message string) error AddRemote(dir string, name, url string) error + AddConfig(location, name, value string) error AddLocalConfig(dir, name, value string) error AddGlobalConfig(name, value string) error ShowFormat(dir, commit, format string) (string, error) @@ -256,13 +257,28 @@ func (r *repository) AddRemote(location, name, url string) error { return err } -// AddLocalConfig adds a value to the current repository +// AddConfig adds a value to the default git configuration. This is one of the following locations: +// +// 1. The file or option specified by the GIT_CONFIG environment variable +// 2. The repository-specific git configuration ($location/.git/config) +func (r *repository) AddConfig(location, name, value string) error { + _, _, err := r.git(location, "config", "--add", name, value) + return err +} + +// AddLocalConfig adds a value to git configuration for the repository at the provided location. +// +// This command will return an error if the GIT_CONFIG environment variable is set. +// Use AddConfig instead. func (r *repository) AddLocalConfig(location, name, value string) error { _, _, err := r.git(location, "config", "--local", "--add", name, value) return err } -// AddGlobalConfig adds a value to the global git configuration +// AddGlobalConfig adds a value to the global git configuration. +// +// This command will return an error if the GIT_CONFIG environment variable is set. +// Use AddConfig instead. func (r *repository) AddGlobalConfig(name, value string) error { _, _, err := r.git("", "config", "--global", "--add", name, value) return err diff --git a/vendor/github.com/openshift/library-go/pkg/network/dialer_linux.go b/vendor/github.com/openshift/library-go/pkg/network/dialer_linux.go index e3cd3f4d3c82..b8ff8db85ee2 100644 --- a/vendor/github.com/openshift/library-go/pkg/network/dialer_linux.go +++ b/vendor/github.com/openshift/library-go/pkg/network/dialer_linux.go @@ -3,41 +3,38 @@ package network import ( - "context" "net" "os" "syscall" "time" "golang.org/x/sys/unix" + + utilerrors "k8s.io/apimachinery/pkg/util/errors" ) func dialerWithDefaultOptions() DialContext { nd := &net.Dialer{ // TCP_USER_TIMEOUT does affect the behaviour of connect() which is controlled by this field so we set it to the same value Timeout: 25 * time.Second, - } - return wrapDialContext(nd.DialContext) -} - -func wrapDialContext(dc DialContext) DialContext { - return func(ctx context.Context, network, address string) (net.Conn, error) { - conn, err := dc(ctx, network, address) - if err != nil { - return conn, err - } - - if tcpCon, ok := conn.(*net.TCPConn); ok { - tcpFD, err := tcpCon.File() + // KeepAlive must to be set to a negative value to stop std library from applying the default values + // by doing so we ensure that the options we are interested in won't be overwritten + KeepAlive: time.Duration(-1), + Control: func(network, address string, con syscall.RawConn) error { + var errs []error + err := con.Control(func(fd uintptr) { + optionsErr := setDefaultSocketOptions(int(fd)) + if optionsErr != nil { + errs = append(errs, optionsErr) + } + }) if err != nil { - return conn, err + errs = append(errs, err) } - if err := setDefaultSocketOptions(int(tcpFD.Fd())); err != nil { - return conn, err - } - } - return conn, nil + return utilerrors.NewAggregate(errs) + }, } + return nd.DialContext } // setDefaultSocketOptions sets custom socket options so that we can detect connections to an unhealthy (dead) peer quickly. @@ -58,6 +55,11 @@ func setDefaultSocketOptions(fd int) error { // specifies the threshold for sending the first KEEP ALIVE probe in seconds tcpKeepIdle := int(roundDuration(2*time.Second, time.Second)) + // enable keep-alive probes + if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_KEEPALIVE, 1); err != nil { + return wrapSyscallError("setsockopt", err) + } + if err := syscall.SetsockoptInt(int(fd), syscall.IPPROTO_TCP, unix.TCP_USER_TIMEOUT, tcpUserTimeoutInMilliSeconds); err != nil { return wrapSyscallError("setsockopt", err) } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissionregistration.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissionregistration.go new file mode 100644 index 000000000000..75d9d82a937e --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissionregistration.go @@ -0,0 +1,140 @@ +package resourceapply + +import ( + "context" + "fmt" + + "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" + admissionregistrationv1 "k8s.io/api/admissionregistration/v1" + admissionregistrationclientv1 "k8s.io/client-go/kubernetes/typed/admissionregistration/v1" + "k8s.io/klog/v2" + + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// ApplyMutatingWebhookConfiguration ensures the form of the specified +// mutatingwebhookconfiguration is present in the API. If it does not exist, +// it will be created. If it does exist, the metadata of the required +// mutatingwebhookconfiguration will be merged with the existing mutatingwebhookconfiguration +// and an update performed if the mutatingwebhookconfiguration spec and metadata differ from +// the previously required spec and metadata based on generation change. +func ApplyMutatingWebhookConfiguration(client admissionregistrationclientv1.MutatingWebhookConfigurationsGetter, recorder events.Recorder, + requiredOriginal *admissionregistrationv1.MutatingWebhookConfiguration, expectedGeneration int64) (*admissionregistrationv1.MutatingWebhookConfiguration, bool, error) { + + if requiredOriginal == nil { + return nil, false, fmt.Errorf("Unexpected nil instead of an object") + } + required := requiredOriginal.DeepCopy() + + existing, err := client.MutatingWebhookConfigurations().Get(context.TODO(), required.GetName(), metav1.GetOptions{}) + if apierrors.IsNotFound(err) { + actual, err := client.MutatingWebhookConfigurations().Create(context.TODO(), required, metav1.CreateOptions{}) + reportCreateEvent(recorder, required, err) + if err != nil { + return nil, false, err + } + return actual, true, nil + } else if err != nil { + return nil, false, err + } + + modified := resourcemerge.BoolPtr(false) + existingCopy := existing.DeepCopy() + + resourcemerge.EnsureObjectMeta(modified, &existingCopy.ObjectMeta, required.ObjectMeta) + if !*modified && existingCopy.GetGeneration() == expectedGeneration { + return existingCopy, false, nil + } + // at this point we know that we're going to perform a write. We're just trying to get the object correct + toWrite := existingCopy // shallow copy so the code reads easier + copyMutatingWebhookCABundle(existing, required) + toWrite.Webhooks = required.Webhooks + + klog.V(4).Infof("MutatingWebhookConfiguration %q changes: %v", required.GetNamespace()+"/"+required.GetName(), JSONPatchNoError(existing, toWrite)) + + actual, err := client.MutatingWebhookConfigurations().Update(context.TODO(), toWrite, metav1.UpdateOptions{}) + reportUpdateEvent(recorder, required, err) + if err != nil { + return nil, false, err + } + return actual, *modified || actual.GetGeneration() > existingCopy.GetGeneration(), nil +} + +// copyMutatingWebhookCABundle populates webhooks[].clientConfig.caBundle fields from existing resource if it was set before +// and is not set in present. This provides upgrade compatibility with service-ca-bundle operator. +func copyMutatingWebhookCABundle(from, to *admissionregistrationv1.MutatingWebhookConfiguration) { + fromMap := make(map[string]admissionregistrationv1.MutatingWebhook, len(from.Webhooks)) + for _, webhook := range from.Webhooks { + fromMap[webhook.Name] = webhook + } + + for i, wh := range to.Webhooks { + if existing, ok := fromMap[wh.Name]; ok && wh.ClientConfig.CABundle == nil { + to.Webhooks[i].ClientConfig.CABundle = existing.ClientConfig.CABundle + } + } +} + +// ApplyValidatingWebhookConfiguration ensures the form of the specified +// validatingwebhookconfiguration is present in the API. If it does not exist, +// it will be created. If it does exist, the metadata of the required +// validatingwebhookconfiguration will be merged with the existing validatingwebhookconfiguration +// and an update performed if the validatingwebhookconfiguration spec and metadata differ from +// the previously required spec and metadata based on generation change. +func ApplyValidatingWebhookConfiguration(client admissionregistrationclientv1.ValidatingWebhookConfigurationsGetter, recorder events.Recorder, + requiredOriginal *admissionregistrationv1.ValidatingWebhookConfiguration, expectedGeneration int64) (*admissionregistrationv1.ValidatingWebhookConfiguration, bool, error) { + if requiredOriginal == nil { + return nil, false, fmt.Errorf("Unexpected nil instead of an object") + } + required := requiredOriginal.DeepCopy() + + existing, err := client.ValidatingWebhookConfigurations().Get(context.TODO(), required.GetName(), metav1.GetOptions{}) + if apierrors.IsNotFound(err) { + actual, err := client.ValidatingWebhookConfigurations().Create(context.TODO(), required, metav1.CreateOptions{}) + reportCreateEvent(recorder, required, err) + if err != nil { + return nil, false, err + } + return actual, true, nil + } else if err != nil { + return nil, false, err + } + + modified := resourcemerge.BoolPtr(false) + existingCopy := existing.DeepCopy() + + resourcemerge.EnsureObjectMeta(modified, &existingCopy.ObjectMeta, required.ObjectMeta) + if !*modified && existingCopy.GetGeneration() == expectedGeneration { + return existingCopy, false, nil + } + // at this point we know that we're going to perform a write. We're just trying to get the object correct + toWrite := existingCopy // shallow copy so the code reads easier + copyValidatingWebhookCABundle(existing, required) + toWrite.Webhooks = required.Webhooks + + klog.V(4).Infof("ValidatingWebhookConfiguration %q changes: %v", required.GetNamespace()+"/"+required.GetName(), JSONPatchNoError(existing, toWrite)) + + actual, err := client.ValidatingWebhookConfigurations().Update(context.TODO(), toWrite, metav1.UpdateOptions{}) + reportUpdateEvent(recorder, required, err) + if err != nil { + return nil, false, err + } + return actual, *modified || actual.GetGeneration() > existingCopy.GetGeneration(), nil +} + +// copyValidatingWebhookCABundle populates webhooks[].clientConfig.caBundle fields from existing resource if it was set before +// and is not set in present. This provides upgrade compatibility with service-ca-bundle operator. +func copyValidatingWebhookCABundle(from, to *admissionregistrationv1.ValidatingWebhookConfiguration) { + fromMap := make(map[string]admissionregistrationv1.ValidatingWebhook, len(from.Webhooks)) + for _, webhook := range from.Webhooks { + fromMap[webhook.Name] = webhook + } + + for i, wh := range to.Webhooks { + if existing, ok := fromMap[wh.Name]; ok && wh.ClientConfig.CABundle == nil { + to.Webhooks[i].ClientConfig.CABundle = existing.ClientConfig.CABundle + } + } +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissions.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissions.go deleted file mode 100644 index 0edc4434918d..000000000000 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissions.go +++ /dev/null @@ -1,77 +0,0 @@ -package resourceapply - -import ( - "context" - - admissionv1 "k8s.io/api/admissionregistration/v1" - "k8s.io/apimachinery/pkg/api/equality" - apierrors "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - admissionclientv1 "k8s.io/client-go/kubernetes/typed/admissionregistration/v1" - "k8s.io/klog/v2" - - "github.com/openshift/library-go/pkg/operator/events" - "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" -) - -// ApplyValidatingWebhookConfiguration merges objectmeta, update webhooks. -func ApplyValidatingWebhookConfiguration(client admissionclientv1.ValidatingWebhookConfigurationsGetter, recorder events.Recorder, required *admissionv1.ValidatingWebhookConfiguration) (*admissionv1.ValidatingWebhookConfiguration, bool, error) { - existing, err := client.ValidatingWebhookConfigurations().Get(context.TODO(), required.Name, metav1.GetOptions{}) - if apierrors.IsNotFound(err) { - actual, err := client.ValidatingWebhookConfigurations(). - Create(context.TODO(), required, metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) - return actual, true, err - } - if err != nil { - return nil, false, err - } - - modified := resourcemerge.BoolPtr(false) - existingCopy := existing.DeepCopy() - - resourcemerge.EnsureObjectMeta(modified, &existingCopy.ObjectMeta, required.ObjectMeta) - contentSame := equality.Semantic.DeepEqual(existingCopy.Webhooks, required.Webhooks) - if contentSame && !*modified { - return existingCopy, false, nil - } - - if klog.V(4).Enabled() { - klog.Infof("ValidatingWebhookConfiguration %q changes: %v", required.Name, JSONPatchNoError(existing, required)) - } - - actual, err := client.ValidatingWebhookConfigurations().Update(context.TODO(), required, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) - return actual, true, err -} - -// ApplyMutatingWebhookConfiguration merges objectmeta, update webhooks. -func ApplyMutatingWebhookConfiguration(client admissionclientv1.MutatingWebhookConfigurationsGetter, recorder events.Recorder, required *admissionv1.MutatingWebhookConfiguration) (*admissionv1.MutatingWebhookConfiguration, bool, error) { - existing, err := client.MutatingWebhookConfigurations().Get(context.TODO(), required.Name, metav1.GetOptions{}) - if apierrors.IsNotFound(err) { - actual, err := client.MutatingWebhookConfigurations(). - Create(context.TODO(), required, metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) - return actual, true, err - } - if err != nil { - return nil, false, err - } - - modified := resourcemerge.BoolPtr(false) - existingCopy := existing.DeepCopy() - - resourcemerge.EnsureObjectMeta(modified, &existingCopy.ObjectMeta, required.ObjectMeta) - contentSame := equality.Semantic.DeepEqual(existingCopy.Webhooks, required.Webhooks) - if contentSame && !*modified { - return existingCopy, false, nil - } - - if klog.V(4).Enabled() { - klog.Infof("ValidatingWebhookConfiguration %q changes: %v", required.Name, JSONPatchNoError(existing, required)) - } - - actual, err := client.MutatingWebhookConfigurations().Update(context.TODO(), required, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) - return actual, true, err -} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go index 43a4ce30f805..7f62f87abe25 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go @@ -9,7 +9,6 @@ import ( "github.com/openshift/api" "github.com/openshift/library-go/pkg/operator/events" - admissionv1 "k8s.io/api/admissionregistration/v1" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" storagev1 "k8s.io/api/storage/v1" @@ -166,16 +165,6 @@ func ApplyDirectly(clients *ClientHolder, recorder events.Recorder, manifests As result.Error = fmt.Errorf("missing kubeClient") } result.Result, result.Changed, result.Error = ApplyCSIDriver(clients.kubeClient.StorageV1(), recorder, t) - case *admissionv1.ValidatingWebhookConfiguration: - if clients.kubeClient == nil { - result.Error = fmt.Errorf("missing kubeClient") - } - result.Result, result.Changed, result.Error = ApplyValidatingWebhookConfiguration(clients.kubeClient.AdmissionregistrationV1(), recorder, t) - case *admissionv1.MutatingWebhookConfiguration: - if clients.kubeClient == nil { - result.Error = fmt.Errorf("missing kubeClient") - } - result.Result, result.Changed, result.Error = ApplyMutatingWebhookConfiguration(clients.kubeClient.AdmissionregistrationV1(), recorder, t) default: result.Error = fmt.Errorf("unhandled type %T", requiredObj) } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go index 6525ca5eb064..5b297eb7f44b 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go @@ -76,6 +76,9 @@ func ApplyServiceMonitor(client dynamic.Interface, recorder events.Recorder, ser recorder.Eventf("ServiceMonitorCreated", "Created ServiceMonitor.monitoring.coreos.com/v1 because it was missing") return true, nil } + if err != nil { + return false, err + } existingCopy := existing.DeepCopy() diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/admissionregistration.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/admissionregistration.go new file mode 100644 index 000000000000..2fcfd13949ee --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/admissionregistration.go @@ -0,0 +1,51 @@ +package resourcemerge + +import ( + operatorsv1 "github.com/openshift/api/operator/v1" + admissionregistrationv1 "k8s.io/api/admissionregistration/v1" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// ExpectedMutatingWebhooksConfiguration returns last applied generation for MutatingWebhookConfiguration resource registered in operator +func ExpectedMutatingWebhooksConfiguration(name string, previousGenerations []operatorsv1.GenerationStatus) int64 { + generation := GenerationFor(previousGenerations, schema.GroupResource{Group: admissionregistrationv1.SchemeGroupVersion.Group, Resource: "mutatingwebhookconfigurations"}, "", name) + if generation != nil { + return generation.LastGeneration + } + return -1 +} + +// SetMutatingWebhooksConfigurationGeneration updates operator generation status list with last applied generation for provided MutatingWebhookConfiguration resource +func SetMutatingWebhooksConfigurationGeneration(generations *[]operatorsv1.GenerationStatus, actual *admissionregistrationv1.MutatingWebhookConfiguration) { + if actual == nil { + return + } + SetGeneration(generations, operatorsv1.GenerationStatus{ + Group: admissionregistrationv1.SchemeGroupVersion.Group, + Resource: "mutatingwebhookconfigurations", + Name: actual.Name, + LastGeneration: actual.ObjectMeta.Generation, + }) +} + +// ExpectedValidatingWebhooksConfiguration returns last applied generation for ValidatingWebhookConfiguration resource registered in operator +func ExpectedValidatingWebhooksConfiguration(name string, previousGenerations []operatorsv1.GenerationStatus) int64 { + generation := GenerationFor(previousGenerations, schema.GroupResource{Group: admissionregistrationv1.SchemeGroupVersion.Group, Resource: "validatingwebhookconfigurations"}, "", name) + if generation != nil { + return generation.LastGeneration + } + return -1 +} + +// SetValidatingWebhooksConfigurationGeneration updates operator generation status list with last applied generation for provided ValidatingWebhookConfiguration resource +func SetValidatingWebhooksConfigurationGeneration(generations *[]operatorsv1.GenerationStatus, actual *admissionregistrationv1.ValidatingWebhookConfiguration) { + if actual == nil { + return + } + SetGeneration(generations, operatorsv1.GenerationStatus{ + Group: admissionregistrationv1.SchemeGroupVersion.Group, + Resource: "validatingwebhookconfigurations", + Name: actual.Name, + LastGeneration: actual.ObjectMeta.Generation, + }) +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/object_merger.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/object_merger.go index 0f2cae8fb4ba..5aee7879c9c1 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/object_merger.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/object_merger.go @@ -140,15 +140,27 @@ func MergeMap(modified *bool, existing *map[string]string, required map[string]s *existing = map[string]string{} } for k, v := range required { - if existingV, ok := (*existing)[k]; !ok || v != existingV { - *modified = true - // if "required" map contains a key with "-" as suffix, remove that - // key from the existing map instead of replacing the value - if strings.HasSuffix(k, "-") { - delete(*existing, strings.TrimRight(k, "-")) - } else { - (*existing)[k] = v + actualKey := k + removeKey := false + + // if "required" map contains a key with "-" as suffix, remove that + // key from the existing map instead of replacing the value + if strings.HasSuffix(k, "-") { + removeKey = true + actualKey = strings.TrimRight(k, "-") + } + + if existingV, ok := (*existing)[actualKey]; removeKey { + if !ok { + continue } + // value found -> it should be removed + delete(*existing, actualKey) + *modified = true + + } else if !ok || v != existingV { + *modified = true + (*existing)[actualKey] = v } } } diff --git a/vendor/github.com/prometheus/procfs/CODE_OF_CONDUCT.md b/vendor/github.com/prometheus/procfs/CODE_OF_CONDUCT.md new file mode 100644 index 000000000000..9a1aff412704 --- /dev/null +++ b/vendor/github.com/prometheus/procfs/CODE_OF_CONDUCT.md @@ -0,0 +1,3 @@ +## Prometheus Community Code of Conduct + +Prometheus follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md). diff --git a/vendor/github.com/prometheus/procfs/cpuinfo.go b/vendor/github.com/prometheus/procfs/cpuinfo.go index 31d42f7124c3..b9fb589aa1e0 100644 --- a/vendor/github.com/prometheus/procfs/cpuinfo.go +++ b/vendor/github.com/prometheus/procfs/cpuinfo.go @@ -407,6 +407,50 @@ func parseCPUInfoPPC(info []byte) ([]CPUInfo, error) { return cpuinfo, nil } +func parseCPUInfoRISCV(info []byte) ([]CPUInfo, error) { + scanner := bufio.NewScanner(bytes.NewReader(info)) + + firstLine := firstNonEmptyLine(scanner) + if !strings.HasPrefix(firstLine, "processor") || !strings.Contains(firstLine, ":") { + return nil, errors.New("invalid cpuinfo file: " + firstLine) + } + field := strings.SplitN(firstLine, ": ", 2) + v, err := strconv.ParseUint(field[1], 0, 32) + if err != nil { + return nil, err + } + firstcpu := CPUInfo{Processor: uint(v)} + cpuinfo := []CPUInfo{firstcpu} + i := 0 + + for scanner.Scan() { + line := scanner.Text() + if !strings.Contains(line, ":") { + continue + } + field := strings.SplitN(line, ": ", 2) + switch strings.TrimSpace(field[0]) { + case "processor": + v, err := strconv.ParseUint(field[1], 0, 32) + if err != nil { + return nil, err + } + i = int(v) + cpuinfo = append(cpuinfo, CPUInfo{}) // start of the next processor + cpuinfo[i].Processor = uint(v) + case "hart": + cpuinfo[i].CoreID = field[1] + case "isa": + cpuinfo[i].ModelName = field[1] + } + } + return cpuinfo, nil +} + +func parseCPUInfoDummy(_ []byte) ([]CPUInfo, error) { // nolint:unused,deadcode + return nil, errors.New("not implemented") +} + // firstNonEmptyLine advances the scanner to the first non-empty line // and returns the contents of that line func firstNonEmptyLine(scanner *bufio.Scanner) string { diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_arm.go b/vendor/github.com/prometheus/procfs/cpuinfo_armx.go similarity index 97% rename from vendor/github.com/prometheus/procfs/cpuinfo_arm.go rename to vendor/github.com/prometheus/procfs/cpuinfo_armx.go index 83555077069a..44b590ed38fa 100644 --- a/vendor/github.com/prometheus/procfs/cpuinfo_arm.go +++ b/vendor/github.com/prometheus/procfs/cpuinfo_armx.go @@ -12,6 +12,7 @@ // limitations under the License. // +build linux +// +build arm arm64 package procfs diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_mips64.go b/vendor/github.com/prometheus/procfs/cpuinfo_mips64.go deleted file mode 100644 index 22d93f8ef0c2..000000000000 --- a/vendor/github.com/prometheus/procfs/cpuinfo_mips64.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2020 The Prometheus Authors -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +build linux - -package procfs - -var parseCPUInfo = parseCPUInfoMips diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_mips64le.go b/vendor/github.com/prometheus/procfs/cpuinfo_mips64le.go deleted file mode 100644 index 22d93f8ef0c2..000000000000 --- a/vendor/github.com/prometheus/procfs/cpuinfo_mips64le.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2020 The Prometheus Authors -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +build linux - -package procfs - -var parseCPUInfo = parseCPUInfoMips diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_mipsle.go b/vendor/github.com/prometheus/procfs/cpuinfo_mipsle.go deleted file mode 100644 index 22d93f8ef0c2..000000000000 --- a/vendor/github.com/prometheus/procfs/cpuinfo_mipsle.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2020 The Prometheus Authors -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +build linux - -package procfs - -var parseCPUInfo = parseCPUInfoMips diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_mips.go b/vendor/github.com/prometheus/procfs/cpuinfo_mipsx.go similarity index 94% rename from vendor/github.com/prometheus/procfs/cpuinfo_mips.go rename to vendor/github.com/prometheus/procfs/cpuinfo_mipsx.go index 22d93f8ef0c2..91e272573a51 100644 --- a/vendor/github.com/prometheus/procfs/cpuinfo_mips.go +++ b/vendor/github.com/prometheus/procfs/cpuinfo_mipsx.go @@ -12,6 +12,7 @@ // limitations under the License. // +build linux +// +build mips mipsle mips64 mips64le package procfs diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_arm64.go b/vendor/github.com/prometheus/procfs/cpuinfo_others.go similarity index 82% rename from vendor/github.com/prometheus/procfs/cpuinfo_arm64.go rename to vendor/github.com/prometheus/procfs/cpuinfo_others.go index 4f5d172a3565..95b5b4ec44a5 100644 --- a/vendor/github.com/prometheus/procfs/cpuinfo_arm64.go +++ b/vendor/github.com/prometheus/procfs/cpuinfo_others.go @@ -12,8 +12,8 @@ // limitations under the License. // +build linux -// +build arm64 +// +build !386,!amd64,!arm,!arm64,!mips,!mips64,!mips64le,!mipsle,!ppc64,!ppc64le,!riscv64,!s390x package procfs -var parseCPUInfo = parseCPUInfoARM +var parseCPUInfo = parseCPUInfoDummy diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_ppc64.go b/vendor/github.com/prometheus/procfs/cpuinfo_ppcx.go similarity index 96% rename from vendor/github.com/prometheus/procfs/cpuinfo_ppc64.go rename to vendor/github.com/prometheus/procfs/cpuinfo_ppcx.go index 64aee9c63c07..6068bd571c24 100644 --- a/vendor/github.com/prometheus/procfs/cpuinfo_ppc64.go +++ b/vendor/github.com/prometheus/procfs/cpuinfo_ppcx.go @@ -12,6 +12,7 @@ // limitations under the License. // +build linux +// +build ppc64 ppc64le package procfs diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_default.go b/vendor/github.com/prometheus/procfs/cpuinfo_x86.go similarity index 100% rename from vendor/github.com/prometheus/procfs/cpuinfo_default.go rename to vendor/github.com/prometheus/procfs/cpuinfo_x86.go diff --git a/vendor/github.com/prometheus/procfs/fixtures.ttar b/vendor/github.com/prometheus/procfs/fixtures.ttar index 868c8573d925..12494d742448 100644 --- a/vendor/github.com/prometheus/procfs/fixtures.ttar +++ b/vendor/github.com/prometheus/procfs/fixtures.ttar @@ -467,7 +467,7 @@ Pid: 26231 PPid: 1 TracerPid: 0 Uid: 1000 1000 1000 0 -Gid: 0 0 0 0 +Gid: 1001 1001 1001 0 FDSize: 128 Groups: NStgid: 1 @@ -1966,7 +1966,7 @@ Lines: 1 Mode: 444 # ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Path: fixtures/proc/mdstat -Lines: 56 +Lines: 60 Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10] md3 : active raid6 sda1[8] sdh1[7] sdg1[6] sdf1[5] sde1[11] sdd1[3] sdc1[10] sdb1[9] sdd1[10](S) sdd2[11](S) @@ -1989,6 +1989,10 @@ md8 : active raid1 sdb1[1] sda1[0] sdc[2](S) sde[3](S) 195310144 blocks [2/2] [UU] [=>...................] resync = 8.5% (16775552/195310144) finish=17.0min speed=259783K/sec +md201 : active raid1 sda3[0] sdb3[1] + 1993728 blocks super 1.2 [2/2] [UU] + [=>...................] check = 5.7% (114176/1993728) finish=0.2min speed=114176K/sec + md7 : active raid6 sdb1[0] sde1[3] sdd1[2] sdc1[1](F) 7813735424 blocks super 1.2 level 6, 512k chunk, algorithm 2 [4/3] [U_UU] bitmap: 0/30 pages [0KB], 65536KB chunk @@ -3754,6 +3758,73 @@ Path: fixtures/sys/class/powercap/intel-rapl:0:0/uevent Lines: 0 Mode: 644 # ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Directory: fixtures/sys/class/powercap/intel-rapl:a +Mode: 755 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/constraint_0_max_power_uw +Lines: 1 +95000000 +Mode: 444 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/constraint_0_name +Lines: 1 +long_term +Mode: 444 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/constraint_0_power_limit_uw +Lines: 1 +4090000000 +Mode: 644 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/constraint_0_time_window_us +Lines: 1 +999424 +Mode: 644 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/constraint_1_max_power_uw +Lines: 1 +0 +Mode: 444 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/constraint_1_name +Lines: 1 +short_term +Mode: 444 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/constraint_1_power_limit_uw +Lines: 1 +4090000000 +Mode: 644 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/constraint_1_time_window_us +Lines: 1 +2440 +Mode: 644 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/enabled +Lines: 1 +1 +Mode: 644 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/energy_uj +Lines: 1 +240422366267 +Mode: 444 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/max_energy_range_uj +Lines: 1 +262143328850 +Mode: 444 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/name +Lines: 1 +package-10 +Mode: 444 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Path: fixtures/sys/class/powercap/intel-rapl:a/uevent +Lines: 0 +Mode: 644 +# ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Directory: fixtures/sys/class/thermal Mode: 775 # ttar - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/vendor/github.com/prometheus/procfs/kernel_random.go b/vendor/github.com/prometheus/procfs/kernel_random.go index beefdf02e934..da3a941d60b9 100644 --- a/vendor/github.com/prometheus/procfs/kernel_random.go +++ b/vendor/github.com/prometheus/procfs/kernel_random.go @@ -25,7 +25,7 @@ import ( type KernelRandom struct { // EntropyAvaliable gives the available entropy, in bits. EntropyAvaliable *uint64 - // PoolSize gives the size of the entropy pool, in bytes. + // PoolSize gives the size of the entropy pool, in bits. PoolSize *uint64 // URandomMinReseedSeconds is the number of seconds after which the DRNG will be reseeded. URandomMinReseedSeconds *uint64 diff --git a/vendor/github.com/prometheus/procfs/mdstat.go b/vendor/github.com/prometheus/procfs/mdstat.go index 3e9362a94d93..98e37aa8cafd 100644 --- a/vendor/github.com/prometheus/procfs/mdstat.go +++ b/vendor/github.com/prometheus/procfs/mdstat.go @@ -107,11 +107,14 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) { syncedBlocks := size recovering := strings.Contains(lines[syncLineIdx], "recovery") resyncing := strings.Contains(lines[syncLineIdx], "resync") + checking := strings.Contains(lines[syncLineIdx], "check") // Append recovery and resyncing state info. - if recovering || resyncing { + if recovering || resyncing || checking { if recovering { state = "recovering" + } else if checking { + state = "checking" } else { state = "resyncing" } diff --git a/vendor/github.com/prometheus/procfs/proc_status.go b/vendor/github.com/prometheus/procfs/proc_status.go index c58346d910f7..6edd8333b334 100644 --- a/vendor/github.com/prometheus/procfs/proc_status.go +++ b/vendor/github.com/prometheus/procfs/proc_status.go @@ -72,8 +72,10 @@ type ProcStatus struct { // Number of involuntary context switches. NonVoluntaryCtxtSwitches uint64 - // UIDs of the process (Real, effective, saved set, and filesystem UIDs (GIDs)) + // UIDs of the process (Real, effective, saved set, and filesystem UIDs) UIDs [4]string + // GIDs of the process (Real, effective, saved set, and filesystem GIDs) + GIDs [4]string } // NewStatus returns the current status information of the process. @@ -119,6 +121,8 @@ func (s *ProcStatus) fillStatus(k string, vString string, vUint uint64, vUintByt s.Name = vString case "Uid": copy(s.UIDs[:], strings.Split(vString, "\t")) + case "Gid": + copy(s.GIDs[:], strings.Split(vString, "\t")) case "VmPeak": s.VmPeak = vUintBytes case "VmSize": diff --git a/vendor/github.com/quobyte/api/README.md b/vendor/github.com/quobyte/api/README.md index 642468aedbc0..1b7451f01487 100644 --- a/vendor/github.com/quobyte/api/README.md +++ b/vendor/github.com/quobyte/api/README.md @@ -24,6 +24,10 @@ func main() { RootUserID: "root", RootGroupID: "root", ConfigurationName: "BASE", + Labels: []quobyte_api.Label{ + {Name: "label1", Value: "value1"}, + {Name: "label2", Value: "value2"}, + }, } volumeUUID, err := client.CreateVolume(req) diff --git a/vendor/github.com/quobyte/api/quobyte.go b/vendor/github.com/quobyte/api/quobyte.go index e9179dbdf439..c5e36d7fc7bd 100644 --- a/vendor/github.com/quobyte/api/quobyte.go +++ b/vendor/github.com/quobyte/api/quobyte.go @@ -32,6 +32,10 @@ func (client *QuobyteClient) GetAPIRetryPolicy() string { return client.apiRetryPolicy } +func (client *QuobyteClient) SetTransport(t http.RoundTripper) { + client.client.Transport = t +} + // NewQuobyteClient creates a new Quobyte API client func NewQuobyteClient(url string, username string, password string) *QuobyteClient { return &QuobyteClient{ diff --git a/vendor/github.com/quobyte/api/rpc_client.go b/vendor/github.com/quobyte/api/rpc_client.go index 7cab3842ae08..b5ea36946298 100644 --- a/vendor/github.com/quobyte/api/rpc_client.go +++ b/vendor/github.com/quobyte/api/rpc_client.go @@ -4,6 +4,7 @@ import ( "bytes" "encoding/json" "errors" + "fmt" "io" "log" "math/rand" @@ -112,7 +113,12 @@ func (client QuobyteClient) sendRequest(method string, request interface{}, resp defer resp.Body.Close() if resp.StatusCode < 200 || resp.StatusCode > 299 { - log.Printf("Warning: HTTP status code for request is %s\n", strconv.Itoa(resp.StatusCode)) + log.Printf("Warning: HTTP status code for request is %s\n", + strconv.Itoa(resp.StatusCode)) + if resp.StatusCode == 401 { + return errors.New("Unable to authenticate with Quobyte API service") + } + return fmt.Errorf("JsonRPC failed with error code %d", resp.StatusCode) } return decodeResponse(resp.Body, &response) } diff --git a/vendor/github.com/quobyte/api/types.go b/vendor/github.com/quobyte/api/types.go index 6682012c6101..d15a71bfa763 100644 --- a/vendor/github.com/quobyte/api/types.go +++ b/vendor/github.com/quobyte/api/types.go @@ -1,25 +1,31 @@ package quobyte type retryPolicy struct { - RetryPolicy string `json:"retry,omitempty"` + RetryPolicy string `json:"retry,omitempty"` } // CreateVolumeRequest represents a CreateVolumeRequest type CreateVolumeRequest struct { - Name string `json:"name,omitempty"` - RootUserID string `json:"root_user_id,omitempty"` - RootGroupID string `json:"root_group_id,omitempty"` - ReplicaDeviceIDS []uint64 `json:"replica_device_ids,string,omitempty"` - ConfigurationName string `json:"configuration_name,omitempty"` - AccessMode uint32 `json:"access_mode,string,omitempty"` - TenantID string `json:"tenant_id,omitempty"` - retryPolicy + Name string `json:"name,omitempty"` + RootUserID string `json:"root_user_id,omitempty"` + RootGroupID string `json:"root_group_id,omitempty"` + ReplicaDeviceIDS []uint64 `json:"replica_device_ids,string,omitempty"` + ConfigurationName string `json:"configuration_name,omitempty"` + Labels []Label `json:"label,omitempty"` + AccessMode uint32 `json:"access_mode,uint32,omitempty"` + TenantID string `json:"tenant_id,omitempty"` + retryPolicy +} + +type Label struct { + Name string `json:"name,string,omitempty"` + Value string `json:"value,string,omitempty"` } type resolveVolumeNameRequest struct { - VolumeName string `json:"volume_name,omitempty"` - TenantDomain string `json:"tenant_domain,omitempty"` - retryPolicy + VolumeName string `json:"volume_name,omitempty"` + TenantDomain string `json:"tenant_domain,omitempty"` + retryPolicy } type resolveTenantNameRequest struct { @@ -35,8 +41,8 @@ type volumeUUID struct { } type getClientListRequest struct { - TenantDomain string `json:"tenant_domain,omitempty"` - retryPolicy + TenantDomain string `json:"tenant_domain,omitempty"` + retryPolicy } type GetClientListResponse struct { @@ -67,13 +73,13 @@ type quota struct { } type setQuotaRequest struct { - Quotas []*quota `json:"quotas,omitempty"` - retryPolicy + Quotas []*quota `json:"quotas,omitempty"` + retryPolicy } type getTenantRequest struct { - TenantIDs []string `json:"tenant_id,omitempty"` - retryPolicy + TenantIDs []string `json:"tenant_id,omitempty"` + retryPolicy } type GetTenantResponse struct { @@ -94,8 +100,8 @@ type TenantDomainConfigurationVolumeAccess struct { } type setTenantRequest struct { - Tenants *TenantDomainConfiguration `json:"tenant,omitempty"` - retryPolicy + Tenants *TenantDomainConfiguration `json:"tenant,omitempty"` + retryPolicy } type setTenantResponse struct { diff --git a/vendor/github.com/storageos/go-api/client.go b/vendor/github.com/storageos/go-api/client.go index 4a95516b14b6..1a6dc0dcde4f 100644 --- a/vendor/github.com/storageos/go-api/client.go +++ b/vendor/github.com/storageos/go-api/client.go @@ -44,6 +44,9 @@ var ( // ErrProxyNotSupported is returned when a client is unable to set a proxy for http requests. ErrProxyNotSupported = errors.New("client does not support http proxy") + // ErrDialerNotSupported is returned when a client is unable to set a DialContext for http requests. + ErrDialerNotSupported = errors.New("client does not support setting DialContext") + // DefaultPort is the default API port. DefaultPort = "5705" @@ -107,6 +110,8 @@ type Dialer interface { Dial(network, address string) (net.Conn, error) } +type dialContext = func(ctx context.Context, network, address string) (net.Conn, error) + // NewClient returns a Client instance ready for communication with the given // server endpoint. It will use the latest remote API version available in the // server. @@ -203,6 +208,36 @@ func (c *Client) SetTimeout(t time.Duration) { } } +// GetDialContext returns the current DialContext function, or nil if there is none. +func (c *Client) GetDialContext() dialContext { + c.configLock.RLock() + defer c.configLock.RUnlock() + + if c.httpClient == nil { + return nil + } + transport, supported := c.httpClient.Transport.(*http.Transport) + if !supported { + return nil + } + return transport.DialContext +} + +// SetDialContext uses the given dial function to establish TCP connections in the HTTPClient. +func (c *Client) SetDialContext(dial dialContext) error { + c.configLock.Lock() + defer c.configLock.Unlock() + + if client := c.httpClient; client != nil { + transport, supported := client.Transport.(*http.Transport) + if !supported { + return ErrDialerNotSupported + } + transport.DialContext = dial + } + return nil +} + func (c *Client) checkAPIVersion() error { serverAPIVersionString, err := c.getServerAPIVersionString() if err != nil { @@ -259,6 +294,8 @@ type doOptions struct { forceJSON bool force bool unversioned bool + + retryOn []int // http.status codes } func (c *Client) do(method, urlpath string, doOptions doOptions) (*http.Response, error) { @@ -338,6 +375,7 @@ func (c *Client) do(method, urlpath string, doOptions doOptions) (*http.Response resp, err := httpClient.Do(req.WithContext(ctx)) if err != nil { + // If it is a custom error, return it. It probably knows more than us if serror.IsStorageOSError(err) { switch serror.ErrorKind(err) { @@ -366,6 +404,17 @@ func (c *Client) do(method, urlpath string, doOptions doOptions) (*http.Response } } + var shouldretry bool + if doOptions.retryOn != nil { + for _, code := range doOptions.retryOn { + if resp.StatusCode == code { + failedAddresses[address] = struct{}{} + shouldretry = true + } + + } + } + // If we get to the point of response, we should move any failed // addresses to the back. failed := len(failedAddresses) @@ -388,6 +437,10 @@ func (c *Client) do(method, urlpath string, doOptions doOptions) (*http.Response c.addressLock.Unlock() } + if shouldretry { + continue + } + if resp.StatusCode < 200 || resp.StatusCode >= 400 { return nil, newError(resp) // These status codes are likely to be fatal } diff --git a/vendor/github.com/storageos/go-api/cluster.go b/vendor/github.com/storageos/go-api/cluster.go new file mode 100644 index 000000000000..1ba6f86451d4 --- /dev/null +++ b/vendor/github.com/storageos/go-api/cluster.go @@ -0,0 +1,48 @@ +package storageos + +import ( + "encoding/json" + + "github.com/storageos/go-api/types" +) + +var ( + // ClusterMaintenanceAPIPrefix is a path to the HTTP endpoint for managing + // the cluster maintenance mode. + ClusterMaintenanceAPIPrefix = "cluster/maintenance" +) + +// Maintenance returns the maintenance status of the cluster +func (c *Client) Maintenance() (*types.Maintenance, error) { + resp, err := c.do("GET", ClusterMaintenanceAPIPrefix, doOptions{}) + if err != nil { + return nil, err + } + defer resp.Body.Close() + + res := &types.Maintenance{} + if err := json.NewDecoder(resp.Body).Decode(res); err != nil { + return nil, err + } + return res, nil +} + +// EnableMaintenance enables maintenance mode in the cluster +func (c *Client) EnableMaintenance() error { + resp, err := c.do("POST", ClusterMaintenanceAPIPrefix, doOptions{}) + if err != nil { + return err + } + defer resp.Body.Close() + return nil +} + +// DisableMaintenance disables maintenance mode in the cluster +func (c *Client) DisableMaintenance() error { + resp, err := c.do("DELETE", ClusterMaintenanceAPIPrefix, doOptions{}) + if err != nil { + return err + } + defer resp.Body.Close() + return nil +} diff --git a/vendor/github.com/storageos/go-api/health.go b/vendor/github.com/storageos/go-api/health.go index 7b4410007496..b1acd5db8904 100644 --- a/vendor/github.com/storageos/go-api/health.go +++ b/vendor/github.com/storageos/go-api/health.go @@ -14,6 +14,22 @@ var ( HealthAPIPrefix = "health" ) +func (c *Client) ClusterHealth(ctx context.Context) ([]*types.ClusterHealthNode, error) { + status := []*types.ClusterHealthNode{} + url := fmt.Sprintf("/cluster/%s", HealthAPIPrefix) + + resp, err := c.do("GET", url, doOptions{context: ctx, retryOn: []int{http.StatusNotFound}}) + if err != nil { + return nil, err + } + defer resp.Body.Close() + + if err := json.NewDecoder(resp.Body).Decode(&status); err != nil { + return nil, err + } + return status, nil +} + // CPHealth returns the health of the control plane server at a given url. func (c *Client) CPHealth(ctx context.Context, hostname string) (*types.CPHealthStatus, error) { diff --git a/vendor/github.com/storageos/go-api/licence.go b/vendor/github.com/storageos/go-api/licence.go new file mode 100644 index 000000000000..425d97462cd9 --- /dev/null +++ b/vendor/github.com/storageos/go-api/licence.go @@ -0,0 +1,43 @@ +package storageos + +import ( + "encoding/json" + + "github.com/storageos/go-api/types" +) + +const ( + // licenceAPIPrefix is a partial path to the HTTP endpoint. + licenceAPIPrefix = "licencing" +) + +// Licence returns the current licence on the server. +func (c *Client) Licence() (*types.Licence, error) { + resp, err := c.do("GET", licenceAPIPrefix, doOptions{}) + if err != nil { + return nil, err + } + defer resp.Body.Close() + licence := &types.Licence{} + if err := json.NewDecoder(resp.Body).Decode(&licence); err != nil { + return nil, err + } + return licence, nil +} + +// LicenceApply applies a licence on the server. +func (c *Client) LicenceApply(licenceKey string) error { + _, err := c.do("POST", licenceAPIPrefix, doOptions{ + data: &types.LicenceKeyContainer{Key: licenceKey}, + }) + return err +} + +// LicenceDelete removes the current licence. +func (c *Client) LicenceDelete() error { + resp, err := c.do("DELETE", licenceAPIPrefix, doOptions{}) + if err != nil { + return err + } + return resp.Body.Close() +} diff --git a/vendor/github.com/storageos/go-api/netutil/parsers.go b/vendor/github.com/storageos/go-api/netutil/parsers.go index cb297e834884..932c7795b80f 100644 --- a/vendor/github.com/storageos/go-api/netutil/parsers.go +++ b/vendor/github.com/storageos/go-api/netutil/parsers.go @@ -55,6 +55,12 @@ func AddressesFromNodes(nodes []string) ([]string, error) { return nil, newInvalidNodeError(errInvalidHostName) } + // Given input like "http://localhost:8080:8383", url.Parse() will + // return host as "localhost:8000", which isn't a vaild DNS name. + if strings.Contains(host, ":") { + return nil, newInvalidNodeError(errInvalidHostName) + } + port := url.Port() if port == "" { port = DefaultDialPort diff --git a/vendor/github.com/storageos/go-api/policy.go b/vendor/github.com/storageos/go-api/policy.go index 9d2f6604fdc2..f5c1a050df7b 100644 --- a/vendor/github.com/storageos/go-api/policy.go +++ b/vendor/github.com/storageos/go-api/policy.go @@ -29,7 +29,7 @@ func (n *nopMarshaler) MarshalJSON() ([]byte, error) { } // PolicyCreate creates a policy on the server. -func (c *Client) PolicyCreate(jsonl []byte, ctx context.Context) error { +func (c *Client) PolicyCreate(ctx context.Context, jsonl []byte) error { nopm := nopMarshaler(jsonl) _, err := c.do("POST", PolicyAPIPrefix, doOptions{ data: &nopm, diff --git a/vendor/github.com/storageos/go-api/pool.go b/vendor/github.com/storageos/go-api/pool.go index c4629d74f6a2..b383e77007ce 100644 --- a/vendor/github.com/storageos/go-api/pool.go +++ b/vendor/github.com/storageos/go-api/pool.go @@ -110,7 +110,7 @@ func (c *Client) PoolDelete(opts types.DeleteOptions) error { return ErrPoolInUse } } - return nil + return err } defer resp.Body.Close() return nil diff --git a/vendor/github.com/storageos/go-api/rule.go b/vendor/github.com/storageos/go-api/rule.go index fc92d1502295..af1dc1968490 100644 --- a/vendor/github.com/storageos/go-api/rule.go +++ b/vendor/github.com/storageos/go-api/rule.go @@ -134,7 +134,7 @@ func (c *Client) RuleDelete(opts types.DeleteOptions) error { return ErrRuleInUse } } - return nil + return err } defer resp.Body.Close() return nil diff --git a/vendor/github.com/storageos/go-api/types/cluster.go b/vendor/github.com/storageos/go-api/types/cluster.go new file mode 100644 index 000000000000..65625d012103 --- /dev/null +++ b/vendor/github.com/storageos/go-api/types/cluster.go @@ -0,0 +1,10 @@ +package types + +import "time" + +// Maintenance is used to place the cluster in maintenance mode. +type Maintenance struct { + Enabled bool `json:"enabled"` + UpdatedBy string `json:"updatedBy"` + UpdatedAt time.Time `json:"updatedAt"` +} diff --git a/vendor/github.com/storageos/go-api/types/health.go b/vendor/github.com/storageos/go-api/types/health.go index d6c6d8eb6cac..6efe0a4079bd 100644 --- a/vendor/github.com/storageos/go-api/types/health.go +++ b/vendor/github.com/storageos/go-api/types/health.go @@ -14,6 +14,20 @@ type NamedSubModuleStatus struct { SubModuleStatus } +type ClusterHealthNode struct { + NodeID string `json:"nodeID"` + NodeName string `json:"nodeName"` + Submodules struct { + DirectFSInitiator SubModuleStatus `json:"directfs_initiator"` + Director SubModuleStatus `json:"director"` + KV SubModuleStatus `json:"kv"` + KVWrite SubModuleStatus `json:"kv_write"` + NATS SubModuleStatus `json:"nats"` + Presentation SubModuleStatus `json:"presentation"` + RDB SubModuleStatus `json:"rdb"` + } `json:"submodules"` +} + type CPHealthStatus struct { KV SubModuleStatus KVWrite SubModuleStatus diff --git a/vendor/github.com/storageos/go-api/types/licence.go b/vendor/github.com/storageos/go-api/types/licence.go new file mode 100644 index 000000000000..c486ed2bb7bd --- /dev/null +++ b/vendor/github.com/storageos/go-api/types/licence.go @@ -0,0 +1,35 @@ +package types + +import "time" + +// FeatureType store features types +type FeatureType string + +const ( + // HA means High Availability + HA = FeatureType("HA") + // DEV means developer licence + DEV = FeatureType("DEV") + // TRIAL means trial licence + TRIAL = FeatureType("TRIAL") +) + +// Licence holds the information to be encoded in the licence key. It needs to be synced across +// the django server running on portal-API as well as the corresponding decoding package on the +// storageOS control plane +type Licence struct { + ArrayUUID string `json:"arrayUUID,omitempty"` + ClusterID string `json:"clusterID,omitempty"` + CustomerID string `json:"customerID"` + CustomerName string `json:"customerName"` + Storage int `json:"storage"` + ValidUntil time.Time `json:"validUntil"` + LicenceType string `json:"licenceType"` + Features map[FeatureType]bool `json:"features"` + Unregistered bool `json:"unregistered"` +} + +// LicenceKeyContainer - stores a licence key +type LicenceKeyContainer struct { + Key string `json:"key"` +} diff --git a/vendor/github.com/storageos/go-api/user.go b/vendor/github.com/storageos/go-api/user.go index 19688203aa08..bfea90105d2a 100644 --- a/vendor/github.com/storageos/go-api/user.go +++ b/vendor/github.com/storageos/go-api/user.go @@ -12,7 +12,6 @@ import ( ) var ( - // UserAPIPrefix is a partial path to the HTTP endpoint. UserAPIPrefix = "users" @@ -77,7 +76,7 @@ func (c *Client) UserCreate(opts types.UserCreateOptions) error { } // UserUpdate updates a user on the server. -func (c *Client) UserUpdate(user *types.User, ctx context.Context) error { +func (c *Client) UserUpdate(ctx context.Context, user *types.User) error { var ref string switch { case user.UUID != "": diff --git a/vendor/github.com/willf/bitset/.gitignore b/vendor/github.com/willf/bitset/.gitignore new file mode 100644 index 000000000000..5c204d28b0e3 --- /dev/null +++ b/vendor/github.com/willf/bitset/.gitignore @@ -0,0 +1,26 @@ +# Compiled Object files, Static and Dynamic libs (Shared Objects) +*.o +*.a +*.so + +# Folders +_obj +_test + +# Architecture specific extensions/prefixes +*.[568vq] +[568vq].out + +*.cgo1.go +*.cgo2.c +_cgo_defun.c +_cgo_gotypes.go +_cgo_export.* + +_testmain.go + +*.exe +*.test +*.prof + +target diff --git a/vendor/github.com/willf/bitset/.travis.yml b/vendor/github.com/willf/bitset/.travis.yml new file mode 100644 index 000000000000..094aa5ce070c --- /dev/null +++ b/vendor/github.com/willf/bitset/.travis.yml @@ -0,0 +1,37 @@ +language: go + +sudo: false + +branches: + except: + - release + +branches: + only: + - master + - travis + +go: + - "1.11.x" + - tip + +matrix: + allow_failures: + - go: tip + +before_install: + - if [ -n "$GH_USER" ]; then git config --global github.user ${GH_USER}; fi; + - if [ -n "$GH_TOKEN" ]; then git config --global github.token ${GH_TOKEN}; fi; + - go get github.com/mattn/goveralls + +before_script: + - make deps + +script: + - make qa + +after_failure: + - cat ./target/test/report.xml + +after_success: + - if [ "$TRAVIS_GO_VERSION" = "1.11.1" ]; then $HOME/gopath/bin/goveralls -covermode=count -coverprofile=target/report/coverage.out -service=travis-ci; fi; diff --git a/vendor/github.com/willf/bitset/LICENSE b/vendor/github.com/willf/bitset/LICENSE new file mode 100644 index 000000000000..59cab8a939be --- /dev/null +++ b/vendor/github.com/willf/bitset/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2014 Will Fitzgerald. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/willf/bitset/Makefile b/vendor/github.com/willf/bitset/Makefile new file mode 100644 index 000000000000..db8377106f61 --- /dev/null +++ b/vendor/github.com/willf/bitset/Makefile @@ -0,0 +1,191 @@ +# MAKEFILE +# +# @author Nicola Asuni +# @link https://github.com/willf/bitset +# ------------------------------------------------------------------------------ + +# List special make targets that are not associated with files +.PHONY: help all test format fmtcheck vet lint coverage cyclo ineffassign misspell structcheck varcheck errcheck gosimple astscan qa deps clean nuke + +# Use bash as shell (Note: Ubuntu now uses dash which doesn't support PIPESTATUS). +SHELL=/bin/bash + +# CVS path (path to the parent dir containing the project) +CVSPATH=github.com/willf + +# Project owner +OWNER=willf + +# Project vendor +VENDOR=willf + +# Project name +PROJECT=bitset + +# Project version +VERSION=$(shell cat VERSION) + +# Name of RPM or DEB package +PKGNAME=${VENDOR}-${PROJECT} + +# Current directory +CURRENTDIR=$(shell pwd) + +# GO lang path +ifneq ($(GOPATH),) + ifeq ($(findstring $(GOPATH),$(CURRENTDIR)),) + # the defined GOPATH is not valid + GOPATH= + endif +endif +ifeq ($(GOPATH),) + # extract the GOPATH + GOPATH=$(firstword $(subst /src/, ,$(CURRENTDIR))) +endif + +# --- MAKE TARGETS --- + +# Display general help about this command +help: + @echo "" + @echo "$(PROJECT) Makefile." + @echo "GOPATH=$(GOPATH)" + @echo "The following commands are available:" + @echo "" + @echo " make qa : Run all the tests" + @echo " make test : Run the unit tests" + @echo "" + @echo " make format : Format the source code" + @echo " make fmtcheck : Check if the source code has been formatted" + @echo " make vet : Check for suspicious constructs" + @echo " make lint : Check for style errors" + @echo " make coverage : Generate the coverage report" + @echo " make cyclo : Generate the cyclomatic complexity report" + @echo " make ineffassign : Detect ineffectual assignments" + @echo " make misspell : Detect commonly misspelled words in source files" + @echo " make structcheck : Find unused struct fields" + @echo " make varcheck : Find unused global variables and constants" + @echo " make errcheck : Check that error return values are used" + @echo " make gosimple : Suggest code simplifications" + @echo " make astscan : GO AST scanner" + @echo "" + @echo " make docs : Generate source code documentation" + @echo "" + @echo " make deps : Get the dependencies" + @echo " make clean : Remove any build artifact" + @echo " make nuke : Deletes any intermediate file" + @echo "" + +# Alias for help target +all: help + +# Run the unit tests +test: + @mkdir -p target/test + @mkdir -p target/report + GOPATH=$(GOPATH) \ + go test \ + -covermode=atomic \ + -bench=. \ + -race \ + -cpuprofile=target/report/cpu.out \ + -memprofile=target/report/mem.out \ + -mutexprofile=target/report/mutex.out \ + -coverprofile=target/report/coverage.out \ + -v ./... | \ + tee >(PATH=$(GOPATH)/bin:$(PATH) go-junit-report > target/test/report.xml); \ + test $${PIPESTATUS[0]} -eq 0 + +# Format the source code +format: + @find . -type f -name "*.go" -exec gofmt -s -w {} \; + +# Check if the source code has been formatted +fmtcheck: + @mkdir -p target + @find . -type f -name "*.go" -exec gofmt -s -d {} \; | tee target/format.diff + @test ! -s target/format.diff || { echo "ERROR: the source code has not been formatted - please use 'make format' or 'gofmt'"; exit 1; } + +# Check for syntax errors +vet: + GOPATH=$(GOPATH) go vet . + +# Check for style errors +lint: + GOPATH=$(GOPATH) PATH=$(GOPATH)/bin:$(PATH) golint . + +# Generate the coverage report +coverage: + @mkdir -p target/report + GOPATH=$(GOPATH) \ + go tool cover -html=target/report/coverage.out -o target/report/coverage.html + +# Report cyclomatic complexity +cyclo: + @mkdir -p target/report + GOPATH=$(GOPATH) gocyclo -avg ./ | tee target/report/cyclo.txt ; test $${PIPESTATUS[0]} -eq 0 + +# Detect ineffectual assignments +ineffassign: + @mkdir -p target/report + GOPATH=$(GOPATH) ineffassign ./ | tee target/report/ineffassign.txt ; test $${PIPESTATUS[0]} -eq 0 + +# Detect commonly misspelled words in source files +misspell: + @mkdir -p target/report + GOPATH=$(GOPATH) misspell -error ./ | tee target/report/misspell.txt ; test $${PIPESTATUS[0]} -eq 0 + +# Find unused struct fields +structcheck: + @mkdir -p target/report + GOPATH=$(GOPATH) structcheck -a ./ | tee target/report/structcheck.txt + +# Find unused global variables and constants +varcheck: + @mkdir -p target/report + GOPATH=$(GOPATH) varcheck -e ./ | tee target/report/varcheck.txt + +# Check that error return values are used +errcheck: + @mkdir -p target/report + GOPATH=$(GOPATH) errcheck ./ | tee target/report/errcheck.txt + +# AST scanner +astscan: + @mkdir -p target/report + GOPATH=$(GOPATH) gosec . | tee target/report/astscan.txt ; test $${PIPESTATUS[0]} -eq 0 || true + +# Generate source docs +docs: + @mkdir -p target/docs + nohup sh -c 'GOPATH=$(GOPATH) godoc -http=127.0.0.1:6060' > target/godoc_server.log 2>&1 & + wget --directory-prefix=target/docs/ --execute robots=off --retry-connrefused --recursive --no-parent --adjust-extension --page-requisites --convert-links http://127.0.0.1:6060/pkg/github.com/${VENDOR}/${PROJECT}/ ; kill -9 `lsof -ti :6060` + @echo ''${PKGNAME}' Documentation ...' > target/docs/index.html + +# Alias to run all quality-assurance checks +qa: fmtcheck test vet lint coverage cyclo ineffassign misspell structcheck varcheck errcheck gosimple astscan + +# --- INSTALL --- + +# Get the dependencies +deps: + GOPATH=$(GOPATH) go get ./... + GOPATH=$(GOPATH) go get golang.org/x/lint/golint + GOPATH=$(GOPATH) go get github.com/jstemmer/go-junit-report + GOPATH=$(GOPATH) go get github.com/axw/gocov/gocov + GOPATH=$(GOPATH) go get github.com/fzipp/gocyclo + GOPATH=$(GOPATH) go get github.com/gordonklaus/ineffassign + GOPATH=$(GOPATH) go get github.com/client9/misspell/cmd/misspell + GOPATH=$(GOPATH) go get github.com/opennota/check/cmd/structcheck + GOPATH=$(GOPATH) go get github.com/opennota/check/cmd/varcheck + GOPATH=$(GOPATH) go get github.com/kisielk/errcheck + GOPATH=$(GOPATH) go get github.com/securego/gosec/cmd/gosec/... + +# Remove any build artifact +clean: + GOPATH=$(GOPATH) go clean ./... + +# Deletes any intermediate file +nuke: + rm -rf ./target + GOPATH=$(GOPATH) go clean -i ./... diff --git a/vendor/github.com/willf/bitset/README.md b/vendor/github.com/willf/bitset/README.md new file mode 100644 index 000000000000..6c62b20c6c80 --- /dev/null +++ b/vendor/github.com/willf/bitset/README.md @@ -0,0 +1,96 @@ +# bitset + +*Go language library to map between non-negative integers and boolean values* + +[![Master Build Status](https://secure.travis-ci.org/willf/bitset.png?branch=master)](https://travis-ci.org/willf/bitset?branch=master) +[![Master Coverage Status](https://coveralls.io/repos/willf/bitset/badge.svg?branch=master&service=github)](https://coveralls.io/github/willf/bitset?branch=master) +[![Go Report Card](https://goreportcard.com/badge/github.com/willf/bitset)](https://goreportcard.com/report/github.com/willf/bitset) +[![GoDoc](https://godoc.org/github.com/willf/bitset?status.svg)](http://godoc.org/github.com/willf/bitset) + + +## Description + +Package bitset implements bitsets, a mapping between non-negative integers and boolean values. +It should be more efficient than map[uint] bool. + +It provides methods for setting, clearing, flipping, and testing individual integers. + +But it also provides set intersection, union, difference, complement, and symmetric operations, as well as tests to check whether any, all, or no bits are set, and querying a bitset's current length and number of positive bits. + +BitSets are expanded to the size of the largest set bit; the memory allocation is approximately Max bits, where Max is the largest set bit. BitSets are never shrunk. On creation, a hint can be given for the number of bits that will be used. + +Many of the methods, including Set, Clear, and Flip, return a BitSet pointer, which allows for chaining. + +### Example use: + +```go +package main + +import ( + "fmt" + "math/rand" + + "github.com/willf/bitset" +) + +func main() { + fmt.Printf("Hello from BitSet!\n") + var b bitset.BitSet + // play some Go Fish + for i := 0; i < 100; i++ { + card1 := uint(rand.Intn(52)) + card2 := uint(rand.Intn(52)) + b.Set(card1) + if b.Test(card2) { + fmt.Println("Go Fish!") + } + b.Clear(card1) + } + + // Chaining + b.Set(10).Set(11) + + for i, e := b.NextSet(0); e; i, e = b.NextSet(i + 1) { + fmt.Println("The following bit is set:", i) + } + if b.Intersection(bitset.New(100).Set(10)).Count() == 1 { + fmt.Println("Intersection works.") + } else { + fmt.Println("Intersection doesn't work???") + } +} +``` + +As an alternative to BitSets, one should check out the 'big' package, which provides a (less set-theoretical) view of bitsets. + +Godoc documentation is at: https://godoc.org/github.com/willf/bitset + + +## Implementation Note + +Go 1.9 introduced a native `math/bits` library. We provide backward compatibility to Go 1.7, which might be removed. + +It is possible that a later version will match the `math/bits` return signature for counts (which is `int`, rather than our library's `unit64`). If so, the version will be bumped. + +## Installation + +```bash +go get github.com/willf/bitset +``` + +## Contributing + +If you wish to contribute to this project, please branch and issue a pull request against master ("[GitHub Flow](https://guides.github.com/introduction/flow/)") + +This project include a Makefile that allows you to test and build the project with simple commands. +To see all available options: +```bash +make help +``` + +## Running all tests + +Before committing the code, please check if it passes all tests using (note: this will install some dependencies): +```bash +make qa +``` diff --git a/vendor/github.com/willf/bitset/azure-pipelines.yml b/vendor/github.com/willf/bitset/azure-pipelines.yml new file mode 100644 index 000000000000..f9b295918404 --- /dev/null +++ b/vendor/github.com/willf/bitset/azure-pipelines.yml @@ -0,0 +1,39 @@ +# Go +# Build your Go project. +# Add steps that test, save build artifacts, deploy, and more: +# https://docs.microsoft.com/azure/devops/pipelines/languages/go + +trigger: +- master + +pool: + vmImage: 'Ubuntu-16.04' + +variables: + GOBIN: '$(GOPATH)/bin' # Go binaries path + GOROOT: '/usr/local/go1.11' # Go installation path + GOPATH: '$(system.defaultWorkingDirectory)/gopath' # Go workspace path + modulePath: '$(GOPATH)/src/github.com/$(build.repository.name)' # Path to the module's code + +steps: +- script: | + mkdir -p '$(GOBIN)' + mkdir -p '$(GOPATH)/pkg' + mkdir -p '$(modulePath)' + shopt -s extglob + shopt -s dotglob + mv !(gopath) '$(modulePath)' + echo '##vso[task.prependpath]$(GOBIN)' + echo '##vso[task.prependpath]$(GOROOT)/bin' + displayName: 'Set up the Go workspace' + +- script: | + go version + go get -v -t -d ./... + if [ -f Gopkg.toml ]; then + curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh + dep ensure + fi + go build -v . + workingDirectory: '$(modulePath)' + displayName: 'Get dependencies, then build' diff --git a/vendor/github.com/willf/bitset/bitset.go b/vendor/github.com/willf/bitset/bitset.go new file mode 100644 index 000000000000..22e5d42e5d6d --- /dev/null +++ b/vendor/github.com/willf/bitset/bitset.go @@ -0,0 +1,879 @@ +/* +Package bitset implements bitsets, a mapping +between non-negative integers and boolean values. It should be more +efficient than map[uint] bool. + +It provides methods for setting, clearing, flipping, and testing +individual integers. + +But it also provides set intersection, union, difference, +complement, and symmetric operations, as well as tests to +check whether any, all, or no bits are set, and querying a +bitset's current length and number of positive bits. + +BitSets are expanded to the size of the largest set bit; the +memory allocation is approximately Max bits, where Max is +the largest set bit. BitSets are never shrunk. On creation, +a hint can be given for the number of bits that will be used. + +Many of the methods, including Set,Clear, and Flip, return +a BitSet pointer, which allows for chaining. + +Example use: + + import "bitset" + var b BitSet + b.Set(10).Set(11) + if b.Test(1000) { + b.Clear(1000) + } + if B.Intersection(bitset.New(100).Set(10)).Count() > 1 { + fmt.Println("Intersection works.") + } + +As an alternative to BitSets, one should check out the 'big' package, +which provides a (less set-theoretical) view of bitsets. + +*/ +package bitset + +import ( + "bufio" + "bytes" + "encoding/base64" + "encoding/binary" + "encoding/json" + "errors" + "fmt" + "io" + "strconv" +) + +// the wordSize of a bit set +const wordSize = uint(64) + +// log2WordSize is lg(wordSize) +const log2WordSize = uint(6) + +// allBits has every bit set +const allBits uint64 = 0xffffffffffffffff + +// default binary BigEndian +var binaryOrder binary.ByteOrder = binary.BigEndian + +// default json encoding base64.URLEncoding +var base64Encoding = base64.URLEncoding + +// Base64StdEncoding Marshal/Unmarshal BitSet with base64.StdEncoding(Default: base64.URLEncoding) +func Base64StdEncoding() { base64Encoding = base64.StdEncoding } + +// LittleEndian Marshal/Unmarshal Binary as Little Endian(Default: binary.BigEndian) +func LittleEndian() { binaryOrder = binary.LittleEndian } + +// A BitSet is a set of bits. The zero value of a BitSet is an empty set of length 0. +type BitSet struct { + length uint + set []uint64 +} + +// Error is used to distinguish errors (panics) generated in this package. +type Error string + +// safeSet will fixup b.set to be non-nil and return the field value +func (b *BitSet) safeSet() []uint64 { + if b.set == nil { + b.set = make([]uint64, wordsNeeded(0)) + } + return b.set +} + +// From is a constructor used to create a BitSet from an array of integers +func From(buf []uint64) *BitSet { + return &BitSet{uint(len(buf)) * 64, buf} +} + +// Bytes returns the bitset as array of integers +func (b *BitSet) Bytes() []uint64 { + return b.set +} + +// wordsNeeded calculates the number of words needed for i bits +func wordsNeeded(i uint) int { + if i > (Cap() - wordSize + 1) { + return int(Cap() >> log2WordSize) + } + return int((i + (wordSize - 1)) >> log2WordSize) +} + +// New creates a new BitSet with a hint that length bits will be required +func New(length uint) (bset *BitSet) { + defer func() { + if r := recover(); r != nil { + bset = &BitSet{ + 0, + make([]uint64, 0), + } + } + }() + + bset = &BitSet{ + length, + make([]uint64, wordsNeeded(length)), + } + + return bset +} + +// Cap returns the total possible capacity, or number of bits +func Cap() uint { + return ^uint(0) +} + +// Len returns the number of bits in the BitSet. +// Note the difference to method Count, see example. +func (b *BitSet) Len() uint { + return b.length +} + +// extendSetMaybe adds additional words to incorporate new bits if needed +func (b *BitSet) extendSetMaybe(i uint) { + if i >= b.length { // if we need more bits, make 'em + nsize := wordsNeeded(i + 1) + if b.set == nil { + b.set = make([]uint64, nsize) + } else if cap(b.set) >= nsize { + b.set = b.set[:nsize] // fast resize + } else if len(b.set) < nsize { + newset := make([]uint64, nsize, 2*nsize) // increase capacity 2x + copy(newset, b.set) + b.set = newset + } + b.length = i + 1 + } +} + +// Test whether bit i is set. +func (b *BitSet) Test(i uint) bool { + if i >= b.length { + return false + } + return b.set[i>>log2WordSize]&(1<<(i&(wordSize-1))) != 0 +} + +// Set bit i to 1 +func (b *BitSet) Set(i uint) *BitSet { + b.extendSetMaybe(i) + b.set[i>>log2WordSize] |= 1 << (i & (wordSize - 1)) + return b +} + +// Clear bit i to 0 +func (b *BitSet) Clear(i uint) *BitSet { + if i >= b.length { + return b + } + b.set[i>>log2WordSize] &^= 1 << (i & (wordSize - 1)) + return b +} + +// SetTo sets bit i to value +func (b *BitSet) SetTo(i uint, value bool) *BitSet { + if value { + return b.Set(i) + } + return b.Clear(i) +} + +// Flip bit at i +func (b *BitSet) Flip(i uint) *BitSet { + if i >= b.length { + return b.Set(i) + } + b.set[i>>log2WordSize] ^= 1 << (i & (wordSize - 1)) + return b +} + +// Shrink shrinks BitSet to desired length in bits. It clears all bits > length +// and reduces the size and length of the set. +// +// A new slice is allocated to store the new bits, so you may see an increase in +// memory usage until the GC runs. Normally this should not be a problem, but if you +// have an extremely large BitSet its important to understand that the old BitSet will +// remain in memory until the GC frees it. +func (b *BitSet) Shrink(length uint) *BitSet { + idx := wordsNeeded(length + 1) + if idx > len(b.set) { + return b + } + shrunk := make([]uint64, idx) + copy(shrunk, b.set[:idx]) + b.set = shrunk + b.length = length + 1 + b.set[idx-1] &= (allBits >> (uint64(64) - uint64(length&(wordSize-1)) - 1)) + return b +} + +// InsertAt takes an index which indicates where a bit should be +// inserted. Then it shifts all the bits in the set to the left by 1, starting +// from the given index position, and sets the index position to 0. +// +// Depending on the size of your BitSet, and where you are inserting the new entry, +// this method could be extremely slow and in some cases might cause the entire BitSet +// to be recopied. +func (b *BitSet) InsertAt(idx uint) *BitSet { + insertAtElement := (idx >> log2WordSize) + + // if length of set is a multiple of wordSize we need to allocate more space first + if b.isLenExactMultiple() { + b.set = append(b.set, uint64(0)) + } + + var i uint + for i = uint(len(b.set) - 1); i > insertAtElement; i-- { + // all elements above the position where we want to insert can simply by shifted + b.set[i] <<= 1 + + // we take the most significant bit of the previous element and set it as + // the least significant bit of the current element + b.set[i] |= (b.set[i-1] & 0x8000000000000000) >> 63 + } + + // generate a mask to extract the data that we need to shift left + // within the element where we insert a bit + dataMask := ^(uint64(1)< 0x40000 { + buffer.WriteString("...") + break + } + buffer.WriteString(strconv.FormatInt(int64(i), 10)) + i, e = b.NextSet(i + 1) + if e { + buffer.WriteString(",") + } + } + buffer.WriteString("}") + return buffer.String() +} + +// DeleteAt deletes the bit at the given index position from +// within the bitset +// All the bits residing on the left of the deleted bit get +// shifted right by 1 +// The running time of this operation may potentially be +// relatively slow, O(length) +func (b *BitSet) DeleteAt(i uint) *BitSet { + // the index of the slice element where we'll delete a bit + deleteAtElement := i >> log2WordSize + + // generate a mask for the data that needs to be shifted right + // within that slice element that gets modified + dataMask := ^((uint64(1) << (i & (wordSize - 1))) - 1) + + // extract the data that we'll shift right from the slice element + data := b.set[deleteAtElement] & dataMask + + // set the masked area to 0 while leaving the rest as it is + b.set[deleteAtElement] &= ^dataMask + + // shift the previously extracted data to the right and then + // set it in the previously masked area + b.set[deleteAtElement] |= (data >> 1) & dataMask + + // loop over all the consecutive slice elements to copy each + // lowest bit into the highest position of the previous element, + // then shift the entire content to the right by 1 + for i := int(deleteAtElement) + 1; i < len(b.set); i++ { + b.set[i-1] |= (b.set[i] & 1) << 63 + b.set[i] >>= 1 + } + + b.length = b.length - 1 + + return b +} + +// NextSet returns the next bit set from the specified index, +// including possibly the current index +// along with an error code (true = valid, false = no set bit found) +// for i,e := v.NextSet(0); e; i,e = v.NextSet(i + 1) {...} +func (b *BitSet) NextSet(i uint) (uint, bool) { + x := int(i >> log2WordSize) + if x >= len(b.set) { + return 0, false + } + w := b.set[x] + w = w >> (i & (wordSize - 1)) + if w != 0 { + return i + trailingZeroes64(w), true + } + x = x + 1 + for x < len(b.set) { + if b.set[x] != 0 { + return uint(x)*wordSize + trailingZeroes64(b.set[x]), true + } + x = x + 1 + + } + return 0, false +} + +// NextSetMany returns many next bit sets from the specified index, +// including possibly the current index and up to cap(buffer). +// If the returned slice has len zero, then no more set bits were found +// +// buffer := make([]uint, 256) // this should be reused +// j := uint(0) +// j, buffer = bitmap.NextSetMany(j, buffer) +// for ; len(buffer) > 0; j, buffer = bitmap.NextSetMany(j,buffer) { +// for k := range buffer { +// do something with buffer[k] +// } +// j += 1 +// } +// +func (b *BitSet) NextSetMany(i uint, buffer []uint) (uint, []uint) { + myanswer := buffer + capacity := cap(buffer) + x := int(i >> log2WordSize) + if x >= len(b.set) || capacity == 0 { + return 0, myanswer[:0] + } + skip := i & (wordSize - 1) + word := b.set[x] >> skip + myanswer = myanswer[:capacity] + size := int(0) + for word != 0 { + r := trailingZeroes64(word) + t := word & ((^word) + 1) + myanswer[size] = r + i + size++ + if size == capacity { + goto End + } + word = word ^ t + } + x++ + for idx, word := range b.set[x:] { + for word != 0 { + r := trailingZeroes64(word) + t := word & ((^word) + 1) + myanswer[size] = r + (uint(x+idx) << 6) + size++ + if size == capacity { + goto End + } + word = word ^ t + } + } +End: + if size > 0 { + return myanswer[size-1], myanswer[:size] + } + return 0, myanswer[:0] +} + +// NextClear returns the next clear bit from the specified index, +// including possibly the current index +// along with an error code (true = valid, false = no bit found i.e. all bits are set) +func (b *BitSet) NextClear(i uint) (uint, bool) { + x := int(i >> log2WordSize) + if x >= len(b.set) { + return 0, false + } + w := b.set[x] + w = w >> (i & (wordSize - 1)) + wA := allBits >> (i & (wordSize - 1)) + index := i + trailingZeroes64(^w) + if w != wA && index < b.length { + return index, true + } + x++ + for x < len(b.set) { + index = uint(x)*wordSize + trailingZeroes64(^b.set[x]) + if b.set[x] != allBits && index < b.length { + return index, true + } + x++ + } + return 0, false +} + +// ClearAll clears the entire BitSet +func (b *BitSet) ClearAll() *BitSet { + if b != nil && b.set != nil { + for i := range b.set { + b.set[i] = 0 + } + } + return b +} + +// wordCount returns the number of words used in a bit set +func (b *BitSet) wordCount() int { + return len(b.set) +} + +// Clone this BitSet +func (b *BitSet) Clone() *BitSet { + c := New(b.length) + if b.set != nil { // Clone should not modify current object + copy(c.set, b.set) + } + return c +} + +// Copy into a destination BitSet +// Returning the size of the destination BitSet +// like array copy +func (b *BitSet) Copy(c *BitSet) (count uint) { + if c == nil { + return + } + if b.set != nil { // Copy should not modify current object + copy(c.set, b.set) + } + count = c.length + if b.length < c.length { + count = b.length + } + return +} + +// Count (number of set bits). +// Also known as "popcount" or "popularity count". +func (b *BitSet) Count() uint { + if b != nil && b.set != nil { + return uint(popcntSlice(b.set)) + } + return 0 +} + +// Equal tests the equivalence of two BitSets. +// False if they are of different sizes, otherwise true +// only if all the same bits are set +func (b *BitSet) Equal(c *BitSet) bool { + if c == nil || b == nil { + return c == b + } + if b.length != c.length { + return false + } + if b.length == 0 { // if they have both length == 0, then could have nil set + return true + } + // testing for equality shoud not transform the bitset (no call to safeSet) + + for p, v := range b.set { + if c.set[p] != v { + return false + } + } + return true +} + +func panicIfNull(b *BitSet) { + if b == nil { + panic(Error("BitSet must not be null")) + } +} + +// Difference of base set and other set +// This is the BitSet equivalent of &^ (and not) +func (b *BitSet) Difference(compare *BitSet) (result *BitSet) { + panicIfNull(b) + panicIfNull(compare) + result = b.Clone() // clone b (in case b is bigger than compare) + l := int(compare.wordCount()) + if l > int(b.wordCount()) { + l = int(b.wordCount()) + } + for i := 0; i < l; i++ { + result.set[i] = b.set[i] &^ compare.set[i] + } + return +} + +// DifferenceCardinality computes the cardinality of the differnce +func (b *BitSet) DifferenceCardinality(compare *BitSet) uint { + panicIfNull(b) + panicIfNull(compare) + l := int(compare.wordCount()) + if l > int(b.wordCount()) { + l = int(b.wordCount()) + } + cnt := uint64(0) + cnt += popcntMaskSlice(b.set[:l], compare.set[:l]) + cnt += popcntSlice(b.set[l:]) + return uint(cnt) +} + +// InPlaceDifference computes the difference of base set and other set +// This is the BitSet equivalent of &^ (and not) +func (b *BitSet) InPlaceDifference(compare *BitSet) { + panicIfNull(b) + panicIfNull(compare) + l := int(compare.wordCount()) + if l > int(b.wordCount()) { + l = int(b.wordCount()) + } + for i := 0; i < l; i++ { + b.set[i] &^= compare.set[i] + } +} + +// Convenience function: return two bitsets ordered by +// increasing length. Note: neither can be nil +func sortByLength(a *BitSet, b *BitSet) (ap *BitSet, bp *BitSet) { + if a.length <= b.length { + ap, bp = a, b + } else { + ap, bp = b, a + } + return +} + +// Intersection of base set and other set +// This is the BitSet equivalent of & (and) +func (b *BitSet) Intersection(compare *BitSet) (result *BitSet) { + panicIfNull(b) + panicIfNull(compare) + b, compare = sortByLength(b, compare) + result = New(b.length) + for i, word := range b.set { + result.set[i] = word & compare.set[i] + } + return +} + +// IntersectionCardinality computes the cardinality of the union +func (b *BitSet) IntersectionCardinality(compare *BitSet) uint { + panicIfNull(b) + panicIfNull(compare) + b, compare = sortByLength(b, compare) + cnt := popcntAndSlice(b.set, compare.set) + return uint(cnt) +} + +// InPlaceIntersection destructively computes the intersection of +// base set and the compare set. +// This is the BitSet equivalent of & (and) +func (b *BitSet) InPlaceIntersection(compare *BitSet) { + panicIfNull(b) + panicIfNull(compare) + l := int(compare.wordCount()) + if l > int(b.wordCount()) { + l = int(b.wordCount()) + } + for i := 0; i < l; i++ { + b.set[i] &= compare.set[i] + } + for i := l; i < len(b.set); i++ { + b.set[i] = 0 + } + if compare.length > 0 { + b.extendSetMaybe(compare.length - 1) + } +} + +// Union of base set and other set +// This is the BitSet equivalent of | (or) +func (b *BitSet) Union(compare *BitSet) (result *BitSet) { + panicIfNull(b) + panicIfNull(compare) + b, compare = sortByLength(b, compare) + result = compare.Clone() + for i, word := range b.set { + result.set[i] = word | compare.set[i] + } + return +} + +// UnionCardinality computes the cardinality of the uniton of the base set +// and the compare set. +func (b *BitSet) UnionCardinality(compare *BitSet) uint { + panicIfNull(b) + panicIfNull(compare) + b, compare = sortByLength(b, compare) + cnt := popcntOrSlice(b.set, compare.set) + if len(compare.set) > len(b.set) { + cnt += popcntSlice(compare.set[len(b.set):]) + } + return uint(cnt) +} + +// InPlaceUnion creates the destructive union of base set and compare set. +// This is the BitSet equivalent of | (or). +func (b *BitSet) InPlaceUnion(compare *BitSet) { + panicIfNull(b) + panicIfNull(compare) + l := int(compare.wordCount()) + if l > int(b.wordCount()) { + l = int(b.wordCount()) + } + if compare.length > 0 { + b.extendSetMaybe(compare.length - 1) + } + for i := 0; i < l; i++ { + b.set[i] |= compare.set[i] + } + if len(compare.set) > l { + for i := l; i < len(compare.set); i++ { + b.set[i] = compare.set[i] + } + } +} + +// SymmetricDifference of base set and other set +// This is the BitSet equivalent of ^ (xor) +func (b *BitSet) SymmetricDifference(compare *BitSet) (result *BitSet) { + panicIfNull(b) + panicIfNull(compare) + b, compare = sortByLength(b, compare) + // compare is bigger, so clone it + result = compare.Clone() + for i, word := range b.set { + result.set[i] = word ^ compare.set[i] + } + return +} + +// SymmetricDifferenceCardinality computes the cardinality of the symmetric difference +func (b *BitSet) SymmetricDifferenceCardinality(compare *BitSet) uint { + panicIfNull(b) + panicIfNull(compare) + b, compare = sortByLength(b, compare) + cnt := popcntXorSlice(b.set, compare.set) + if len(compare.set) > len(b.set) { + cnt += popcntSlice(compare.set[len(b.set):]) + } + return uint(cnt) +} + +// InPlaceSymmetricDifference creates the destructive SymmetricDifference of base set and other set +// This is the BitSet equivalent of ^ (xor) +func (b *BitSet) InPlaceSymmetricDifference(compare *BitSet) { + panicIfNull(b) + panicIfNull(compare) + l := int(compare.wordCount()) + if l > int(b.wordCount()) { + l = int(b.wordCount()) + } + if compare.length > 0 { + b.extendSetMaybe(compare.length - 1) + } + for i := 0; i < l; i++ { + b.set[i] ^= compare.set[i] + } + if len(compare.set) > l { + for i := l; i < len(compare.set); i++ { + b.set[i] = compare.set[i] + } + } +} + +// Is the length an exact multiple of word sizes? +func (b *BitSet) isLenExactMultiple() bool { + return b.length%wordSize == 0 +} + +// Clean last word by setting unused bits to 0 +func (b *BitSet) cleanLastWord() { + if !b.isLenExactMultiple() { + b.set[len(b.set)-1] &= allBits >> (wordSize - b.length%wordSize) + } +} + +// Complement computes the (local) complement of a biset (up to length bits) +func (b *BitSet) Complement() (result *BitSet) { + panicIfNull(b) + result = New(b.length) + for i, word := range b.set { + result.set[i] = ^word + } + result.cleanLastWord() + return +} + +// All returns true if all bits are set, false otherwise. Returns true for +// empty sets. +func (b *BitSet) All() bool { + panicIfNull(b) + return b.Count() == b.length +} + +// None returns true if no bit is set, false otherwise. Returns true for +// empty sets. +func (b *BitSet) None() bool { + panicIfNull(b) + if b != nil && b.set != nil { + for _, word := range b.set { + if word > 0 { + return false + } + } + return true + } + return true +} + +// Any returns true if any bit is set, false otherwise +func (b *BitSet) Any() bool { + panicIfNull(b) + return !b.None() +} + +// IsSuperSet returns true if this is a superset of the other set +func (b *BitSet) IsSuperSet(other *BitSet) bool { + for i, e := other.NextSet(0); e; i, e = other.NextSet(i + 1) { + if !b.Test(i) { + return false + } + } + return true +} + +// IsStrictSuperSet returns true if this is a strict superset of the other set +func (b *BitSet) IsStrictSuperSet(other *BitSet) bool { + return b.Count() > other.Count() && b.IsSuperSet(other) +} + +// DumpAsBits dumps a bit set as a string of bits +func (b *BitSet) DumpAsBits() string { + if b.set == nil { + return "." + } + buffer := bytes.NewBufferString("") + i := len(b.set) - 1 + for ; i >= 0; i-- { + fmt.Fprintf(buffer, "%064b.", b.set[i]) + } + return buffer.String() +} + +// BinaryStorageSize returns the binary storage requirements +func (b *BitSet) BinaryStorageSize() int { + return binary.Size(uint64(0)) + binary.Size(b.set) +} + +// WriteTo writes a BitSet to a stream +func (b *BitSet) WriteTo(stream io.Writer) (int64, error) { + length := uint64(b.length) + + // Write length + err := binary.Write(stream, binaryOrder, length) + if err != nil { + return 0, err + } + + // Write set + err = binary.Write(stream, binaryOrder, b.set) + return int64(b.BinaryStorageSize()), err +} + +// ReadFrom reads a BitSet from a stream written using WriteTo +func (b *BitSet) ReadFrom(stream io.Reader) (int64, error) { + var length uint64 + + // Read length first + err := binary.Read(stream, binaryOrder, &length) + if err != nil { + return 0, err + } + newset := New(uint(length)) + + if uint64(newset.length) != length { + return 0, errors.New("Unmarshalling error: type mismatch") + } + + // Read remaining bytes as set + err = binary.Read(stream, binaryOrder, newset.set) + if err != nil { + return 0, err + } + + *b = *newset + return int64(b.BinaryStorageSize()), nil +} + +// MarshalBinary encodes a BitSet into a binary form and returns the result. +func (b *BitSet) MarshalBinary() ([]byte, error) { + var buf bytes.Buffer + writer := bufio.NewWriter(&buf) + + _, err := b.WriteTo(writer) + if err != nil { + return []byte{}, err + } + + err = writer.Flush() + + return buf.Bytes(), err +} + +// UnmarshalBinary decodes the binary form generated by MarshalBinary. +func (b *BitSet) UnmarshalBinary(data []byte) error { + buf := bytes.NewReader(data) + reader := bufio.NewReader(buf) + + _, err := b.ReadFrom(reader) + + return err +} + +// MarshalJSON marshals a BitSet as a JSON structure +func (b *BitSet) MarshalJSON() ([]byte, error) { + buffer := bytes.NewBuffer(make([]byte, 0, b.BinaryStorageSize())) + _, err := b.WriteTo(buffer) + if err != nil { + return nil, err + } + + // URLEncode all bytes + return json.Marshal(base64Encoding.EncodeToString(buffer.Bytes())) +} + +// UnmarshalJSON unmarshals a BitSet from JSON created using MarshalJSON +func (b *BitSet) UnmarshalJSON(data []byte) error { + // Unmarshal as string + var s string + err := json.Unmarshal(data, &s) + if err != nil { + return err + } + + // URLDecode string + buf, err := base64Encoding.DecodeString(s) + if err != nil { + return err + } + + _, err = b.ReadFrom(bytes.NewReader(buf)) + return err +} diff --git a/vendor/github.com/willf/bitset/popcnt.go b/vendor/github.com/willf/bitset/popcnt.go new file mode 100644 index 000000000000..76577a838284 --- /dev/null +++ b/vendor/github.com/willf/bitset/popcnt.go @@ -0,0 +1,53 @@ +package bitset + +// bit population count, take from +// https://code.google.com/p/go/issues/detail?id=4988#c11 +// credit: https://code.google.com/u/arnehormann/ +func popcount(x uint64) (n uint64) { + x -= (x >> 1) & 0x5555555555555555 + x = (x>>2)&0x3333333333333333 + x&0x3333333333333333 + x += x >> 4 + x &= 0x0f0f0f0f0f0f0f0f + x *= 0x0101010101010101 + return x >> 56 +} + +func popcntSliceGo(s []uint64) uint64 { + cnt := uint64(0) + for _, x := range s { + cnt += popcount(x) + } + return cnt +} + +func popcntMaskSliceGo(s, m []uint64) uint64 { + cnt := uint64(0) + for i := range s { + cnt += popcount(s[i] &^ m[i]) + } + return cnt +} + +func popcntAndSliceGo(s, m []uint64) uint64 { + cnt := uint64(0) + for i := range s { + cnt += popcount(s[i] & m[i]) + } + return cnt +} + +func popcntOrSliceGo(s, m []uint64) uint64 { + cnt := uint64(0) + for i := range s { + cnt += popcount(s[i] | m[i]) + } + return cnt +} + +func popcntXorSliceGo(s, m []uint64) uint64 { + cnt := uint64(0) + for i := range s { + cnt += popcount(s[i] ^ m[i]) + } + return cnt +} diff --git a/vendor/github.com/willf/bitset/popcnt_19.go b/vendor/github.com/willf/bitset/popcnt_19.go new file mode 100644 index 000000000000..fc8ff4f367c2 --- /dev/null +++ b/vendor/github.com/willf/bitset/popcnt_19.go @@ -0,0 +1,45 @@ +// +build go1.9 + +package bitset + +import "math/bits" + +func popcntSlice(s []uint64) uint64 { + var cnt int + for _, x := range s { + cnt += bits.OnesCount64(x) + } + return uint64(cnt) +} + +func popcntMaskSlice(s, m []uint64) uint64 { + var cnt int + for i := range s { + cnt += bits.OnesCount64(s[i] &^ m[i]) + } + return uint64(cnt) +} + +func popcntAndSlice(s, m []uint64) uint64 { + var cnt int + for i := range s { + cnt += bits.OnesCount64(s[i] & m[i]) + } + return uint64(cnt) +} + +func popcntOrSlice(s, m []uint64) uint64 { + var cnt int + for i := range s { + cnt += bits.OnesCount64(s[i] | m[i]) + } + return uint64(cnt) +} + +func popcntXorSlice(s, m []uint64) uint64 { + var cnt int + for i := range s { + cnt += bits.OnesCount64(s[i] ^ m[i]) + } + return uint64(cnt) +} diff --git a/vendor/github.com/willf/bitset/popcnt_amd64.go b/vendor/github.com/willf/bitset/popcnt_amd64.go new file mode 100644 index 000000000000..4cf64f24ad03 --- /dev/null +++ b/vendor/github.com/willf/bitset/popcnt_amd64.go @@ -0,0 +1,68 @@ +// +build !go1.9 +// +build amd64,!appengine + +package bitset + +// *** the following functions are defined in popcnt_amd64.s + +//go:noescape + +func hasAsm() bool + +// useAsm is a flag used to select the GO or ASM implementation of the popcnt function +var useAsm = hasAsm() + +//go:noescape + +func popcntSliceAsm(s []uint64) uint64 + +//go:noescape + +func popcntMaskSliceAsm(s, m []uint64) uint64 + +//go:noescape + +func popcntAndSliceAsm(s, m []uint64) uint64 + +//go:noescape + +func popcntOrSliceAsm(s, m []uint64) uint64 + +//go:noescape + +func popcntXorSliceAsm(s, m []uint64) uint64 + +func popcntSlice(s []uint64) uint64 { + if useAsm { + return popcntSliceAsm(s) + } + return popcntSliceGo(s) +} + +func popcntMaskSlice(s, m []uint64) uint64 { + if useAsm { + return popcntMaskSliceAsm(s, m) + } + return popcntMaskSliceGo(s, m) +} + +func popcntAndSlice(s, m []uint64) uint64 { + if useAsm { + return popcntAndSliceAsm(s, m) + } + return popcntAndSliceGo(s, m) +} + +func popcntOrSlice(s, m []uint64) uint64 { + if useAsm { + return popcntOrSliceAsm(s, m) + } + return popcntOrSliceGo(s, m) +} + +func popcntXorSlice(s, m []uint64) uint64 { + if useAsm { + return popcntXorSliceAsm(s, m) + } + return popcntXorSliceGo(s, m) +} diff --git a/vendor/github.com/willf/bitset/popcnt_amd64.s b/vendor/github.com/willf/bitset/popcnt_amd64.s new file mode 100644 index 000000000000..666c0dcc17f5 --- /dev/null +++ b/vendor/github.com/willf/bitset/popcnt_amd64.s @@ -0,0 +1,104 @@ +// +build !go1.9 +// +build amd64,!appengine + +TEXT ·hasAsm(SB),4,$0-1 +MOVQ $1, AX +CPUID +SHRQ $23, CX +ANDQ $1, CX +MOVB CX, ret+0(FP) +RET + +#define POPCNTQ_DX_DX BYTE $0xf3; BYTE $0x48; BYTE $0x0f; BYTE $0xb8; BYTE $0xd2 + +TEXT ·popcntSliceAsm(SB),4,$0-32 +XORQ AX, AX +MOVQ s+0(FP), SI +MOVQ s_len+8(FP), CX +TESTQ CX, CX +JZ popcntSliceEnd +popcntSliceLoop: +BYTE $0xf3; BYTE $0x48; BYTE $0x0f; BYTE $0xb8; BYTE $0x16 // POPCNTQ (SI), DX +ADDQ DX, AX +ADDQ $8, SI +LOOP popcntSliceLoop +popcntSliceEnd: +MOVQ AX, ret+24(FP) +RET + +TEXT ·popcntMaskSliceAsm(SB),4,$0-56 +XORQ AX, AX +MOVQ s+0(FP), SI +MOVQ s_len+8(FP), CX +TESTQ CX, CX +JZ popcntMaskSliceEnd +MOVQ m+24(FP), DI +popcntMaskSliceLoop: +MOVQ (DI), DX +NOTQ DX +ANDQ (SI), DX +POPCNTQ_DX_DX +ADDQ DX, AX +ADDQ $8, SI +ADDQ $8, DI +LOOP popcntMaskSliceLoop +popcntMaskSliceEnd: +MOVQ AX, ret+48(FP) +RET + +TEXT ·popcntAndSliceAsm(SB),4,$0-56 +XORQ AX, AX +MOVQ s+0(FP), SI +MOVQ s_len+8(FP), CX +TESTQ CX, CX +JZ popcntAndSliceEnd +MOVQ m+24(FP), DI +popcntAndSliceLoop: +MOVQ (DI), DX +ANDQ (SI), DX +POPCNTQ_DX_DX +ADDQ DX, AX +ADDQ $8, SI +ADDQ $8, DI +LOOP popcntAndSliceLoop +popcntAndSliceEnd: +MOVQ AX, ret+48(FP) +RET + +TEXT ·popcntOrSliceAsm(SB),4,$0-56 +XORQ AX, AX +MOVQ s+0(FP), SI +MOVQ s_len+8(FP), CX +TESTQ CX, CX +JZ popcntOrSliceEnd +MOVQ m+24(FP), DI +popcntOrSliceLoop: +MOVQ (DI), DX +ORQ (SI), DX +POPCNTQ_DX_DX +ADDQ DX, AX +ADDQ $8, SI +ADDQ $8, DI +LOOP popcntOrSliceLoop +popcntOrSliceEnd: +MOVQ AX, ret+48(FP) +RET + +TEXT ·popcntXorSliceAsm(SB),4,$0-56 +XORQ AX, AX +MOVQ s+0(FP), SI +MOVQ s_len+8(FP), CX +TESTQ CX, CX +JZ popcntXorSliceEnd +MOVQ m+24(FP), DI +popcntXorSliceLoop: +MOVQ (DI), DX +XORQ (SI), DX +POPCNTQ_DX_DX +ADDQ DX, AX +ADDQ $8, SI +ADDQ $8, DI +LOOP popcntXorSliceLoop +popcntXorSliceEnd: +MOVQ AX, ret+48(FP) +RET diff --git a/vendor/github.com/willf/bitset/popcnt_generic.go b/vendor/github.com/willf/bitset/popcnt_generic.go new file mode 100644 index 000000000000..21e0ff7b4fc5 --- /dev/null +++ b/vendor/github.com/willf/bitset/popcnt_generic.go @@ -0,0 +1,24 @@ +// +build !go1.9 +// +build !amd64 appengine + +package bitset + +func popcntSlice(s []uint64) uint64 { + return popcntSliceGo(s) +} + +func popcntMaskSlice(s, m []uint64) uint64 { + return popcntMaskSliceGo(s, m) +} + +func popcntAndSlice(s, m []uint64) uint64 { + return popcntAndSliceGo(s, m) +} + +func popcntOrSlice(s, m []uint64) uint64 { + return popcntOrSliceGo(s, m) +} + +func popcntXorSlice(s, m []uint64) uint64 { + return popcntXorSliceGo(s, m) +} diff --git a/vendor/github.com/willf/bitset/trailing_zeros_18.go b/vendor/github.com/willf/bitset/trailing_zeros_18.go new file mode 100644 index 000000000000..c52b61be9fc2 --- /dev/null +++ b/vendor/github.com/willf/bitset/trailing_zeros_18.go @@ -0,0 +1,14 @@ +// +build !go1.9 + +package bitset + +var deBruijn = [...]byte{ + 0, 1, 56, 2, 57, 49, 28, 3, 61, 58, 42, 50, 38, 29, 17, 4, + 62, 47, 59, 36, 45, 43, 51, 22, 53, 39, 33, 30, 24, 18, 12, 5, + 63, 55, 48, 27, 60, 41, 37, 16, 46, 35, 44, 21, 52, 32, 23, 11, + 54, 26, 40, 15, 34, 20, 31, 10, 25, 14, 19, 9, 13, 8, 7, 6, +} + +func trailingZeroes64(v uint64) uint { + return uint(deBruijn[((v&-v)*0x03f79d71b4ca8b09)>>58]) +} diff --git a/vendor/github.com/willf/bitset/trailing_zeros_19.go b/vendor/github.com/willf/bitset/trailing_zeros_19.go new file mode 100644 index 000000000000..36a988e714d1 --- /dev/null +++ b/vendor/github.com/willf/bitset/trailing_zeros_19.go @@ -0,0 +1,9 @@ +// +build go1.9 + +package bitset + +import "math/bits" + +func trailingZeroes64(v uint64) uint { + return uint(bits.TrailingZeros64(v)) +} diff --git a/vendor/go.etcd.io/etcd/auth/jwt.go b/vendor/go.etcd.io/etcd/auth/jwt.go index c22ef898a14d..52cafe4aafb1 100644 --- a/vendor/go.etcd.io/etcd/auth/jwt.go +++ b/vendor/go.etcd.io/etcd/auth/jwt.go @@ -105,7 +105,7 @@ func (t *tokenJWT) assign(ctx context.Context, username string, revision uint64) token, err := tk.SignedString(t.key) if err != nil { if t.lg != nil { - t.lg.Warn( + t.lg.Debug( "failed to sign a JWT token", zap.String("user-name", username), zap.Uint64("revision", revision), @@ -118,7 +118,7 @@ func (t *tokenJWT) assign(ctx context.Context, username string, revision uint64) } if t.lg != nil { - t.lg.Info( + t.lg.Debug( "created/assigned a new JWT token", zap.String("user-name", username), zap.Uint64("revision", revision), @@ -136,7 +136,7 @@ func newTokenProviderJWT(lg *zap.Logger, optMap map[string]string) (*tokenJWT, e err = opts.ParseWithDefaults(optMap) if err != nil { if lg != nil { - lg.Warn("problem loading JWT options", zap.Error(err)) + lg.Error("problem loading JWT options", zap.Error(err)) } else { plog.Errorf("problem loading JWT options: %s", err) } diff --git a/vendor/go.etcd.io/etcd/auth/metrics.go b/vendor/go.etcd.io/etcd/auth/metrics.go new file mode 100644 index 000000000000..fe0d28e22d50 --- /dev/null +++ b/vendor/go.etcd.io/etcd/auth/metrics.go @@ -0,0 +1,42 @@ +// Copyright 2015 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package auth + +import ( + "github.com/prometheus/client_golang/prometheus" + "sync" +) + +var ( + currentAuthRevision = prometheus.NewGaugeFunc(prometheus.GaugeOpts{ + Namespace: "etcd_debugging", + Subsystem: "auth", + Name: "revision", + Help: "The current revision of auth store.", + }, + func() float64 { + reportCurrentAuthRevMu.RLock() + defer reportCurrentAuthRevMu.RUnlock() + return reportCurrentAuthRev() + }, + ) + // overridden by auth store initialization + reportCurrentAuthRevMu sync.RWMutex + reportCurrentAuthRev = func() float64 { return 0 } +) + +func init() { + prometheus.MustRegister(currentAuthRevision) +} diff --git a/vendor/go.etcd.io/etcd/auth/simple_token.go b/vendor/go.etcd.io/etcd/auth/simple_token.go index 934978c9857e..a9dc5b715f62 100644 --- a/vendor/go.etcd.io/etcd/auth/simple_token.go +++ b/vendor/go.etcd.io/etcd/auth/simple_token.go @@ -37,7 +37,7 @@ const ( // var for testing purposes var ( - simpleTokenTTL = 5 * time.Minute + simpleTokenTTLDefault = 300 * time.Second simpleTokenTTLResolution = 1 * time.Second ) @@ -47,6 +47,7 @@ type simpleTokenTTLKeeper struct { stopc chan struct{} deleteTokenFunc func(string) mu *sync.Mutex + simpleTokenTTL time.Duration } func (tm *simpleTokenTTLKeeper) stop() { @@ -58,12 +59,12 @@ func (tm *simpleTokenTTLKeeper) stop() { } func (tm *simpleTokenTTLKeeper) addSimpleToken(token string) { - tm.tokens[token] = time.Now().Add(simpleTokenTTL) + tm.tokens[token] = time.Now().Add(tm.simpleTokenTTL) } func (tm *simpleTokenTTLKeeper) resetSimpleToken(token string) { if _, ok := tm.tokens[token]; ok { - tm.tokens[token] = time.Now().Add(simpleTokenTTL) + tm.tokens[token] = time.Now().Add(tm.simpleTokenTTL) } } @@ -101,6 +102,7 @@ type tokenSimple struct { simpleTokenKeeper *simpleTokenTTLKeeper simpleTokensMu sync.Mutex simpleTokens map[string]string // token -> username + simpleTokenTTL time.Duration } func (t *tokenSimple) genTokenPrefix() (string, error) { @@ -157,6 +159,10 @@ func (t *tokenSimple) invalidateUser(username string) { } func (t *tokenSimple) enable() { + if t.simpleTokenTTL <= 0 { + t.simpleTokenTTL = simpleTokenTTLDefault + } + delf := func(tk string) { if username, ok := t.simpleTokens[tk]; ok { if t.lg != nil { @@ -177,6 +183,7 @@ func (t *tokenSimple) enable() { stopc: make(chan struct{}), deleteTokenFunc: delf, mu: &t.simpleTokensMu, + simpleTokenTTL: t.simpleTokenTTL, } go t.simpleTokenKeeper.run() } @@ -234,10 +241,14 @@ func (t *tokenSimple) isValidSimpleToken(ctx context.Context, token string) bool return false } -func newTokenProviderSimple(lg *zap.Logger, indexWaiter func(uint64) <-chan struct{}) *tokenSimple { +func newTokenProviderSimple(lg *zap.Logger, indexWaiter func(uint64) <-chan struct{}, TokenTTL time.Duration) *tokenSimple { + if lg == nil { + lg = zap.NewNop() + } return &tokenSimple{ - lg: lg, - simpleTokens: make(map[string]string), - indexWaiter: indexWaiter, + lg: lg, + simpleTokens: make(map[string]string), + indexWaiter: indexWaiter, + simpleTokenTTL: TokenTTL, } } diff --git a/vendor/go.etcd.io/etcd/auth/store.go b/vendor/go.etcd.io/etcd/auth/store.go index 52122554a19e..ba1d95ff2ca4 100644 --- a/vendor/go.etcd.io/etcd/auth/store.go +++ b/vendor/go.etcd.io/etcd/auth/store.go @@ -23,6 +23,7 @@ import ( "strings" "sync" "sync/atomic" + "time" "go.etcd.io/etcd/auth/authpb" "go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes" @@ -59,6 +60,7 @@ var ( ErrRoleNotFound = errors.New("auth: role not found") ErrRoleEmpty = errors.New("auth: role name is empty") ErrAuthFailed = errors.New("auth: authentication failed, invalid user ID or password") + ErrNoPasswordUser = errors.New("auth: authentication failed, password was given for no password user") ErrPermissionDenied = errors.New("auth: permission denied") ErrRoleNotGranted = errors.New("auth: role is not granted to the user") ErrPermissionNotGranted = errors.New("auth: permission is not granted to the role") @@ -94,6 +96,9 @@ type AuthenticateParamIndex struct{} // AuthenticateParamSimpleTokenPrefix is used for a key of context in the parameters of Authenticate() type AuthenticateParamSimpleTokenPrefix struct{} +// saveConsistentIndexFunc is used to sync consistentIndex to backend, now reusing store.saveIndex +type saveConsistentIndexFunc func(tx backend.BatchTx) + // AuthStore defines auth storage interface. type AuthStore interface { // AuthEnable turns on the authentication feature @@ -186,6 +191,9 @@ type AuthStore interface { // HasRole checks that user has role HasRole(user, role string) bool + + // SetConsistentIndexSyncer sets consistentIndex syncer + SetConsistentIndexSyncer(syncer saveConsistentIndexFunc) } type TokenProvider interface { @@ -209,10 +217,14 @@ type authStore struct { rangePermCache map[string]*unifiedRangePermissions // username -> unifiedRangePermissions - tokenProvider TokenProvider - bcryptCost int // the algorithm cost / strength for hashing auth passwords + tokenProvider TokenProvider + syncConsistentIndex saveConsistentIndexFunc + bcryptCost int // the algorithm cost / strength for hashing auth passwords } +func (as *authStore) SetConsistentIndexSyncer(syncer saveConsistentIndexFunc) { + as.syncConsistentIndex = syncer +} func (as *authStore) AuthEnable() error { as.enabledMu.Lock() defer as.enabledMu.Unlock() @@ -269,6 +281,7 @@ func (as *authStore) AuthDisable() { tx.Lock() tx.UnsafePut(authBucketName, enableFlagKey, authDisabled) as.commitRevision(tx) + as.saveConsistentIndex(tx) tx.Unlock() b.ForceCommit() @@ -306,7 +319,7 @@ func (as *authStore) Authenticate(ctx context.Context, username, password string return nil, ErrAuthFailed } - if user.Options.NoPassword { + if user.Options != nil && user.Options.NoPassword { return nil, ErrAuthFailed } @@ -335,17 +348,27 @@ func (as *authStore) CheckPassword(username, password string) (uint64, error) { return 0, ErrAuthNotEnabled } - tx := as.be.BatchTx() - tx.Lock() - defer tx.Unlock() + var user *authpb.User + // CompareHashAndPassword is very expensive, so we use closures + // to avoid putting it in the critical section of the tx lock. + revision, err := func() (uint64, error) { + tx := as.be.BatchTx() + tx.Lock() + defer tx.Unlock() - user := getUser(as.lg, tx, username) - if user == nil { - return 0, ErrAuthFailed - } + user = getUser(as.lg, tx, username) + if user == nil { + return 0, ErrAuthFailed + } - if user.Options.NoPassword { - return 0, ErrAuthFailed + if user.Options != nil && user.Options.NoPassword { + return 0, ErrNoPasswordUser + } + + return getRevision(tx), nil + }() + if err != nil { + return 0, err } if bcrypt.CompareHashAndPassword(user.Password, []byte(password)) != nil { @@ -356,7 +379,7 @@ func (as *authStore) CheckPassword(username, password string) (uint64, error) { } return 0, ErrAuthFailed } - return getRevision(tx), nil + return revision, nil } func (as *authStore) Recover(be backend.Backend) { @@ -388,7 +411,8 @@ func (as *authStore) UserAdd(r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, var hashed []byte var err error - if r.Options != nil && !r.Options.NoPassword { + noPassword := r.Options != nil && r.Options.NoPassword + if !noPassword { hashed, err = bcrypt.GenerateFromPassword([]byte(r.Password), as.bcryptCost) if err != nil { if as.lg != nil { @@ -429,6 +453,7 @@ func (as *authStore) UserAdd(r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, putUser(as.lg, tx, newUser) as.commitRevision(tx) + as.saveConsistentIndex(tx) if as.lg != nil { as.lg.Info("added a user", zap.String("user-name", r.Name)) @@ -460,6 +485,7 @@ func (as *authStore) UserDelete(r *pb.AuthUserDeleteRequest) (*pb.AuthUserDelete delUser(tx, r.Name) as.commitRevision(tx) + as.saveConsistentIndex(tx) as.invalidateCachedPerm(r.Name) as.tokenProvider.invalidateUser(r.Name) @@ -512,6 +538,7 @@ func (as *authStore) UserChangePassword(r *pb.AuthUserChangePasswordRequest) (*p putUser(as.lg, tx, updatedUser) as.commitRevision(tx) + as.saveConsistentIndex(tx) as.invalidateCachedPerm(r.Name) as.tokenProvider.invalidateUser(r.Name) @@ -568,6 +595,7 @@ func (as *authStore) UserGrantRole(r *pb.AuthUserGrantRoleRequest) (*pb.AuthUser as.invalidateCachedPerm(r.User) as.commitRevision(tx) + as.saveConsistentIndex(tx) if as.lg != nil { as.lg.Info( @@ -654,6 +682,7 @@ func (as *authStore) UserRevokeRole(r *pb.AuthUserRevokeRoleRequest) (*pb.AuthUs as.invalidateCachedPerm(r.Name) as.commitRevision(tx) + as.saveConsistentIndex(tx) if as.lg != nil { as.lg.Info( @@ -728,6 +757,7 @@ func (as *authStore) RoleRevokePermission(r *pb.AuthRoleRevokePermissionRequest) as.clearCachedPerm() as.commitRevision(tx) + as.saveConsistentIndex(tx) if as.lg != nil { as.lg.Info( @@ -787,6 +817,7 @@ func (as *authStore) RoleDelete(r *pb.AuthRoleDeleteRequest) (*pb.AuthRoleDelete } as.commitRevision(tx) + as.saveConsistentIndex(tx) if as.lg != nil { as.lg.Info("deleted a role", zap.String("role-name", r.Role)) @@ -817,6 +848,7 @@ func (as *authStore) RoleAdd(r *pb.AuthRoleAddRequest) (*pb.AuthRoleAddResponse, putRole(as.lg, tx, newRole) as.commitRevision(tx) + as.saveConsistentIndex(tx) if as.lg != nil { as.lg.Info("created a role", zap.String("role-name", r.Name)) @@ -880,6 +912,7 @@ func (as *authStore) RoleGrantPermission(r *pb.AuthRoleGrantPermissionRequest) ( as.clearCachedPerm() as.commitRevision(tx) + as.saveConsistentIndex(tx) if as.lg != nil { as.lg.Info( @@ -903,8 +936,21 @@ func (as *authStore) isOpPermitted(userName string, revision uint64, key, rangeE if revision == 0 { return ErrUserEmpty } - - if revision < as.Revision() { + rev := as.Revision() + if revision < rev { + if as.lg != nil { + as.lg.Warn("request auth revision is less than current node auth revision", + zap.Uint64("current node auth revision", rev), + zap.Uint64("request auth revision", revision), + zap.ByteString("request key", key), + zap.Error(ErrAuthOldRevision)) + } else { + plog.Warningf("request auth revision is less than current node auth revision,"+ + "current node auth revision is %d,"+ + "request auth revision is %d,"+ + "request key is %s, "+ + "err is %v", rev, revision, key, ErrAuthOldRevision) + } return ErrAuthOldRevision } @@ -950,7 +996,7 @@ func (as *authStore) IsAdminPermitted(authInfo *AuthInfo) error { if !as.IsAuthEnabled() { return nil } - if authInfo == nil { + if authInfo == nil || authInfo.Username == "" { return ErrUserEmpty } @@ -1144,6 +1190,8 @@ func NewAuthStore(lg *zap.Logger, be backend.Backend, tp TokenProvider, bcryptCo as.commitRevision(tx) } + as.setupMetricsReporter() + tx.Unlock() be.ForceCommit() @@ -1305,7 +1353,8 @@ func decomposeOpts(lg *zap.Logger, optstr string) (string, map[string]string, er func NewTokenProvider( lg *zap.Logger, tokenOpts string, - indexWaiter func(uint64) <-chan struct{}) (TokenProvider, error) { + indexWaiter func(uint64) <-chan struct{}, + TokenTTL time.Duration) (TokenProvider, error) { tokenType, typeSpecificOpts, err := decomposeOpts(lg, tokenOpts) if err != nil { return nil, ErrInvalidAuthOpts @@ -1318,7 +1367,7 @@ func NewTokenProvider( } else { plog.Warningf("simple token is not cryptographically signed") } - return newTokenProviderSimple(lg, indexWaiter), nil + return newTokenProviderSimple(lg, indexWaiter, TokenTTL), nil case tokenTypeJWT: return newTokenProviderJWT(lg, typeSpecificOpts) @@ -1418,3 +1467,23 @@ func (as *authStore) HasRole(user, role string) bool { func (as *authStore) BcryptCost() int { return as.bcryptCost } + +func (as *authStore) saveConsistentIndex(tx backend.BatchTx) { + if as.syncConsistentIndex != nil { + as.syncConsistentIndex(tx) + } else { + if as.lg != nil { + as.lg.Error("failed to save consistentIndex,syncConsistentIndex is nil") + } else { + plog.Error("failed to save consistentIndex,syncConsistentIndex is nil") + } + } +} + +func (as *authStore) setupMetricsReporter() { + reportCurrentAuthRevMu.Lock() + reportCurrentAuthRev = func() float64 { + return float64(as.Revision()) + } + reportCurrentAuthRevMu.Unlock() +} diff --git a/vendor/go.etcd.io/etcd/clientv3/balancer/picker/err.go b/vendor/go.etcd.io/etcd/clientv3/balancer/picker/err.go index 9e043789c8df..f4b941d6529e 100644 --- a/vendor/go.etcd.io/etcd/clientv3/balancer/picker/err.go +++ b/vendor/go.etcd.io/etcd/clientv3/balancer/picker/err.go @@ -34,6 +34,6 @@ func (ep *errPicker) String() string { return ep.p.String() } -func (ep *errPicker) Pick(context.Context, balancer.PickOptions) (balancer.SubConn, func(balancer.DoneInfo), error) { +func (ep *errPicker) Pick(context.Context, balancer.PickInfo) (balancer.SubConn, func(balancer.DoneInfo), error) { return nil, nil, ep.err } diff --git a/vendor/go.etcd.io/etcd/clientv3/balancer/picker/roundrobin_balanced.go b/vendor/go.etcd.io/etcd/clientv3/balancer/picker/roundrobin_balanced.go index 1b8b28573782..e3971ecc4210 100644 --- a/vendor/go.etcd.io/etcd/clientv3/balancer/picker/roundrobin_balanced.go +++ b/vendor/go.etcd.io/etcd/clientv3/balancer/picker/roundrobin_balanced.go @@ -52,7 +52,7 @@ type rrBalanced struct { func (rb *rrBalanced) String() string { return rb.p.String() } // Pick is called for every client request. -func (rb *rrBalanced) Pick(ctx context.Context, opts balancer.PickOptions) (balancer.SubConn, func(balancer.DoneInfo), error) { +func (rb *rrBalanced) Pick(ctx context.Context, opts balancer.PickInfo) (balancer.SubConn, func(balancer.DoneInfo), error) { rb.mu.RLock() n := len(rb.scs) rb.mu.RUnlock() diff --git a/vendor/go.etcd.io/etcd/clientv3/balancer/resolver/endpoint/endpoint.go b/vendor/go.etcd.io/etcd/clientv3/balancer/resolver/endpoint/endpoint.go index 864b5df6426f..2837bd4180bd 100644 --- a/vendor/go.etcd.io/etcd/clientv3/balancer/resolver/endpoint/endpoint.go +++ b/vendor/go.etcd.io/etcd/clientv3/balancer/resolver/endpoint/endpoint.go @@ -111,7 +111,7 @@ func (e *ResolverGroup) Close() { } // Build creates or reuses an etcd resolver for the etcd cluster name identified by the authority part of the target. -func (b *builder) Build(target resolver.Target, cc resolver.ClientConn, opts resolver.BuildOption) (resolver.Resolver, error) { +func (b *builder) Build(target resolver.Target, cc resolver.ClientConn, opts resolver.BuildOptions) (resolver.Resolver, error) { if len(target.Authority) < 1 { return nil, fmt.Errorf("'etcd' target scheme requires non-empty authority identifying etcd cluster being routed to") } @@ -179,7 +179,7 @@ func epsToAddrs(eps ...string) (addrs []resolver.Address) { return addrs } -func (*Resolver) ResolveNow(o resolver.ResolveNowOption) {} +func (*Resolver) ResolveNow(o resolver.ResolveNowOptions) {} func (r *Resolver) Close() { es, err := bldr.getResolverGroup(r.endpointID) diff --git a/vendor/go.etcd.io/etcd/clientv3/client.go b/vendor/go.etcd.io/etcd/clientv3/client.go index 215e05479809..a35ec679a029 100644 --- a/vendor/go.etcd.io/etcd/clientv3/client.go +++ b/vendor/go.etcd.io/etcd/clientv3/client.go @@ -37,7 +37,6 @@ import ( "google.golang.org/grpc/codes" grpccredentials "google.golang.org/grpc/credentials" "google.golang.org/grpc/keepalive" - "google.golang.org/grpc/metadata" "google.golang.org/grpc/status" ) @@ -397,13 +396,6 @@ func (c *Client) dialWithBalancerCreds(ep string) grpccredentials.TransportCrede return creds } -// WithRequireLeader requires client requests to only succeed -// when the cluster has a leader. -func WithRequireLeader(ctx context.Context) context.Context { - md := metadata.Pairs(rpctypes.MetadataRequireLeaderKey, rpctypes.MetadataHasLeader) - return metadata.NewOutgoingContext(ctx, md) -} - func newClient(cfg *Config) (*Client, error) { if cfg == nil { cfg = &Config{} diff --git a/vendor/go.etcd.io/etcd/clientv3/ctx.go b/vendor/go.etcd.io/etcd/clientv3/ctx.go new file mode 100644 index 000000000000..542219837bbc --- /dev/null +++ b/vendor/go.etcd.io/etcd/clientv3/ctx.go @@ -0,0 +1,64 @@ +// Copyright 2020 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package clientv3 + +import ( + "context" + "strings" + + "go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes" + "go.etcd.io/etcd/version" + "google.golang.org/grpc/metadata" +) + +// WithRequireLeader requires client requests to only succeed +// when the cluster has a leader. +func WithRequireLeader(ctx context.Context) context.Context { + md, ok := metadata.FromOutgoingContext(ctx) + if !ok { // no outgoing metadata ctx key, create one + md = metadata.Pairs(rpctypes.MetadataRequireLeaderKey, rpctypes.MetadataHasLeader) + return metadata.NewOutgoingContext(ctx, md) + } + copied := md.Copy() // avoid racey updates + // overwrite/add 'hasleader' key/value + metadataSet(copied, rpctypes.MetadataRequireLeaderKey, rpctypes.MetadataHasLeader) + return metadata.NewOutgoingContext(ctx, copied) +} + +// embeds client version +func withVersion(ctx context.Context) context.Context { + md, ok := metadata.FromOutgoingContext(ctx) + if !ok { // no outgoing metadata ctx key, create one + md = metadata.Pairs(rpctypes.MetadataClientAPIVersionKey, version.APIVersion) + return metadata.NewOutgoingContext(ctx, md) + } + copied := md.Copy() // avoid racey updates + // overwrite/add version key/value + metadataSet(copied, rpctypes.MetadataClientAPIVersionKey, version.APIVersion) + return metadata.NewOutgoingContext(ctx, copied) +} + +func metadataGet(md metadata.MD, k string) []string { + k = strings.ToLower(k) + return md[k] +} + +func metadataSet(md metadata.MD, k string, vals ...string) { + if len(vals) == 0 { + return + } + k = strings.ToLower(k) + md[k] = vals +} diff --git a/vendor/go.etcd.io/etcd/clientv3/maintenance.go b/vendor/go.etcd.io/etcd/clientv3/maintenance.go index 744455a3b36d..809b8a3b4ba4 100644 --- a/vendor/go.etcd.io/etcd/clientv3/maintenance.go +++ b/vendor/go.etcd.io/etcd/clientv3/maintenance.go @@ -20,6 +20,7 @@ import ( "io" pb "go.etcd.io/etcd/etcdserver/etcdserverpb" + "go.uber.org/zap" "google.golang.org/grpc" ) @@ -68,6 +69,7 @@ type Maintenance interface { } type maintenance struct { + lg *zap.Logger dial func(endpoint string) (pb.MaintenanceClient, func(), error) remote pb.MaintenanceClient callOpts []grpc.CallOption @@ -75,6 +77,7 @@ type maintenance struct { func NewMaintenance(c *Client) Maintenance { api := &maintenance{ + lg: c.lg, dial: func(endpoint string) (pb.MaintenanceClient, func(), error) { conn, err := c.Dial(endpoint) if err != nil { @@ -93,6 +96,7 @@ func NewMaintenance(c *Client) Maintenance { func NewMaintenanceFromMaintenanceClient(remote pb.MaintenanceClient, c *Client) Maintenance { api := &maintenance{ + lg: c.lg, dial: func(string) (pb.MaintenanceClient, func(), error) { return remote, func() {}, nil }, @@ -193,23 +197,32 @@ func (m *maintenance) Snapshot(ctx context.Context) (io.ReadCloser, error) { return nil, toErr(ctx, err) } + m.lg.Info("opened snapshot stream; downloading") pr, pw := io.Pipe() go func() { for { resp, err := ss.Recv() if err != nil { + switch err { + case io.EOF: + m.lg.Info("completed snapshot read; closing") + default: + m.lg.Warn("failed to receive from snapshot stream; closing", zap.Error(err)) + } pw.CloseWithError(err) return } - if resp == nil && err == nil { - break - } + + // can "resp == nil && err == nil" + // before we receive snapshot SHA digest? + // No, server sends EOF with an empty response + // after it sends SHA digest at the end + if _, werr := pw.Write(resp.Blob); werr != nil { pw.CloseWithError(werr) return } } - pw.Close() }() return &snapshotReadCloser{ctx: ctx, ReadCloser: pr}, nil } diff --git a/vendor/go.etcd.io/etcd/clientv3/retry_interceptor.go b/vendor/go.etcd.io/etcd/clientv3/retry_interceptor.go index 080490ae2929..2c266e55bec0 100644 --- a/vendor/go.etcd.io/etcd/clientv3/retry_interceptor.go +++ b/vendor/go.etcd.io/etcd/clientv3/retry_interceptor.go @@ -38,6 +38,7 @@ import ( func (c *Client) unaryClientInterceptor(logger *zap.Logger, optFuncs ...retryOption) grpc.UnaryClientInterceptor { intOpts := reuseOrNewWithCallOptions(defaultOptions, optFuncs) return func(ctx context.Context, method string, req, reply interface{}, cc *grpc.ClientConn, invoker grpc.UnaryInvoker, opts ...grpc.CallOption) error { + ctx = withVersion(ctx) grpcOpts, retryOpts := filterCallOptions(opts) callOpts := reuseOrNewWithCallOptions(intOpts, retryOpts) // short circuit for simplicity, and avoiding allocations. @@ -103,6 +104,7 @@ func (c *Client) unaryClientInterceptor(logger *zap.Logger, optFuncs ...retryOpt func (c *Client) streamClientInterceptor(logger *zap.Logger, optFuncs ...retryOption) grpc.StreamClientInterceptor { intOpts := reuseOrNewWithCallOptions(defaultOptions, optFuncs) return func(ctx context.Context, desc *grpc.StreamDesc, cc *grpc.ClientConn, method string, streamer grpc.Streamer, opts ...grpc.CallOption) (grpc.ClientStream, error) { + ctx = withVersion(ctx) grpcOpts, retryOpts := filterCallOptions(opts) callOpts := reuseOrNewWithCallOptions(intOpts, retryOpts) // short circuit for simplicity, and avoiding allocations. @@ -113,10 +115,9 @@ func (c *Client) streamClientInterceptor(logger *zap.Logger, optFuncs ...retryOp return nil, status.Errorf(codes.Unimplemented, "clientv3/retry_interceptor: cannot retry on ClientStreams, set Disable()") } newStreamer, err := streamer(ctx, desc, cc, method, grpcOpts...) - logger.Warn("retry stream intercept", zap.Error(err)) if err != nil { - // TODO(mwitkow): Maybe dial and transport errors should be retriable? - return nil, err + logger.Error("streamer failed to create ClientStream", zap.Error(err)) + return nil, err // TODO(mwitkow): Maybe dial and transport errors should be retriable? } retryingStreamer := &serverStreamingRetryingStream{ client: c, @@ -185,6 +186,7 @@ func (s *serverStreamingRetryingStream) RecvMsg(m interface{}) error { if !attemptRetry { return lastErr // success or hard failure } + // We start off from attempt 1, because zeroth was already made on normal SendMsg(). for attempt := uint(1); attempt < s.callOpts.max; attempt++ { if err := waitRetryBackoff(s.ctx, attempt, s.callOpts); err != nil { @@ -192,12 +194,13 @@ func (s *serverStreamingRetryingStream) RecvMsg(m interface{}) error { } newStream, err := s.reestablishStreamAndResendBuffer(s.ctx) if err != nil { - // TODO(mwitkow): Maybe dial and transport errors should be retriable? - return err + s.client.lg.Error("failed reestablishStreamAndResendBuffer", zap.Error(err)) + return err // TODO(mwitkow): Maybe dial and transport errors should be retriable? } s.setStream(newStream) + + s.client.lg.Warn("retrying RecvMsg", zap.Error(lastErr)) attemptRetry, lastErr = s.receiveMsgAndIndicateRetry(m) - //fmt.Printf("Received message and indicate: %v %v\n", attemptRetry, lastErr) if !attemptRetry { return lastErr } diff --git a/vendor/go.etcd.io/etcd/clientv3/watch.go b/vendor/go.etcd.io/etcd/clientv3/watch.go index 87d222d1d689..66e16ad63fe9 100644 --- a/vendor/go.etcd.io/etcd/clientv3/watch.go +++ b/vendor/go.etcd.io/etcd/clientv3/watch.go @@ -25,6 +25,7 @@ import ( pb "go.etcd.io/etcd/etcdserver/etcdserverpb" mvccpb "go.etcd.io/etcd/mvcc/mvccpb" + "go.uber.org/zap" "google.golang.org/grpc" "google.golang.org/grpc/codes" "google.golang.org/grpc/metadata" @@ -140,6 +141,7 @@ type watcher struct { // streams holds all the active grpc streams keyed by ctx value. streams map[string]*watchGrpcStream + lg *zap.Logger } // watchGrpcStream tracks all watch resources attached to a single grpc stream. @@ -176,6 +178,8 @@ type watchGrpcStream struct { resumec chan struct{} // closeErr is the error that closed the watch stream closeErr error + + lg *zap.Logger } // watchStreamRequest is a union of the supported watch request operation types @@ -242,6 +246,7 @@ func NewWatchFromWatchClient(wc pb.WatchClient, c *Client) Watcher { } if c != nil { w.callOpts = c.callOpts + w.lg = c.lg } return w } @@ -273,6 +278,7 @@ func (w *watcher) newWatcherGrpcStream(inctx context.Context) *watchGrpcStream { errc: make(chan error, 1), closingc: make(chan *watcherStream), resumec: make(chan struct{}), + lg: w.lg, } go wgs.run() return wgs @@ -544,10 +550,18 @@ func (w *watchGrpcStream) run() { w.resuming = append(w.resuming, ws) if len(w.resuming) == 1 { // head of resume queue, can register a new watcher - wc.Send(ws.initReq.toPB()) + if err := wc.Send(ws.initReq.toPB()); err != nil { + if w.lg != nil { + w.lg.Debug("error when sending request", zap.Error(err)) + } + } } case *progressRequest: - wc.Send(wreq.toPB()) + if err := wc.Send(wreq.toPB()); err != nil { + if w.lg != nil { + w.lg.Debug("error when sending request", zap.Error(err)) + } + } } // new events from the watch client @@ -571,7 +585,11 @@ func (w *watchGrpcStream) run() { } if ws := w.nextResume(); ws != nil { - wc.Send(ws.initReq.toPB()) + if err := wc.Send(ws.initReq.toPB()); err != nil { + if w.lg != nil { + w.lg.Debug("error when sending request", zap.Error(err)) + } + } } // reset for next iteration @@ -616,7 +634,14 @@ func (w *watchGrpcStream) run() { }, } req := &pb.WatchRequest{RequestUnion: cr} - wc.Send(req) + if w.lg != nil { + w.lg.Debug("sending watch cancel request for failed dispatch", zap.Int64("watch-id", pbresp.WatchId)) + } + if err := wc.Send(req); err != nil { + if w.lg != nil { + w.lg.Debug("failed to send watch cancel request", zap.Int64("watch-id", pbresp.WatchId), zap.Error(err)) + } + } } // watch client failed on Recv; spawn another if possible @@ -629,7 +654,11 @@ func (w *watchGrpcStream) run() { return } if ws := w.nextResume(); ws != nil { - wc.Send(ws.initReq.toPB()) + if err := wc.Send(ws.initReq.toPB()); err != nil { + if w.lg != nil { + w.lg.Debug("error when sending request", zap.Error(err)) + } + } } cancelSet = make(map[int64]struct{}) @@ -637,6 +666,25 @@ func (w *watchGrpcStream) run() { return case ws := <-w.closingc: + if ws.id != -1 { + // client is closing an established watch; close it on the server proactively instead of waiting + // to close when the next message arrives + cancelSet[ws.id] = struct{}{} + cr := &pb.WatchRequest_CancelRequest{ + CancelRequest: &pb.WatchCancelRequest{ + WatchId: ws.id, + }, + } + req := &pb.WatchRequest{RequestUnion: cr} + if w.lg != nil { + w.lg.Debug("sending watch cancel request for closed watcher", zap.Int64("watch-id", ws.id)) + } + if err := wc.Send(req); err != nil { + if w.lg != nil { + w.lg.Debug("failed to send watch cancel request", zap.Int64("watch-id", ws.id), zap.Error(err)) + } + } + } w.closeSubstream(ws) delete(closing, ws) // no more watchers on this stream, shutdown diff --git a/vendor/go.etcd.io/etcd/embed/config.go b/vendor/go.etcd.io/etcd/embed/config.go index 2f64d927f2af..9bbfbaebb87d 100644 --- a/vendor/go.etcd.io/etcd/embed/config.go +++ b/vendor/go.etcd.io/etcd/embed/config.go @@ -273,14 +273,18 @@ type Config struct { AuthToken string `json:"auth-token"` BcryptCost uint `json:"bcrypt-cost"` + //The AuthTokenTTL in seconds of the simple token + AuthTokenTTL uint `json:"auth-token-ttl"` + ExperimentalInitialCorruptCheck bool `json:"experimental-initial-corrupt-check"` ExperimentalCorruptCheckTime time.Duration `json:"experimental-corrupt-check-time"` ExperimentalEnableV2V3 string `json:"experimental-enable-v2v3"` // ExperimentalBackendFreelistType specifies the type of freelist that boltdb backend uses (array and map are supported types). ExperimentalBackendFreelistType string `json:"experimental-backend-bbolt-freelist-type"` // ExperimentalEnableLeaseCheckpoint enables primary lessor to persist lease remainingTTL to prevent indefinite auto-renewal of long lived leases. - ExperimentalEnableLeaseCheckpoint bool `json:"experimental-enable-lease-checkpoint"` - ExperimentalCompactionBatchLimit int `json:"experimental-compaction-batch-limit"` + ExperimentalEnableLeaseCheckpoint bool `json:"experimental-enable-lease-checkpoint"` + ExperimentalCompactionBatchLimit int `json:"experimental-compaction-batch-limit"` + ExperimentalWatchProgressNotifyInterval time.Duration `json:"experimental-watch-progress-notify-interval"` // ForceNewCluster starts a new cluster even if previously started; unsafe. ForceNewCluster bool `json:"force-new-cluster"` @@ -335,6 +339,10 @@ type Config struct { // Only valid if "logger" option is "capnslog". // WARN: DO NOT USE THIS! LogPkgLevels string `json:"log-package-levels"` + + // UnsafeNoFsync disables all uses of fsync. + // Setting this is unsafe and will cause data loss. + UnsafeNoFsync bool `json:"unsafe-no-fsync"` } // configYAML holds the config suitable for yaml parsing @@ -406,8 +414,9 @@ func NewConfig() *Config { CORS: map[string]struct{}{"*": {}}, HostWhitelist: map[string]struct{}{"*": {}}, - AuthToken: "simple", - BcryptCost: uint(bcrypt.DefaultCost), + AuthToken: "simple", + BcryptCost: uint(bcrypt.DefaultCost), + AuthTokenTTL: 300, PreVote: false, // TODO: enable by default in v3.5 diff --git a/vendor/go.etcd.io/etcd/embed/etcd.go b/vendor/go.etcd.io/etcd/embed/etcd.go index ac7dbc987fb7..309ef78aa96a 100644 --- a/vendor/go.etcd.io/etcd/embed/etcd.go +++ b/vendor/go.etcd.io/etcd/embed/etcd.go @@ -162,50 +162,53 @@ func StartEtcd(inCfg *Config) (e *Etcd, err error) { backendFreelistType := parseBackendFreelistType(cfg.ExperimentalBackendFreelistType) srvcfg := etcdserver.ServerConfig{ - Name: cfg.Name, - ClientURLs: cfg.ACUrls, - PeerURLs: cfg.APUrls, - DataDir: cfg.Dir, - DedicatedWALDir: cfg.WalDir, - SnapshotCount: cfg.SnapshotCount, - SnapshotCatchUpEntries: cfg.SnapshotCatchUpEntries, - MaxSnapFiles: cfg.MaxSnapFiles, - MaxWALFiles: cfg.MaxWalFiles, - InitialPeerURLsMap: urlsmap, - InitialClusterToken: token, - DiscoveryURL: cfg.Durl, - DiscoveryProxy: cfg.Dproxy, - NewCluster: cfg.IsNewCluster(), - PeerTLSInfo: cfg.PeerTLSInfo, - TickMs: cfg.TickMs, - ElectionTicks: cfg.ElectionTicks(), - InitialElectionTickAdvance: cfg.InitialElectionTickAdvance, - AutoCompactionRetention: autoCompactionRetention, - AutoCompactionMode: cfg.AutoCompactionMode, - QuotaBackendBytes: cfg.QuotaBackendBytes, - BackendBatchLimit: cfg.BackendBatchLimit, - BackendFreelistType: backendFreelistType, - BackendBatchInterval: cfg.BackendBatchInterval, - MaxTxnOps: cfg.MaxTxnOps, - MaxRequestBytes: cfg.MaxRequestBytes, - StrictReconfigCheck: cfg.StrictReconfigCheck, - ClientCertAuthEnabled: cfg.ClientTLSInfo.ClientCertAuth, - AuthToken: cfg.AuthToken, - BcryptCost: cfg.BcryptCost, - CORS: cfg.CORS, - HostWhitelist: cfg.HostWhitelist, - InitialCorruptCheck: cfg.ExperimentalInitialCorruptCheck, - CorruptCheckTime: cfg.ExperimentalCorruptCheckTime, - PreVote: cfg.PreVote, - Logger: cfg.logger, - LoggerConfig: cfg.loggerConfig, - LoggerCore: cfg.loggerCore, - LoggerWriteSyncer: cfg.loggerWriteSyncer, - Debug: cfg.Debug, - ForceNewCluster: cfg.ForceNewCluster, - EnableGRPCGateway: cfg.EnableGRPCGateway, - EnableLeaseCheckpoint: cfg.ExperimentalEnableLeaseCheckpoint, - CompactionBatchLimit: cfg.ExperimentalCompactionBatchLimit, + Name: cfg.Name, + ClientURLs: cfg.ACUrls, + PeerURLs: cfg.APUrls, + DataDir: cfg.Dir, + DedicatedWALDir: cfg.WalDir, + SnapshotCount: cfg.SnapshotCount, + SnapshotCatchUpEntries: cfg.SnapshotCatchUpEntries, + MaxSnapFiles: cfg.MaxSnapFiles, + MaxWALFiles: cfg.MaxWalFiles, + InitialPeerURLsMap: urlsmap, + InitialClusterToken: token, + DiscoveryURL: cfg.Durl, + DiscoveryProxy: cfg.Dproxy, + NewCluster: cfg.IsNewCluster(), + PeerTLSInfo: cfg.PeerTLSInfo, + TickMs: cfg.TickMs, + ElectionTicks: cfg.ElectionTicks(), + InitialElectionTickAdvance: cfg.InitialElectionTickAdvance, + AutoCompactionRetention: autoCompactionRetention, + AutoCompactionMode: cfg.AutoCompactionMode, + QuotaBackendBytes: cfg.QuotaBackendBytes, + BackendBatchLimit: cfg.BackendBatchLimit, + BackendFreelistType: backendFreelistType, + BackendBatchInterval: cfg.BackendBatchInterval, + MaxTxnOps: cfg.MaxTxnOps, + MaxRequestBytes: cfg.MaxRequestBytes, + StrictReconfigCheck: cfg.StrictReconfigCheck, + ClientCertAuthEnabled: cfg.ClientTLSInfo.ClientCertAuth, + AuthToken: cfg.AuthToken, + BcryptCost: cfg.BcryptCost, + TokenTTL: cfg.AuthTokenTTL, + CORS: cfg.CORS, + HostWhitelist: cfg.HostWhitelist, + InitialCorruptCheck: cfg.ExperimentalInitialCorruptCheck, + CorruptCheckTime: cfg.ExperimentalCorruptCheckTime, + PreVote: cfg.PreVote, + Logger: cfg.logger, + LoggerConfig: cfg.loggerConfig, + LoggerCore: cfg.loggerCore, + LoggerWriteSyncer: cfg.loggerWriteSyncer, + Debug: cfg.Debug, + ForceNewCluster: cfg.ForceNewCluster, + EnableGRPCGateway: cfg.EnableGRPCGateway, + UnsafeNoFsync: cfg.UnsafeNoFsync, + EnableLeaseCheckpoint: cfg.ExperimentalEnableLeaseCheckpoint, + CompactionBatchLimit: cfg.ExperimentalCompactionBatchLimit, + WatchProgressNotifyInterval: cfg.ExperimentalWatchProgressNotifyInterval, } print(e.cfg.logger, *cfg, srvcfg, memberInitialized) if e.Server, err = etcdserver.NewServer(srvcfg); err != nil { @@ -811,7 +814,7 @@ func (e *Etcd) GetLogger() *zap.Logger { func parseCompactionRetention(mode, retention string) (ret time.Duration, err error) { h, err := strconv.Atoi(retention) - if err == nil { + if err == nil && h >= 0 { switch mode { case CompactorModeRevision: ret = time.Duration(int64(h)) diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/etcdhttp/metrics.go b/vendor/go.etcd.io/etcd/etcdserver/api/etcdhttp/metrics.go index f455e40a7406..07ec8ec3bd96 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/etcdhttp/metrics.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/etcdhttp/metrics.go @@ -50,6 +50,7 @@ func NewHealthHandler(hfunc func() Health) http.HandlerFunc { if r.Method != http.MethodGet { w.Header().Set("Allow", http.MethodGet) http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed) + plog.Warningf("/health error (status code %d)", http.StatusMethodNotAllowed) return } h := hfunc() @@ -97,11 +98,15 @@ func checkHealth(srv etcdserver.ServerV2) Health { as := srv.Alarms() if len(as) > 0 { h.Health = "false" + for _, v := range as { + plog.Warningf("/health error due to an alarm %s", v.String()) + } } if h.Health == "true" { if uint64(srv.Leader()) == raft.None { h.Health = "false" + plog.Warningf("/health error; no leader (status code %d)", http.StatusServiceUnavailable) } } @@ -111,11 +116,13 @@ func checkHealth(srv etcdserver.ServerV2) Health { cancel() if err != nil { h.Health = "false" + plog.Warningf("/health error; QGET failed %v (status code %d)", err, http.StatusServiceUnavailable) } } if h.Health == "true" { healthSuccess.Inc() + plog.Infof("/health OK (status code %d)", http.StatusOK) } else { healthFailed.Inc() } diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/etcdhttp/peer.go b/vendor/go.etcd.io/etcd/etcdserver/api/etcdhttp/peer.go index 6c61bf5d5104..2d13741c68bd 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/etcdhttp/peer.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/etcdhttp/peer.go @@ -37,11 +37,17 @@ const ( ) // NewPeerHandler generates an http.Handler to handle etcd peer requests. -func NewPeerHandler(lg *zap.Logger, s etcdserver.ServerPeer) http.Handler { - return newPeerHandler(lg, s, s.RaftHandler(), s.LeaseHandler()) +func NewPeerHandler(lg *zap.Logger, s etcdserver.ServerPeerV2) http.Handler { + return newPeerHandler(lg, s, s.RaftHandler(), s.LeaseHandler(), s.HashKVHandler()) } -func newPeerHandler(lg *zap.Logger, s etcdserver.Server, raftHandler http.Handler, leaseHandler http.Handler) http.Handler { +func newPeerHandler( + lg *zap.Logger, + s etcdserver.Server, + raftHandler http.Handler, + leaseHandler http.Handler, + hashKVHandler http.Handler, +) http.Handler { peerMembersHandler := newPeerMembersHandler(lg, s.Cluster()) peerMemberPromoteHandler := newPeerMemberPromoteHandler(lg, s) @@ -55,6 +61,9 @@ func newPeerHandler(lg *zap.Logger, s etcdserver.Server, raftHandler http.Handle mux.Handle(leasehttp.LeasePrefix, leaseHandler) mux.Handle(leasehttp.LeaseInternalPrefix, leaseHandler) } + if hashKVHandler != nil { + mux.Handle(etcdserver.PeerHashKVPath, hashKVHandler) + } mux.HandleFunc(versionPath, versionHandler(s.Cluster(), serveVersion)) return mux } diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/membership/cluster.go b/vendor/go.etcd.io/etcd/etcdserver/api/membership/cluster.go index b1a011b50312..d1cf220dd691 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/membership/cluster.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/membership/cluster.go @@ -657,8 +657,8 @@ func (c *RaftCluster) IsReadyToRemoveVotingMember(id uint64) bool { } func (c *RaftCluster) IsReadyToPromoteMember(id uint64) bool { - nmembers := 1 - nstarted := 0 + nmembers := 1 // We count the learner to be promoted for the future quorum + nstarted := 1 // and we also count it as started. for _, member := range c.VotingMembers() { if member.IsStarted() { diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/rafthttp/http.go b/vendor/go.etcd.io/etcd/etcdserver/api/rafthttp/http.go index d0e0c81e2090..0b05282c04fd 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/rafthttp/http.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/rafthttp/http.go @@ -239,8 +239,9 @@ func (h *snapshotHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } - msgSize := m.Size() - receivedBytes.WithLabelValues(from).Add(float64(msgSize)) + msgSizeVal := m.Size() + msgSize := humanize.Bytes(uint64(msgSizeVal)) + receivedBytes.WithLabelValues(from).Add(float64(msgSizeVal)) if m.Type != raftpb.MsgSnap { if h.lg != nil { @@ -269,11 +270,11 @@ func (h *snapshotHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { zap.String("local-member-id", h.localID.String()), zap.String("remote-snapshot-sender-id", from), zap.Uint64("incoming-snapshot-index", m.Snapshot.Metadata.Index), - zap.Int("incoming-snapshot-message-size-bytes", msgSize), - zap.String("incoming-snapshot-message-size", humanize.Bytes(uint64(msgSize))), + zap.Int("incoming-snapshot-message-size-bytes", msgSizeVal), + zap.String("incoming-snapshot-message-size", msgSize), ) } else { - plog.Infof("receiving database snapshot [index:%d, from %s] ...", m.Snapshot.Metadata.Index, types.ID(m.From)) + plog.Infof("receiving database snapshot [index: %d, from: %s, raft message size: %s]", m.Snapshot.Metadata.Index, types.ID(m.From), msgSize) } // save incoming database snapshot. @@ -296,8 +297,10 @@ func (h *snapshotHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } + dbSize := humanize.Bytes(uint64(n)) receivedBytes.WithLabelValues(from).Add(float64(n)) + downloadTook := time.Since(start) if h.lg != nil { h.lg.Info( "received and saved database snapshot", @@ -305,10 +308,11 @@ func (h *snapshotHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { zap.String("remote-snapshot-sender-id", from), zap.Uint64("incoming-snapshot-index", m.Snapshot.Metadata.Index), zap.Int64("incoming-snapshot-size-bytes", n), - zap.String("incoming-snapshot-size", humanize.Bytes(uint64(n))), + zap.String("incoming-snapshot-size", dbSize), + zap.String("download-took", downloadTook.String()), ) } else { - plog.Infof("received and saved database snapshot [index: %d, from: %s] successfully", m.Snapshot.Metadata.Index, types.ID(m.From)) + plog.Infof("successfully received and saved database snapshot [index: %d, from: %s, raft message size: %s, db size: %s, took: %s]", m.Snapshot.Metadata.Index, types.ID(m.From), msgSize, dbSize, downloadTook.String()) } if err := h.r.Process(context.TODO(), m); err != nil { diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/rafthttp/snapshot_sender.go b/vendor/go.etcd.io/etcd/etcdserver/api/rafthttp/snapshot_sender.go index 62efb0cdc3d8..7105de188ae7 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/rafthttp/snapshot_sender.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/rafthttp/snapshot_sender.go @@ -78,16 +78,18 @@ func (s *snapshotSender) send(merged snap.Message) { u := s.picker.pick() req := createPostRequest(u, RaftSnapshotPrefix, body, "application/octet-stream", s.tr.URLs, s.from, s.cid) + snapshotTotalSizeVal := uint64(merged.TotalSize) + snapshotTotalSize := humanize.Bytes(snapshotTotalSizeVal) if s.tr.Logger != nil { s.tr.Logger.Info( "sending database snapshot", zap.Uint64("snapshot-index", m.Snapshot.Metadata.Index), zap.String("remote-peer-id", to), zap.Int64("bytes", merged.TotalSize), - zap.String("size", humanize.Bytes(uint64(merged.TotalSize))), + zap.String("size", snapshotTotalSize), ) } else { - plog.Infof("start to send database snapshot [index: %d, to %s]...", m.Snapshot.Metadata.Index, types.ID(m.To)) + plog.Infof("start to send database snapshot [index: %d, to %s, size %s]...", m.Snapshot.Metadata.Index, types.ID(m.To), snapshotTotalSize) } snapshotSendInflights.WithLabelValues(to).Inc() @@ -104,7 +106,7 @@ func (s *snapshotSender) send(merged snap.Message) { zap.Uint64("snapshot-index", m.Snapshot.Metadata.Index), zap.String("remote-peer-id", to), zap.Int64("bytes", merged.TotalSize), - zap.String("size", humanize.Bytes(uint64(merged.TotalSize))), + zap.String("size", snapshotTotalSize), zap.Error(err), ) } else { @@ -137,7 +139,7 @@ func (s *snapshotSender) send(merged snap.Message) { zap.Uint64("snapshot-index", m.Snapshot.Metadata.Index), zap.String("remote-peer-id", to), zap.Int64("bytes", merged.TotalSize), - zap.String("size", humanize.Bytes(uint64(merged.TotalSize))), + zap.String("size", snapshotTotalSize), ) } else { plog.Infof("database snapshot [index: %d, to: %s] sent out successfully", m.Snapshot.Metadata.Index, types.ID(m.To)) diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/snap/snapshotter.go b/vendor/go.etcd.io/etcd/etcdserver/api/snap/snapshotter.go index 7e7933374c9a..c5d6d6183c1b 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/snap/snapshotter.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/snap/snapshotter.go @@ -22,16 +22,17 @@ import ( "os" "path/filepath" "sort" + "strconv" "strings" "time" + "github.com/coreos/pkg/capnslog" "go.etcd.io/etcd/etcdserver/api/snap/snappb" pioutil "go.etcd.io/etcd/pkg/ioutil" "go.etcd.io/etcd/pkg/pbutil" "go.etcd.io/etcd/raft" "go.etcd.io/etcd/raft/raftpb" - - "github.com/coreos/pkg/capnslog" + "go.etcd.io/etcd/wal/walpb" "go.uber.org/zap" ) @@ -108,21 +109,37 @@ func (s *Snapshotter) save(snapshot *raftpb.Snapshot) error { return nil } +// Load returns the newest snapshot. func (s *Snapshotter) Load() (*raftpb.Snapshot, error) { + return s.loadMatching(func(*raftpb.Snapshot) bool { return true }) +} + +// LoadNewestAvailable loads the newest snapshot available that is in walSnaps. +func (s *Snapshotter) LoadNewestAvailable(walSnaps []walpb.Snapshot) (*raftpb.Snapshot, error) { + return s.loadMatching(func(snapshot *raftpb.Snapshot) bool { + m := snapshot.Metadata + for i := len(walSnaps) - 1; i >= 0; i-- { + if m.Term == walSnaps[i].Term && m.Index == walSnaps[i].Index { + return true + } + } + return false + }) +} + +// loadMatching returns the newest snapshot where matchFn returns true. +func (s *Snapshotter) loadMatching(matchFn func(*raftpb.Snapshot) bool) (*raftpb.Snapshot, error) { names, err := s.snapNames() if err != nil { return nil, err } var snap *raftpb.Snapshot for _, name := range names { - if snap, err = loadSnap(s.lg, s.dir, name); err == nil { - break + if snap, err = loadSnap(s.lg, s.dir, name); err == nil && matchFn(snap) { + return snap, nil } } - if err != nil { - return nil, ErrNoSnapshot - } - return snap, nil + return nil, ErrNoSnapshot } func loadSnap(lg *zap.Logger, dir, name string) (*raftpb.Snapshot, error) { @@ -226,6 +243,10 @@ func (s *Snapshotter) snapNames() ([]string, error) { if err != nil { return nil, err } + names, err = s.cleanupSnapdir(names) + if err != nil { + return nil, err + } snaps := checkSuffix(s.lg, names) if len(snaps) == 0 { return nil, ErrNoSnapshot @@ -253,3 +274,64 @@ func checkSuffix(lg *zap.Logger, names []string) []string { } return snaps } + +// cleanupSnapdir removes any files that should not be in the snapshot directory: +// - db.tmp prefixed files that can be orphaned by defragmentation +func (s *Snapshotter) cleanupSnapdir(filenames []string) (names []string, err error) { + for _, filename := range filenames { + if strings.HasPrefix(filename, "db.tmp") { + if s.lg != nil { + s.lg.Info("found orphaned defragmentation file; deleting", zap.String("path", filename)) + } else { + plog.Infof("found orphaned defragmentation file; deleting: %s", filename) + } + if rmErr := os.Remove(filepath.Join(s.dir, filename)); rmErr != nil && !os.IsNotExist(rmErr) { + return nil, fmt.Errorf("failed to remove orphaned .snap.db file %s: %v", filename, rmErr) + } + continue + } + names = append(names, filename) + } + return names, nil +} + +func (s *Snapshotter) ReleaseSnapDBs(snap raftpb.Snapshot) error { + dir, err := os.Open(s.dir) + if err != nil { + return err + } + defer dir.Close() + filenames, err := dir.Readdirnames(-1) + if err != nil { + return err + } + for _, filename := range filenames { + if strings.HasSuffix(filename, ".snap.db") { + hexIndex := strings.TrimSuffix(filepath.Base(filename), ".snap.db") + index, err := strconv.ParseUint(hexIndex, 16, 64) + if err != nil { + if s.lg != nil { + s.lg.Warn("failed to parse index from filename", zap.String("path", filename), zap.String("error", err.Error())) + } else { + plog.Warningf("failed to parse index from filename: %s (%v)", filename, err) + } + continue + } + if index < snap.Metadata.Index { + if s.lg != nil { + s.lg.Warn("found orphaned .snap.db file; deleting", zap.String("path", filename)) + } else { + plog.Warningf("found orphaned .snap.db file; deleting: %s", filename) + } + if rmErr := os.Remove(filepath.Join(s.dir, filename)); rmErr != nil && !os.IsNotExist(rmErr) { + if s.lg != nil { + s.lg.Warn("failed to remove orphaned .snap.db file", zap.String("path", filename), zap.Error(rmErr)) + } else { + plog.Warningf("failed to remove orphaned .snap.db file: %s (%v)", filename, rmErr) + } + } + } + } + } + return nil +} diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/v2discovery/discovery.go b/vendor/go.etcd.io/etcd/etcdserver/api/v2discovery/discovery.go index cf770b378594..16ccfde8e270 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/v2discovery/discovery.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/v2discovery/discovery.go @@ -218,7 +218,7 @@ func (d *discovery) createSelf(contents string) error { return err } -func (d *discovery) checkCluster() ([]*client.Node, int, uint64, error) { +func (d *discovery) checkCluster() ([]*client.Node, uint64, uint64, error) { configKey := path.Join("/", d.cluster, "_config") ctx, cancel := context.WithTimeout(context.Background(), client.DefaultRequestTimeout) // find cluster size @@ -247,7 +247,7 @@ func (d *discovery) checkCluster() ([]*client.Node, int, uint64, error) { } return nil, 0, 0, err } - size, err := strconv.Atoi(resp.Node.Value) + size, err := strconv.ParseUint(resp.Node.Value, 10, 0) if err != nil { return nil, 0, 0, ErrBadSizeKey } @@ -288,7 +288,7 @@ func (d *discovery) checkCluster() ([]*client.Node, int, uint64, error) { if path.Base(nodes[i].Key) == path.Base(d.selfKey()) { break } - if i >= size-1 { + if uint64(i) >= size-1 { return nodes[:size], size, resp.Index, ErrFullCluster } } @@ -316,7 +316,7 @@ func (d *discovery) logAndBackoffForRetry(step string) { d.clock.Sleep(retryTimeInSecond) } -func (d *discovery) checkClusterRetry() ([]*client.Node, int, uint64, error) { +func (d *discovery) checkClusterRetry() ([]*client.Node, uint64, uint64, error) { if d.retries < nRetries { d.logAndBackoffForRetry("cluster status check") return d.checkCluster() @@ -336,8 +336,8 @@ func (d *discovery) waitNodesRetry() ([]*client.Node, error) { return nil, ErrTooManyRetries } -func (d *discovery) waitNodes(nodes []*client.Node, size int, index uint64) ([]*client.Node, error) { - if len(nodes) > size { +func (d *discovery) waitNodes(nodes []*client.Node, size uint64, index uint64) ([]*client.Node, error) { + if uint64(len(nodes)) > size { nodes = nodes[:size] } // watch from the next index @@ -369,16 +369,16 @@ func (d *discovery) waitNodes(nodes []*client.Node, size int, index uint64) ([]* } // wait for others - for len(all) < size { + for uint64(len(all)) < size { if d.lg != nil { d.lg.Info( "found peers from discovery server; waiting for more", zap.String("discovery-url", d.url.String()), zap.Int("found-peers", len(all)), - zap.Int("needed-peers", size-len(all)), + zap.Int("needed-peers", int(size-uint64(len(all)))), ) } else { - plog.Noticef("found %d peer(s), waiting for %d more", len(all), size-len(all)) + plog.Noticef("found %d peer(s), waiting for %d more", len(all), size-uint64(len(all))) } resp, err := w.Next(context.Background()) if err != nil { @@ -415,7 +415,7 @@ func (d *discovery) selfKey() string { return path.Join("/", d.cluster, d.id.String()) } -func nodesToCluster(ns []*client.Node, size int) (string, error) { +func nodesToCluster(ns []*client.Node, size uint64) (string, error) { s := make([]string, len(ns)) for i, n := range ns { s[i] = n.Value @@ -425,7 +425,7 @@ func nodesToCluster(ns []*client.Node, size int) (string, error) { if err != nil { return us, ErrInvalidURL } - if m.Len() != size { + if uint64(m.Len()) != size { return us, ErrDuplicateName } return us, nil diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/interceptor.go b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/interceptor.go index ce9047e80fdc..0a3b48e86626 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/interceptor.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/interceptor.go @@ -16,17 +16,17 @@ package v3rpc import ( "context" + "strings" "sync" "time" + "github.com/coreos/pkg/capnslog" "go.etcd.io/etcd/etcdserver" "go.etcd.io/etcd/etcdserver/api" "go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes" + pb "go.etcd.io/etcd/etcdserver/etcdserverpb" "go.etcd.io/etcd/pkg/types" "go.etcd.io/etcd/raft" - - "github.com/coreos/pkg/capnslog" - pb "go.etcd.io/etcd/etcdserver/etcdserverpb" "go.uber.org/zap" "google.golang.org/grpc" "google.golang.org/grpc/metadata" @@ -54,6 +54,12 @@ func newUnaryInterceptor(s *etcdserver.EtcdServer) grpc.UnaryServerInterceptor { md, ok := metadata.FromIncomingContext(ctx) if ok { + ver, vs := "unknown", metadataGet(md, rpctypes.MetadataClientAPIVersionKey) + if len(vs) > 0 { + ver = vs[0] + } + clientRequests.WithLabelValues("unary", ver).Inc() + if ks := md[rpctypes.MetadataRequireLeaderKey]; len(ks) > 0 && ks[0] == rpctypes.MetadataHasLeader { if s.Leader() == types.ID(raft.None) { return nil, rpctypes.ErrGRPCNoLeader @@ -200,6 +206,12 @@ func newStreamInterceptor(s *etcdserver.EtcdServer) grpc.StreamServerInterceptor md, ok := metadata.FromIncomingContext(ss.Context()) if ok { + ver, vs := "unknown", metadataGet(md, rpctypes.MetadataClientAPIVersionKey) + if len(vs) > 0 { + ver = vs[0] + } + clientRequests.WithLabelValues("stream", ver).Inc() + if ks := md[rpctypes.MetadataRequireLeaderKey]; len(ks) > 0 && ks[0] == rpctypes.MetadataHasLeader { if s.Leader() == types.ID(raft.None) { return rpctypes.ErrGRPCNoLeader @@ -218,7 +230,6 @@ func newStreamInterceptor(s *etcdserver.EtcdServer) grpc.StreamServerInterceptor smap.mu.Unlock() cancel() }() - } } @@ -274,3 +285,8 @@ func monitorLeader(s *etcdserver.EtcdServer) *streamsMap { return smap } + +func metadataGet(md metadata.MD, k string) []string { + k = strings.ToLower(k) + return md[k] +} diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/maintenance.go b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/maintenance.go index c51271ac0fe3..8130adbf0abb 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/maintenance.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/maintenance.go @@ -18,7 +18,9 @@ import ( "context" "crypto/sha256" "io" + "time" + "github.com/dustin/go-humanize" "go.etcd.io/etcd/auth" "go.etcd.io/etcd/etcdserver" "go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes" @@ -98,6 +100,9 @@ func (ms *maintenanceServer) Defragment(ctx context.Context, sr *pb.DefragmentRe return &pb.DefragmentResponse{}, nil } +// big enough size to hold >1 OS pages in the buffer +const snapshotSendBufferSize = 32 * 1024 + func (ms *maintenanceServer) Snapshot(sr *pb.SnapshotRequest, srv pb.Maintenance_SnapshotServer) error { snap := ms.bg.Backend().Snapshot() pr, pw := io.Pipe() @@ -116,19 +121,46 @@ func (ms *maintenanceServer) Snapshot(sr *pb.SnapshotRequest, srv pb.Maintenance pw.Close() }() - // send file data + // record SHA digest of snapshot data + // used for integrity checks during snapshot restore operation h := sha256.New() - br := int64(0) - buf := make([]byte, 32*1024) - sz := snap.Size() - for br < sz { + + // buffer just holds read bytes from stream + // response size is multiple of OS page size, fetched in boltdb + // e.g. 4*1024 + buf := make([]byte, snapshotSendBufferSize) + + sent := int64(0) + total := snap.Size() + size := humanize.Bytes(uint64(total)) + + start := time.Now() + if ms.lg != nil { + ms.lg.Info("sending database snapshot to client", + zap.Int64("total-bytes", total), + zap.String("size", size), + ) + } else { + plog.Infof("sending database snapshot to client %s [%d bytes]", size, total) + } + for total-sent > 0 { n, err := io.ReadFull(pr, buf) if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF { return togRPCError(err) } - br += int64(n) + sent += int64(n) + + // if total is x * snapshotSendBufferSize. it is possible that + // resp.RemainingBytes == 0 + // resp.Blob == zero byte but not nil + // does this make server response sent to client nil in proto + // and client stops receiving from snapshot stream before + // server sends snapshot SHA? + // No, the client will still receive non-nil response + // until server closes the stream with EOF + resp := &pb.SnapshotResponse{ - RemainingBytes: uint64(sz - br), + RemainingBytes: uint64(total - sent), Blob: buf[:n], } if err = srv.Send(resp); err != nil { @@ -137,13 +169,34 @@ func (ms *maintenanceServer) Snapshot(sr *pb.SnapshotRequest, srv pb.Maintenance h.Write(buf[:n]) } - // send sha + // send SHA digest for integrity checks + // during snapshot restore operation sha := h.Sum(nil) + + if ms.lg != nil { + ms.lg.Info("sending database sha256 checksum to client", + zap.Int64("total-bytes", total), + zap.Int("checksum-size", len(sha)), + ) + } else { + plog.Infof("sending database sha256 checksum to client [%d bytes]", len(sha)) + } + hresp := &pb.SnapshotResponse{RemainingBytes: 0, Blob: sha} if err := srv.Send(hresp); err != nil { return togRPCError(err) } + if ms.lg != nil { + ms.lg.Info("successfully sent database snapshot to client", + zap.Int64("total-bytes", total), + zap.String("size", size), + zap.String("took", humanize.Time(start)), + ) + } else { + plog.Infof("successfully sent database snapshot to client %s [%d bytes]", size, total) + } + return nil } diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/metrics.go b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/metrics.go index d633d27c2cb3..a4ee723c52f9 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/metrics.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/metrics.go @@ -39,10 +39,20 @@ var ( }, []string{"Type", "API"}, ) + + clientRequests = prometheus.NewCounterVec(prometheus.CounterOpts{ + Namespace: "etcd", + Subsystem: "server", + Name: "client_requests_total", + Help: "The total number of client requests per client version.", + }, + []string{"type", "client_api_version"}, + ) ) func init() { prometheus.MustRegister(sentBytes) prometheus.MustRegister(receivedBytes) prometheus.MustRegister(streamFailures) + prometheus.MustRegister(clientRequests) } diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes/md.go b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes/md.go index 5c590e1aec99..90b8b835b168 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes/md.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes/md.go @@ -17,4 +17,6 @@ package rpctypes var ( MetadataRequireLeaderKey = "hasleader" MetadataHasLeader = "true" + + MetadataClientAPIVersionKey = "client-api-version" ) diff --git a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/watch.go b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/watch.go index f41cb6c05695..07736c1bad5c 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/watch.go +++ b/vendor/go.etcd.io/etcd/etcdserver/api/v3rpc/watch.go @@ -31,6 +31,8 @@ import ( "go.uber.org/zap" ) +const minWatchProgressInterval = 100 * time.Millisecond + type watchServer struct { lg *zap.Logger @@ -46,7 +48,7 @@ type watchServer struct { // NewWatchServer returns a new watch server. func NewWatchServer(s *etcdserver.EtcdServer) pb.WatchServer { - return &watchServer{ + srv := &watchServer{ lg: s.Cfg.Logger, clusterID: int64(s.Cluster().ID()), @@ -58,6 +60,21 @@ func NewWatchServer(s *etcdserver.EtcdServer) pb.WatchServer { watchable: s.Watchable(), ag: s, } + if s.Cfg.WatchProgressNotifyInterval > 0 { + if s.Cfg.WatchProgressNotifyInterval < minWatchProgressInterval { + if srv.lg != nil { + srv.lg.Warn( + "adjusting watch progress notify interval to minimum period", + zap.Duration("min-watch-progress-notify-interval", minWatchProgressInterval), + ) + } else { + plog.Warningf("adjusting watch progress notify interval to minimum period %v", minWatchProgressInterval) + } + s.Cfg.WatchProgressNotifyInterval = minWatchProgressInterval + } + SetProgressReportInterval(s.Cfg.WatchProgressNotifyInterval) + } + return srv } var ( @@ -259,9 +276,10 @@ func (sws *serverWatchStream) recvLoop() error { select { case sws.ctrlStream <- wr: + continue case <-sws.closec: + return nil } - return nil } filters := FiltersFromRequest(creq) diff --git a/vendor/go.etcd.io/etcd/etcdserver/apply.go b/vendor/go.etcd.io/etcd/etcdserver/apply.go index 822b5e32204d..d98549dea5b0 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/apply.go +++ b/vendor/go.etcd.io/etcd/etcdserver/apply.go @@ -116,6 +116,9 @@ func (a *applierV3backend) Apply(r *pb.InternalRaftRequest) *applyResult { ar := &applyResult{} defer func(start time.Time) { warnOfExpensiveRequest(a.s.getLogger(), start, &pb.InternalRaftStringer{Request: r}, ar.resp, ar.err) + if ar.err != nil { + warnOfFailedRequest(a.s.getLogger(), start, &pb.InternalRaftStringer{Request: r}, ar.resp, ar.err) + } }(time.Now()) // call into a.s.applyV3.F instead of a.F so upper appliers can check individual calls diff --git a/vendor/go.etcd.io/etcd/etcdserver/apply_v2.go b/vendor/go.etcd.io/etcd/etcdserver/apply_v2.go index c77df1970617..7321379da7cc 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/apply_v2.go +++ b/vendor/go.etcd.io/etcd/etcdserver/apply_v2.go @@ -16,6 +16,7 @@ package etcdserver import ( "encoding/json" + "fmt" "path" "time" @@ -114,7 +115,11 @@ func (a *applierV2store) Sync(r *RequestV2) Response { // applyV2Request interprets r as a call to v2store.X // and returns a Response interpreted from v2store.Event func (s *EtcdServer) applyV2Request(r *RequestV2) Response { - defer warnOfExpensiveRequest(s.getLogger(), time.Now(), r, nil, nil) + stringer := panicAlternativeStringer{ + stringer: r, + alternative: func() string { return fmt.Sprintf("id:%d,method:%s,path:%s", r.ID, r.Method, r.Path) }, + } + defer warnOfExpensiveRequest(s.getLogger(), time.Now(), stringer, nil, nil) switch r.Method { case "POST": diff --git a/vendor/go.etcd.io/etcd/etcdserver/backend.go b/vendor/go.etcd.io/etcd/etcdserver/backend.go index 01ba19256864..aa443cac86f9 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/backend.go +++ b/vendor/go.etcd.io/etcd/etcdserver/backend.go @@ -31,6 +31,7 @@ import ( func newBackend(cfg ServerConfig) backend.Backend { bcfg := backend.DefaultBackendConfig() bcfg.Path = cfg.backendPath() + bcfg.UnsafeNoFsync = cfg.UnsafeNoFsync if cfg.BackendBatchLimit != 0 { bcfg.BatchLimit = cfg.BackendBatchLimit if cfg.Logger != nil { @@ -102,7 +103,7 @@ func openBackend(cfg ServerConfig) backend.Backend { // case, replace the db with the snapshot db sent by the leader. func recoverSnapshotBackend(cfg ServerConfig, oldbe backend.Backend, snapshot raftpb.Snapshot) (backend.Backend, error) { var cIndex consistentIndex - kv := mvcc.New(cfg.Logger, oldbe, &lease.FakeLessor{}, &cIndex, mvcc.StoreConfig{CompactionBatchLimit: cfg.CompactionBatchLimit}) + kv := mvcc.New(cfg.Logger, oldbe, &lease.FakeLessor{}, nil, &cIndex, mvcc.StoreConfig{CompactionBatchLimit: cfg.CompactionBatchLimit}) defer kv.Close() if snapshot.Metadata.Index <= kv.ConsistentIndex() { return oldbe, nil diff --git a/vendor/go.etcd.io/etcd/etcdserver/config.go b/vendor/go.etcd.io/etcd/etcdserver/config.go index 88cd721c3259..c585918cd143 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/config.go +++ b/vendor/go.etcd.io/etcd/etcdserver/config.go @@ -126,6 +126,7 @@ type ServerConfig struct { AuthToken string BcryptCost uint + TokenTTL uint // InitialCorruptCheck is true to check data corruption on boot // before serving any peer/client traffic. @@ -157,6 +158,12 @@ type ServerConfig struct { LeaseCheckpointInterval time.Duration EnableGRPCGateway bool + + WatchProgressNotifyInterval time.Duration + + // UnsafeNoFsync disables all uses of fsync. + // Setting this is unsafe and will cause data loss. + UnsafeNoFsync bool `json:"unsafe-no-fsync"` } // VerifyBootstrap sanity-checks the initial config for bootstrap case diff --git a/vendor/go.etcd.io/etcd/etcdserver/corrupt.go b/vendor/go.etcd.io/etcd/etcdserver/corrupt.go index 2351eef4458a..e243d98ba6d2 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/corrupt.go +++ b/vendor/go.etcd.io/etcd/etcdserver/corrupt.go @@ -15,11 +15,15 @@ package etcdserver import ( + "bytes" "context" + "encoding/json" "fmt" + "io/ioutil" + "net/http" + "strings" "time" - "go.etcd.io/etcd/clientv3" "go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes" pb "go.etcd.io/etcd/etcdserver/etcdserverpb" "go.etcd.io/etcd/mvcc" @@ -230,10 +234,12 @@ func (s *EtcdServer) checkHashKV() error { mismatch(uint64(s.ID())) } + checkedCount := 0 for _, p := range peers { if p.resp == nil { continue } + checkedCount++ id := p.resp.Header.MemberId // leader expects follower's latest revision less than or equal to leader's @@ -298,62 +304,56 @@ func (s *EtcdServer) checkHashKV() error { mismatch(id) } } + if lg != nil { + lg.Info("finished peer corruption check", zap.Int("number-of-peers-checked", checkedCount)) + } else { + plog.Infof("finished peer corruption check") + } + return nil } -type peerHashKVResp struct { +type peerInfo struct { id types.ID eps []string +} - resp *clientv3.HashKVResponse +type peerHashKVResp struct { + peerInfo + resp *pb.HashKVResponse err error } -func (s *EtcdServer) getPeerHashKVs(rev int64) (resps []*peerHashKVResp) { +func (s *EtcdServer) getPeerHashKVs(rev int64) []*peerHashKVResp { // TODO: handle the case when "s.cluster.Members" have not // been populated (e.g. no snapshot to load from disk) - mbs := s.cluster.Members() - pss := make([]peerHashKVResp, len(mbs)) - for _, m := range mbs { + members := s.cluster.Members() + peers := make([]peerInfo, 0, len(members)) + for _, m := range members { if m.ID == s.ID() { continue } - pss = append(pss, peerHashKVResp{id: m.ID, eps: m.PeerURLs}) + peers = append(peers, peerInfo{id: m.ID, eps: m.PeerURLs}) } lg := s.getLogger() - for _, p := range pss { + var resps []*peerHashKVResp + for _, p := range peers { if len(p.eps) == 0 { continue } - cli, cerr := clientv3.New(clientv3.Config{ - DialTimeout: s.Cfg.ReqTimeout(), - Endpoints: p.eps, - }) - if cerr != nil { - if lg != nil { - lg.Warn( - "failed to create client to peer URL", - zap.String("local-member-id", s.ID().String()), - zap.String("remote-peer-id", p.id.String()), - zap.Strings("remote-peer-endpoints", p.eps), - zap.Error(cerr), - ) - } else { - plog.Warningf("%s failed to create client to peer %q for hash checking (%q)", s.ID(), p.eps, cerr.Error()) - } - continue - } respsLen := len(resps) - for _, c := range cli.Endpoints() { + var lastErr error + for _, ep := range p.eps { ctx, cancel := context.WithTimeout(context.Background(), s.Cfg.ReqTimeout()) - var resp *clientv3.HashKVResponse - resp, cerr = cli.HashKV(ctx, c, rev) + + var resp *pb.HashKVResponse + resp, lastErr = s.getPeerHashKVHTTP(ctx, ep, rev) cancel() - if cerr == nil { - resps = append(resps, &peerHashKVResp{id: p.id, eps: p.eps, resp: resp, err: nil}) + if lastErr == nil { + resps = append(resps, &peerHashKVResp{peerInfo: p, resp: resp, err: nil}) break } if lg != nil { @@ -361,17 +361,17 @@ func (s *EtcdServer) getPeerHashKVs(rev int64) (resps []*peerHashKVResp) { "failed hash kv request", zap.String("local-member-id", s.ID().String()), zap.Int64("requested-revision", rev), - zap.String("remote-peer-endpoint", c), - zap.Error(cerr), + zap.String("remote-peer-endpoint", ep), + zap.Error(lastErr), ) } else { - plog.Warningf("%s hash-kv error %q on peer %q with revision %d", s.ID(), cerr.Error(), c, rev) + plog.Warningf("%s hash-kv error %q on peer %q with revision %d", s.ID(), lastErr.Error(), ep, rev) } } - cli.Close() + // failed to get hashKV from all endpoints of this peer if respsLen == len(resps) { - resps = append(resps, &peerHashKVResp{id: p.id, eps: p.eps, resp: nil, err: cerr}) + resps = append(resps, &peerHashKVResp{peerInfo: p, resp: nil, err: lastErr}) } } return resps @@ -410,3 +410,112 @@ func (a *applierV3Corrupt) LeaseGrant(lc *pb.LeaseGrantRequest) (*pb.LeaseGrantR func (a *applierV3Corrupt) LeaseRevoke(lc *pb.LeaseRevokeRequest) (*pb.LeaseRevokeResponse, error) { return nil, ErrCorrupt } + +type ServerPeerV2 interface { + ServerPeer + HashKVHandler() http.Handler +} + +const PeerHashKVPath = "/members/hashkv" + +type hashKVHandler struct { + lg *zap.Logger + server *EtcdServer +} + +func (s *EtcdServer) HashKVHandler() http.Handler { + return &hashKVHandler{lg: s.getLogger(), server: s} +} + +func (h *hashKVHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodGet { + w.Header().Set("Allow", http.MethodGet) + http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed) + return + } + if r.URL.Path != PeerHashKVPath { + http.Error(w, "bad path", http.StatusBadRequest) + return + } + + defer r.Body.Close() + b, err := ioutil.ReadAll(r.Body) + if err != nil { + http.Error(w, "error reading body", http.StatusBadRequest) + return + } + + req := &pb.HashKVRequest{} + if err = json.Unmarshal(b, req); err != nil { + h.lg.Warn("failed to unmarshal request", zap.Error(err)) + http.Error(w, "error unmarshalling request", http.StatusBadRequest) + return + } + hash, rev, compactRev, err := h.server.KV().HashByRev(req.Revision) + if err != nil { + h.lg.Warn( + "failed to get hashKV", + zap.Int64("requested-revision", req.Revision), + zap.Error(err), + ) + http.Error(w, err.Error(), http.StatusBadRequest) + return + } + resp := &pb.HashKVResponse{Header: &pb.ResponseHeader{Revision: rev}, Hash: hash, CompactRevision: compactRev} + respBytes, err := json.Marshal(resp) + if err != nil { + h.lg.Warn("failed to marshal hashKV response", zap.Error(err)) + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + w.Header().Set("X-Etcd-Cluster-ID", h.server.Cluster().ID().String()) + w.Header().Set("Content-Type", "application/json") + w.Write(respBytes) +} + +// getPeerHashKVHTTP fetch hash of kv store at the given rev via http call to the given url +func (s *EtcdServer) getPeerHashKVHTTP(ctx context.Context, url string, rev int64) (*pb.HashKVResponse, error) { + cc := &http.Client{Transport: s.peerRt} + hashReq := &pb.HashKVRequest{Revision: rev} + hashReqBytes, err := json.Marshal(hashReq) + if err != nil { + return nil, err + } + requestUrl := url + PeerHashKVPath + req, err := http.NewRequest(http.MethodGet, requestUrl, bytes.NewReader(hashReqBytes)) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + req.Header.Set("Content-Type", "application/json") + req.Cancel = ctx.Done() + + resp, err := cc.Do(req) + if err != nil { + return nil, err + } + defer resp.Body.Close() + b, err := ioutil.ReadAll(resp.Body) + if err != nil { + return nil, err + } + + if resp.StatusCode == http.StatusBadRequest { + if strings.Contains(string(b), mvcc.ErrCompacted.Error()) { + return nil, rpctypes.ErrCompacted + } + if strings.Contains(string(b), mvcc.ErrFutureRev.Error()) { + return nil, rpctypes.ErrFutureRev + } + } + if resp.StatusCode != http.StatusOK { + return nil, fmt.Errorf("unknown error: %s", string(b)) + } + + hashResp := &pb.HashKVResponse{} + if err := json.Unmarshal(b, hashResp); err != nil { + return nil, err + } + return hashResp, nil +} diff --git a/vendor/go.etcd.io/etcd/etcdserver/etcdserverpb/raft_internal_stringer.go b/vendor/go.etcd.io/etcd/etcdserver/etcdserverpb/raft_internal_stringer.go index 3d3536a326dd..31e121ee0a63 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/etcdserverpb/raft_internal_stringer.go +++ b/vendor/go.etcd.io/etcd/etcdserver/etcdserverpb/raft_internal_stringer.go @@ -137,7 +137,7 @@ type loggableValueCompare struct { Result Compare_CompareResult `protobuf:"varint,1,opt,name=result,proto3,enum=etcdserverpb.Compare_CompareResult"` Target Compare_CompareTarget `protobuf:"varint,2,opt,name=target,proto3,enum=etcdserverpb.Compare_CompareTarget"` Key []byte `protobuf:"bytes,3,opt,name=key,proto3"` - ValueSize int `protobuf:"bytes,7,opt,name=value_size,proto3"` + ValueSize int64 `protobuf:"varint,7,opt,name=value_size,proto3"` RangeEnd []byte `protobuf:"bytes,64,opt,name=range_end,proto3"` } @@ -146,7 +146,7 @@ func newLoggableValueCompare(c *Compare, cv *Compare_Value) *loggableValueCompar c.Result, c.Target, c.Key, - len(cv.Value), + int64(len(cv.Value)), c.RangeEnd, } } @@ -160,7 +160,7 @@ func (*loggableValueCompare) ProtoMessage() {} // To preserve proto encoding of the key bytes, a faked out proto type is used here. type loggablePutRequest struct { Key []byte `protobuf:"bytes,1,opt,name=key,proto3"` - ValueSize int `protobuf:"varint,2,opt,name=value_size,proto3"` + ValueSize int64 `protobuf:"varint,2,opt,name=value_size,proto3"` Lease int64 `protobuf:"varint,3,opt,name=lease,proto3"` PrevKv bool `protobuf:"varint,4,opt,name=prev_kv,proto3"` IgnoreValue bool `protobuf:"varint,5,opt,name=ignore_value,proto3"` @@ -170,7 +170,7 @@ type loggablePutRequest struct { func NewLoggablePutRequest(request *PutRequest) *loggablePutRequest { return &loggablePutRequest{ request.Key, - len(request.Value), + int64(len(request.Value)), request.Lease, request.PrevKv, request.IgnoreValue, diff --git a/vendor/go.etcd.io/etcd/etcdserver/etcdserverpb/rpc.pb.go b/vendor/go.etcd.io/etcd/etcdserver/etcdserverpb/rpc.pb.go index 199ee6244d5e..6cbccc797c43 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/etcdserverpb/rpc.pb.go +++ b/vendor/go.etcd.io/etcd/etcdserver/etcdserverpb/rpc.pb.go @@ -104,7 +104,9 @@ var RangeRequest_SortTarget_value = map[string]int32{ func (x RangeRequest_SortTarget) String() string { return proto.EnumName(RangeRequest_SortTarget_name, int32(x)) } -func (RangeRequest_SortTarget) EnumDescriptor() ([]byte, []int) { return fileDescriptorRpc, []int{1, 1} } +func (RangeRequest_SortTarget) EnumDescriptor() ([]byte, []int) { + return fileDescriptorRpc, []int{1, 1} +} type Compare_CompareResult int32 diff --git a/vendor/go.etcd.io/etcd/etcdserver/metrics.go b/vendor/go.etcd.io/etcd/etcdserver/metrics.go index e0c0cde85538..3e24e8043809 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/metrics.go +++ b/vendor/go.etcd.io/etcd/etcdserver/metrics.go @@ -151,6 +151,19 @@ var ( Help: "Server or member ID in hexadecimal format. 1 for 'server_id' label with current ID.", }, []string{"server_id"}) + + fdUsed = prometheus.NewGauge(prometheus.GaugeOpts{ + Namespace: "os", + Subsystem: "fd", + Name: "used", + Help: "The number of used file descriptors.", + }) + fdLimit = prometheus.NewGauge(prometheus.GaugeOpts{ + Namespace: "os", + Subsystem: "fd", + Name: "limit", + Help: "The file descriptor limit.", + }) ) func init() { @@ -174,6 +187,8 @@ func init() { prometheus.MustRegister(isLearner) prometheus.MustRegister(learnerPromoteSucceed) prometheus.MustRegister(learnerPromoteFailed) + prometheus.MustRegister(fdUsed) + prometheus.MustRegister(fdLimit) currentVersion.With(prometheus.Labels{ "server_version": version.Version, @@ -184,7 +199,12 @@ func init() { } func monitorFileDescriptor(lg *zap.Logger, done <-chan struct{}) { - ticker := time.NewTicker(5 * time.Second) + // This ticker will check File Descriptor Requirements ,and count all fds in used. + // And recorded some logs when in used >= limit/5*4. Just recorded message. + // If fds was more than 10K,It's low performance due to FDUsage() works. + // So need to increase it. + // See https://github.com/etcd-io/etcd/issues/11969 for more detail. + ticker := time.NewTicker(10 * time.Minute) defer ticker.Stop() for { used, err := runtime.FDUsage() @@ -196,6 +216,7 @@ func monitorFileDescriptor(lg *zap.Logger, done <-chan struct{}) { } return } + fdUsed.Set(float64(used)) limit, err := runtime.FDLimit() if err != nil { if lg != nil { @@ -205,6 +226,7 @@ func monitorFileDescriptor(lg *zap.Logger, done <-chan struct{}) { } return } + fdLimit.Set(float64(limit)) if used >= limit/5*4 { if lg != nil { lg.Warn("80% of file descriptors are used", zap.Uint64("used", used), zap.Uint64("limit", limit)) diff --git a/vendor/go.etcd.io/etcd/etcdserver/raft.go b/vendor/go.etcd.io/etcd/etcdserver/raft.go index c0fe97905391..df08e3de3feb 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/raft.go +++ b/vendor/go.etcd.io/etcd/etcdserver/raft.go @@ -231,12 +231,26 @@ func (r *raftNode) start(rh *raftReadyHandler) { r.transport.Send(r.processMessages(rd.Messages)) } + // Must save the snapshot file and WAL snapshot entry before saving any other entries or hardstate to + // ensure that recovery after a snapshot restore is possible. + if !raft.IsEmptySnap(rd.Snapshot) { + // gofail: var raftBeforeSaveSnap struct{} + if err := r.storage.SaveSnap(rd.Snapshot); err != nil { + if r.lg != nil { + r.lg.Fatal("failed to save Raft snapshot", zap.Error(err)) + } else { + plog.Fatalf("failed to save Raft snapshot %v", err) + } + } + // gofail: var raftAfterSaveSnap struct{} + } + // gofail: var raftBeforeSave struct{} if err := r.storage.Save(rd.HardState, rd.Entries); err != nil { if r.lg != nil { r.lg.Fatal("failed to save Raft hard state and entries", zap.Error(err)) } else { - plog.Fatalf("raft save state and entries error: %v", err) + plog.Fatalf("failed to save state and entries error: %v", err) } } if !raft.IsEmptyHardState(rd.HardState) { @@ -245,18 +259,22 @@ func (r *raftNode) start(rh *raftReadyHandler) { // gofail: var raftAfterSave struct{} if !raft.IsEmptySnap(rd.Snapshot) { - // gofail: var raftBeforeSaveSnap struct{} - if err := r.storage.SaveSnap(rd.Snapshot); err != nil { + // Force WAL to fsync its hard state before Release() releases + // old data from the WAL. Otherwise could get an error like: + // panic: tocommit(107) is out of range [lastIndex(84)]. Was the raft log corrupted, truncated, or lost? + // See https://github.com/etcd-io/etcd/issues/10219 for more details. + if err := r.storage.Sync(); err != nil { if r.lg != nil { - r.lg.Fatal("failed to save Raft snapshot", zap.Error(err)) + r.lg.Fatal("failed to sync Raft snapshot", zap.Error(err)) } else { - plog.Fatalf("raft save snapshot error: %v", err) + plog.Fatalf("failed to sync Raft snapshot %v", err) } } + // etcdserver now claim the snapshot has been persisted onto the disk notifyc <- struct{}{} - // gofail: var raftAfterSaveSnap struct{} + // gofail: var raftBeforeApplySnap struct{} r.raftStorage.ApplySnapshot(rd.Snapshot) if r.lg != nil { r.lg.Info("applied incoming Raft snapshot", zap.Uint64("snapshot-index", rd.Snapshot.Metadata.Index)) @@ -264,6 +282,15 @@ func (r *raftNode) start(rh *raftReadyHandler) { plog.Infof("raft applied incoming snapshot at index %d", rd.Snapshot.Metadata.Index) } // gofail: var raftAfterApplySnap struct{} + + if err := r.storage.Release(rd.Snapshot); err != nil { + if r.lg != nil { + r.lg.Fatal("failed to release Raft wal", zap.Error(err)) + } else { + plog.Fatalf("failed to release Raft wal %v", err) + } + } + // gofail: var raftAfterWALRelease struct{} } r.raftStorage.Append(rd.Entries) @@ -438,6 +465,9 @@ func startNode(cfg ServerConfig, cl *membership.RaftCluster, ids []types.ID) (id plog.Panicf("create wal error: %v", err) } } + if cfg.UnsafeNoFsync { + w.SetUnsafeNoFsync() + } peers := make([]raft.Peer, len(ids)) for i, id := range ids { var ctx []byte @@ -500,7 +530,7 @@ func restartNode(cfg ServerConfig, snapshot *raftpb.Snapshot) (types.ID, *member if snapshot != nil { walsnap.Index, walsnap.Term = snapshot.Metadata.Index, snapshot.Metadata.Term } - w, id, cid, st, ents := readWAL(cfg.Logger, cfg.WALDir(), walsnap) + w, id, cid, st, ents := readWAL(cfg.Logger, cfg.WALDir(), walsnap, cfg.UnsafeNoFsync) if cfg.Logger != nil { cfg.Logger.Info( @@ -555,7 +585,7 @@ func restartAsStandaloneNode(cfg ServerConfig, snapshot *raftpb.Snapshot) (types if snapshot != nil { walsnap.Index, walsnap.Term = snapshot.Metadata.Index, snapshot.Metadata.Term } - w, id, cid, st, ents := readWAL(cfg.Logger, cfg.WALDir(), walsnap) + w, id, cid, st, ents := readWAL(cfg.Logger, cfg.WALDir(), walsnap, cfg.UnsafeNoFsync) // discard the previously uncommitted entries for i, ent := range ents { diff --git a/vendor/go.etcd.io/etcd/etcdserver/server.go b/vendor/go.etcd.io/etcd/etcdserver/server.go index 976acd684c17..a341625dccb1 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/server.go +++ b/vendor/go.etcd.io/etcd/etcdserver/server.go @@ -29,6 +29,10 @@ import ( "sync/atomic" "time" + "github.com/coreos/go-semver/semver" + "github.com/coreos/pkg/capnslog" + humanize "github.com/dustin/go-humanize" + "github.com/prometheus/client_golang/prometheus" "go.etcd.io/etcd/auth" "go.etcd.io/etcd/etcdserver/api" "go.etcd.io/etcd/etcdserver/api/membership" @@ -57,11 +61,6 @@ import ( "go.etcd.io/etcd/raft/raftpb" "go.etcd.io/etcd/version" "go.etcd.io/etcd/wal" - - "github.com/coreos/go-semver/semver" - "github.com/coreos/pkg/capnslog" - humanize "github.com/dustin/go-humanize" - "github.com/prometheus/client_golang/prometheus" "go.uber.org/zap" ) @@ -426,10 +425,19 @@ func NewServer(cfg ServerConfig) (srv *EtcdServer, err error) { plog.Warningf("discovery token ignored since a cluster has already been initialized. Valid log found at %q", cfg.WALDir()) } } - snapshot, err = ss.Load() + + // Find a snapshot to start/restart a raft node + walSnaps, serr := wal.ValidSnapshotEntries(cfg.Logger, cfg.WALDir()) + if serr != nil { + return nil, serr + } + // snapshot files can be orphaned if etcd crashes after writing them but before writing the corresponding + // wal log entries + snapshot, err = ss.LoadNewestAvailable(walSnaps) if err != nil && err != snap.ErrNoSnapshot { return nil, err } + if snapshot != nil { if err = st.Recovery(snapshot.Data); err != nil { if cfg.Logger != nil { @@ -540,7 +548,24 @@ func NewServer(cfg ServerConfig) (srv *EtcdServer, err error) { CheckpointInterval: cfg.LeaseCheckpointInterval, ExpiredLeasesRetryInterval: srv.Cfg.ReqTimeout(), }) - srv.kv = mvcc.New(srv.getLogger(), srv.be, srv.lessor, &srv.consistIndex, mvcc.StoreConfig{CompactionBatchLimit: cfg.CompactionBatchLimit}) + + tp, err := auth.NewTokenProvider(cfg.Logger, cfg.AuthToken, + func(index uint64) <-chan struct{} { + return srv.applyWait.Wait(index) + }, + time.Duration(cfg.TokenTTL)*time.Second, + ) + if err != nil { + if cfg.Logger != nil { + cfg.Logger.Warn("failed to create token provider", zap.Error(err)) + } else { + plog.Warningf("failed to create token provider,err is %v", err) + } + return nil, err + } + srv.authStore = auth.NewAuthStore(srv.getLogger(), srv.be, tp, int(cfg.BcryptCost)) + + srv.kv = mvcc.New(srv.getLogger(), srv.be, srv.lessor, srv.authStore, &srv.consistIndex, mvcc.StoreConfig{CompactionBatchLimit: cfg.CompactionBatchLimit}) if beExist { kvindex := srv.kv.ConsistentIndex() // TODO: remove kvindex != 0 checking when we do not expect users to upgrade @@ -569,20 +594,6 @@ func NewServer(cfg ServerConfig) (srv *EtcdServer, err error) { }() srv.consistIndex.setConsistentIndex(srv.kv.ConsistentIndex()) - tp, err := auth.NewTokenProvider(cfg.Logger, cfg.AuthToken, - func(index uint64) <-chan struct{} { - return srv.applyWait.Wait(index) - }, - ) - if err != nil { - if cfg.Logger != nil { - cfg.Logger.Warn("failed to create token provider", zap.Error(err)) - } else { - plog.Errorf("failed to create token provider: %s", err) - } - return nil, err - } - srv.authStore = auth.NewAuthStore(srv.getLogger(), srv.be, tp, int(cfg.BcryptCost)) if num := cfg.AutoCompactionRetention; num != 0 { srv.compactor, err = v3compactor.New(cfg.Logger, cfg.AutoCompactionMode, num, srv.kv, srv) if err != nil { @@ -807,12 +818,13 @@ func (s *EtcdServer) start() { func (s *EtcdServer) purgeFile() { var dberrc, serrc, werrc <-chan error + var dbdonec, sdonec, wdonec <-chan struct{} if s.Cfg.MaxSnapFiles > 0 { - dberrc = fileutil.PurgeFile(s.getLogger(), s.Cfg.SnapDir(), "snap.db", s.Cfg.MaxSnapFiles, purgeFileInterval, s.done) - serrc = fileutil.PurgeFile(s.getLogger(), s.Cfg.SnapDir(), "snap", s.Cfg.MaxSnapFiles, purgeFileInterval, s.done) + dbdonec, dberrc = fileutil.PurgeFileWithDoneNotify(s.getLogger(), s.Cfg.SnapDir(), "snap.db", s.Cfg.MaxSnapFiles, purgeFileInterval, s.stopping) + sdonec, serrc = fileutil.PurgeFileWithDoneNotify(s.getLogger(), s.Cfg.SnapDir(), "snap", s.Cfg.MaxSnapFiles, purgeFileInterval, s.stopping) } if s.Cfg.MaxWALFiles > 0 { - werrc = fileutil.PurgeFile(s.getLogger(), s.Cfg.WALDir(), "wal", s.Cfg.MaxWALFiles, purgeFileInterval, s.done) + wdonec, werrc = fileutil.PurgeFileWithDoneNotify(s.getLogger(), s.Cfg.WALDir(), "wal", s.Cfg.MaxWALFiles, purgeFileInterval, s.stopping) } lg := s.getLogger() @@ -836,6 +848,15 @@ func (s *EtcdServer) purgeFile() { plog.Fatalf("failed to purge wal file %v", e) } case <-s.stopping: + if dbdonec != nil { + <-dbdonec + } + if sdonec != nil { + <-sdonec + } + if wdonec != nil { + <-wdonec + } return } } @@ -2358,8 +2379,7 @@ func (s *EtcdServer) snapshot(snapi uint64, confState raftpb.ConfState) { plog.Panicf("unexpected create snapshot error %v", err) } } - // SaveSnap saves the snapshot and releases the locked wal files - // to the snapshot index. + // SaveSnap saves the snapshot to file and appends the corresponding WAL entry. if err = s.r.storage.SaveSnap(snap); err != nil { if lg != nil { lg.Panic("failed to save snapshot", zap.Error(err)) @@ -2375,6 +2395,13 @@ func (s *EtcdServer) snapshot(snapi uint64, confState raftpb.ConfState) { } else { plog.Infof("saved snapshot at index %d", snap.Metadata.Index) } + if err = s.r.storage.Release(snap); err != nil { + if lg != nil { + lg.Panic("failed to release wal", zap.Error(err)) + } else { + plog.Panicf("failed to release wal %v", err) + } + } // When sending a snapshot, etcd will pause compaction. // After receives a snapshot, the slow follower needs to get all the entries right after diff --git a/vendor/go.etcd.io/etcd/etcdserver/storage.go b/vendor/go.etcd.io/etcd/etcdserver/storage.go index d57b6f9a58da..d87e51af0cbc 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/storage.go +++ b/vendor/go.etcd.io/etcd/etcdserver/storage.go @@ -36,6 +36,10 @@ type Storage interface { SaveSnap(snap raftpb.Snapshot) error // Close closes the Storage and performs finalization. Close() error + // Release releases the locked wal files older than the provided snapshot. + Release(snap raftpb.Snapshot) error + // Sync WAL + Sync() error } type storage struct { @@ -47,25 +51,38 @@ func NewStorage(w *wal.WAL, s *snap.Snapshotter) Storage { return &storage{w, s} } -// SaveSnap saves the snapshot to disk and release the locked -// wal files since they will not be used. +// SaveSnap saves the snapshot file to disk and writes the WAL snapshot entry. func (st *storage) SaveSnap(snap raftpb.Snapshot) error { walsnap := walpb.Snapshot{ Index: snap.Metadata.Index, Term: snap.Metadata.Term, } - err := st.WAL.SaveSnapshot(walsnap) + // save the snapshot file before writing the snapshot to the wal. + // This makes it possible for the snapshot file to become orphaned, but prevents + // a WAL snapshot entry from having no corresponding snapshot file. + err := st.Snapshotter.SaveSnap(snap) if err != nil { return err } - err = st.Snapshotter.SaveSnap(snap) - if err != nil { + // gofail: var raftBeforeWALSaveSnaphot struct{} + + return st.WAL.SaveSnapshot(walsnap) +} + +// Release releases resources older than the given snap and are no longer needed: +// - releases the locks to the wal files that are older than the provided wal for the given snap. +// - deletes any .snap.db files that are older than the given snap. +func (st *storage) Release(snap raftpb.Snapshot) error { + if err := st.WAL.ReleaseLockTo(snap.Metadata.Index); err != nil { return err } - return st.WAL.ReleaseLockTo(snap.Metadata.Index) + return st.Snapshotter.ReleaseSnapDBs(snap) } -func readWAL(lg *zap.Logger, waldir string, snap walpb.Snapshot) (w *wal.WAL, id, cid types.ID, st raftpb.HardState, ents []raftpb.Entry) { +// readWAL reads the WAL at the given snap and returns the wal, its latest HardState and cluster ID, and all entries that appear +// after the position of the given snap in the WAL. +// The snap must have been previously saved to the WAL, or this call will panic. +func readWAL(lg *zap.Logger, waldir string, snap walpb.Snapshot, unsafeNoFsync bool) (w *wal.WAL, id, cid types.ID, st raftpb.HardState, ents []raftpb.Entry) { var ( err error wmetadata []byte @@ -80,6 +97,9 @@ func readWAL(lg *zap.Logger, waldir string, snap walpb.Snapshot) (w *wal.WAL, id plog.Fatalf("open wal error: %v", err) } } + if unsafeNoFsync { + w.SetUnsafeNoFsync() + } if wmetadata, st, ents, err = w.ReadAll(); err != nil { w.Close() // we can only repair ErrUnexpectedEOF and we never repair twice. diff --git a/vendor/go.etcd.io/etcd/etcdserver/util.go b/vendor/go.etcd.io/etcd/etcdserver/util.go index fe5024ef00d1..3050ab04a860 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/util.go +++ b/vendor/go.etcd.io/etcd/etcdserver/util.go @@ -111,6 +111,25 @@ func warnOfExpensiveRequest(lg *zap.Logger, now time.Time, reqStringer fmt.Strin warnOfExpensiveGenericRequest(lg, now, reqStringer, "", resp, err) } +func warnOfFailedRequest(lg *zap.Logger, now time.Time, reqStringer fmt.Stringer, respMsg proto.Message, err error) { + var resp string + if !isNil(respMsg) { + resp = fmt.Sprintf("size:%d", proto.Size(respMsg)) + } + d := time.Since(now) + if lg != nil { + lg.Warn( + "failed to apply request", + zap.Duration("took", d), + zap.String("request", reqStringer.String()), + zap.String("response", resp), + zap.Error(err), + ) + } else { + plog.Warningf("failed to apply request %q with response %q took (%v) to execute, err is %v", reqStringer.String(), resp, d, err) + } +} + func warnOfExpensiveReadOnlyTxnRequest(lg *zap.Logger, now time.Time, r *pb.TxnRequest, txnResponse *pb.TxnResponse, err error) { reqStringer := pb.NewLoggableTxnRequest(r) var resp string @@ -166,3 +185,21 @@ func warnOfExpensiveGenericRequest(lg *zap.Logger, now time.Time, reqStringer fm func isNil(msg proto.Message) bool { return msg == nil || reflect.ValueOf(msg).IsNil() } + +// panicAlternativeStringer wraps a fmt.Stringer, and if calling String() panics, calls the alternative instead. +// This is needed to ensure logging slow v2 requests does not panic, which occurs when running integration tests +// with the embedded server with github.com/golang/protobuf v1.4.0+. See https://github.com/etcd-io/etcd/issues/12197. +type panicAlternativeStringer struct { + stringer fmt.Stringer + alternative func() string +} + +func (n panicAlternativeStringer) String() (s string) { + defer func() { + if err := recover(); err != nil { + s = n.alternative() + } + }() + s = n.stringer.String() + return s +} diff --git a/vendor/go.etcd.io/etcd/etcdserver/v3_server.go b/vendor/go.etcd.io/etcd/etcdserver/v3_server.go index bfe08ea35c12..1fa8e4e6fc7f 100644 --- a/vendor/go.etcd.io/etcd/etcdserver/v3_server.go +++ b/vendor/go.etcd.io/etcd/etcdserver/v3_server.go @@ -428,9 +428,10 @@ func (s *EtcdServer) Authenticate(ctx context.Context, r *pb.AuthenticateRequest return nil, err } + // internalReq doesn't need to have Password because the above s.AuthStore().CheckPassword() already did it. + // In addition, it will let a WAL entry not record password as a plain text. internalReq := &pb.InternalAuthenticateRequest{ Name: r.Name, - Password: r.Password, SimpleToken: st, } @@ -577,12 +578,7 @@ func (s *EtcdServer) raftRequestOnce(ctx context.Context, r pb.InternalRaftReque } func (s *EtcdServer) raftRequest(ctx context.Context, r pb.InternalRaftRequest) (proto.Message, error) { - for { - resp, err := s.raftRequestOnce(ctx, r) - if err != auth.ErrAuthOldRevision { - return resp, err - } - } + return s.raftRequestOnce(ctx, r) } // doSerialize handles the auth logic, with permissions checked by "chk", for a serialized request "get". Returns a non-nil error on authentication failure. diff --git a/vendor/go.etcd.io/etcd/integration/cluster.go b/vendor/go.etcd.io/etcd/integration/cluster.go index 7c3e07018911..e685d6b59cd6 100644 --- a/vendor/go.etcd.io/etcd/integration/cluster.go +++ b/vendor/go.etcd.io/etcd/integration/cluster.go @@ -152,6 +152,8 @@ type ClusterConfig struct { EnableLeaseCheckpoint bool LeaseCheckpointInterval time.Duration + + WatchProgressNotifyInterval time.Duration } type cluster struct { @@ -279,23 +281,24 @@ func (c *cluster) HTTPMembers() []client.Member { func (c *cluster) mustNewMember(t testing.TB) *member { m := mustNewMember(t, memberConfig{ - name: c.name(rand.Int()), - authToken: c.cfg.AuthToken, - peerTLS: c.cfg.PeerTLS, - clientTLS: c.cfg.ClientTLS, - quotaBackendBytes: c.cfg.QuotaBackendBytes, - maxTxnOps: c.cfg.MaxTxnOps, - maxRequestBytes: c.cfg.MaxRequestBytes, - snapshotCount: c.cfg.SnapshotCount, - snapshotCatchUpEntries: c.cfg.SnapshotCatchUpEntries, - grpcKeepAliveMinTime: c.cfg.GRPCKeepAliveMinTime, - grpcKeepAliveInterval: c.cfg.GRPCKeepAliveInterval, - grpcKeepAliveTimeout: c.cfg.GRPCKeepAliveTimeout, - clientMaxCallSendMsgSize: c.cfg.ClientMaxCallSendMsgSize, - clientMaxCallRecvMsgSize: c.cfg.ClientMaxCallRecvMsgSize, - useIP: c.cfg.UseIP, - enableLeaseCheckpoint: c.cfg.EnableLeaseCheckpoint, - leaseCheckpointInterval: c.cfg.LeaseCheckpointInterval, + name: c.name(rand.Int()), + authToken: c.cfg.AuthToken, + peerTLS: c.cfg.PeerTLS, + clientTLS: c.cfg.ClientTLS, + quotaBackendBytes: c.cfg.QuotaBackendBytes, + maxTxnOps: c.cfg.MaxTxnOps, + maxRequestBytes: c.cfg.MaxRequestBytes, + snapshotCount: c.cfg.SnapshotCount, + snapshotCatchUpEntries: c.cfg.SnapshotCatchUpEntries, + grpcKeepAliveMinTime: c.cfg.GRPCKeepAliveMinTime, + grpcKeepAliveInterval: c.cfg.GRPCKeepAliveInterval, + grpcKeepAliveTimeout: c.cfg.GRPCKeepAliveTimeout, + clientMaxCallSendMsgSize: c.cfg.ClientMaxCallSendMsgSize, + clientMaxCallRecvMsgSize: c.cfg.ClientMaxCallRecvMsgSize, + useIP: c.cfg.UseIP, + enableLeaseCheckpoint: c.cfg.EnableLeaseCheckpoint, + leaseCheckpointInterval: c.cfg.LeaseCheckpointInterval, + WatchProgressNotifyInterval: c.cfg.WatchProgressNotifyInterval, }) m.DiscoveryURL = c.cfg.DiscoveryURL if c.cfg.UseGRPC { @@ -568,23 +571,24 @@ type member struct { func (m *member) GRPCAddr() string { return m.grpcAddr } type memberConfig struct { - name string - peerTLS *transport.TLSInfo - clientTLS *transport.TLSInfo - authToken string - quotaBackendBytes int64 - maxTxnOps uint - maxRequestBytes uint - snapshotCount uint64 - snapshotCatchUpEntries uint64 - grpcKeepAliveMinTime time.Duration - grpcKeepAliveInterval time.Duration - grpcKeepAliveTimeout time.Duration - clientMaxCallSendMsgSize int - clientMaxCallRecvMsgSize int - useIP bool - enableLeaseCheckpoint bool - leaseCheckpointInterval time.Duration + name string + peerTLS *transport.TLSInfo + clientTLS *transport.TLSInfo + authToken string + quotaBackendBytes int64 + maxTxnOps uint + maxRequestBytes uint + snapshotCount uint64 + snapshotCatchUpEntries uint64 + grpcKeepAliveMinTime time.Duration + grpcKeepAliveInterval time.Duration + grpcKeepAliveTimeout time.Duration + clientMaxCallSendMsgSize int + clientMaxCallRecvMsgSize int + useIP bool + enableLeaseCheckpoint bool + leaseCheckpointInterval time.Duration + WatchProgressNotifyInterval time.Duration } // mustNewMember return an inited member with the given name. If peerTLS is @@ -678,6 +682,8 @@ func mustNewMember(t testing.TB, mcfg memberConfig) *member { m.EnableLeaseCheckpoint = mcfg.enableLeaseCheckpoint m.LeaseCheckpointInterval = mcfg.leaseCheckpointInterval + m.WatchProgressNotifyInterval = mcfg.WatchProgressNotifyInterval + m.InitialCorruptCheck = true lcfg := logutil.DefaultZapLoggerConfig diff --git a/vendor/go.etcd.io/etcd/lease/lessor.go b/vendor/go.etcd.io/etcd/lease/lessor.go index b4437bd460ef..b16099fbf1fb 100644 --- a/vendor/go.etcd.io/etcd/lease/lessor.go +++ b/vendor/go.etcd.io/etcd/lease/lessor.go @@ -291,14 +291,14 @@ func (le *lessor) Grant(id LeaseID, ttl int64) (*Lease, error) { } le.leaseMap[id] = l - item := &LeaseWithTime{id: l.ID, time: l.expiry.UnixNano()} - le.leaseExpiredNotifier.RegisterOrUpdate(item) l.persistTo(le.b) leaseTotalTTLs.Observe(float64(l.ttl)) leaseGranted.Inc() if le.isPrimary() { + item := &LeaseWithTime{id: l.ID, time: l.expiry.UnixNano()} + le.leaseExpiredNotifier.RegisterOrUpdate(item) le.scheduleCheckpointIfNeeded(l) } @@ -505,6 +505,7 @@ func (le *lessor) Demote() { } le.clearScheduledLeasesCheckpoints() + le.clearLeaseExpiredNotifier() if le.demotec != nil { close(le.demotec) @@ -648,6 +649,10 @@ func (le *lessor) clearScheduledLeasesCheckpoints() { le.leaseCheckpointHeap = make(LeaseQueue, 0) } +func (le *lessor) clearLeaseExpiredNotifier() { + le.leaseExpiredNotifier = newLeaseExpiredNotifier() +} + // expireExists returns true if expiry items exist. // It pops only when expiry item exists. // "next" is true, to indicate that it may exist in next attempt. diff --git a/vendor/go.etcd.io/etcd/mvcc/backend/backend.go b/vendor/go.etcd.io/etcd/mvcc/backend/backend.go index bffd74950b46..523d358d5ae0 100644 --- a/vendor/go.etcd.io/etcd/mvcc/backend/backend.go +++ b/vendor/go.etcd.io/etcd/mvcc/backend/backend.go @@ -123,6 +123,8 @@ type BackendConfig struct { MmapSize uint64 // Logger logs backend-side operations. Logger *zap.Logger + // UnsafeNoFsync disables all uses of fsync. + UnsafeNoFsync bool `json:"unsafe-no-fsync"` } func DefaultBackendConfig() BackendConfig { @@ -150,6 +152,8 @@ func newBackend(bcfg BackendConfig) *backend { } bopts.InitialMmapSize = bcfg.mmapSize() bopts.FreelistType = bcfg.BackendFreelistType + bopts.NoSync = bcfg.UnsafeNoFsync + bopts.NoGrowSync = bcfg.UnsafeNoFsync db, err := bolt.Open(bcfg.Path, 0600, bopts) if err != nil { @@ -369,13 +373,27 @@ func (b *backend) defrag() error { b.batchTx.tx = nil - tmpdb, err := bolt.Open(b.db.Path()+".tmp", 0600, boltOpenOptions) + // Create a temporary file to ensure we start with a clean slate. + // Snapshotter.cleanupSnapdir cleans up any of these that are found during startup. + dir := filepath.Dir(b.db.Path()) + temp, err := ioutil.TempFile(dir, "db.tmp.*") + if err != nil { + return err + } + options := bolt.Options{} + if boltOpenOptions != nil { + options = *boltOpenOptions + } + options.OpenFile = func(path string, i int, mode os.FileMode) (file *os.File, err error) { + return temp, nil + } + tdbp := temp.Name() + tmpdb, err := bolt.Open(tdbp, 0600, &options) if err != nil { return err } dbp := b.db.Path() - tdbp := tmpdb.Path() size1, sizeInUse1 := b.Size(), b.SizeInUse() if b.lg != nil { b.lg.Info( @@ -387,11 +405,17 @@ func (b *backend) defrag() error { zap.String("current-db-size-in-use", humanize.Bytes(uint64(sizeInUse1))), ) } - + // gofail: var defragBeforeCopy struct{} err = defragdb(b.db, tmpdb, defragLimit) if err != nil { tmpdb.Close() - os.RemoveAll(tmpdb.Path()) + if rmErr := os.RemoveAll(tmpdb.Path()); rmErr != nil { + if b.lg != nil { + b.lg.Error("failed to remove db.tmp after defragmentation completed", zap.Error(rmErr)) + } else { + plog.Fatalf("failed to remove db.tmp after defragmentation completed: %v", rmErr) + } + } return err } @@ -411,6 +435,7 @@ func (b *backend) defrag() error { plog.Fatalf("cannot close database (%s)", err) } } + // gofail: var defragBeforeRename struct{} err = os.Rename(tdbp, dbp) if err != nil { if b.lg != nil { diff --git a/vendor/go.etcd.io/etcd/mvcc/kvstore.go b/vendor/go.etcd.io/etcd/mvcc/kvstore.go index ed05bc288259..6752038083a6 100644 --- a/vendor/go.etcd.io/etcd/mvcc/kvstore.go +++ b/vendor/go.etcd.io/etcd/mvcc/kvstore.go @@ -163,14 +163,18 @@ func NewStore(lg *zap.Logger, b backend.Backend, le lease.Lessor, ig ConsistentI func (s *store) compactBarrier(ctx context.Context, ch chan struct{}) { if ctx == nil || ctx.Err() != nil { - s.mu.Lock() select { case <-s.stopc: default: + // fix deadlock in mvcc,for more information, please refer to pr 11817. + // s.stopc is only updated in restore operation, which is called by apply + // snapshot call, compaction and apply snapshot requests are serialized by + // raft, and do not happen at the same time. + s.mu.Lock() f := func(ctx context.Context) { s.compactBarrier(ctx, ch) } s.fifoSched.Schedule(f) + s.mu.Unlock() } - s.mu.Unlock() return } close(ch) @@ -271,15 +275,15 @@ func (s *store) updateCompactRev(rev int64) (<-chan struct{}, error) { } func (s *store) compact(trace *traceutil.Trace, rev int64) (<-chan struct{}, error) { - start := time.Now() - keep := s.kvindex.Compact(rev) - trace.Step("compact in-memory index tree") ch := make(chan struct{}) var j = func(ctx context.Context) { if ctx.Err() != nil { s.compactBarrier(ctx, ch) return } + start := time.Now() + keep := s.kvindex.Compact(rev) + indexCompactionPauseMs.Observe(float64(time.Since(start) / time.Millisecond)) if !s.scheduleCompaction(rev, keep) { s.compactBarrier(nil, ch) return @@ -288,8 +292,6 @@ func (s *store) compact(trace *traceutil.Trace, rev int64) (<-chan struct{}, err } s.fifoSched.Schedule(j) - - indexCompactionPauseMs.Observe(float64(time.Since(start) / time.Millisecond)) trace.Step("schedule compaction") return ch, nil } diff --git a/vendor/go.etcd.io/etcd/mvcc/kvstore_compaction.go b/vendor/go.etcd.io/etcd/mvcc/kvstore_compaction.go index 2adb4985437b..4c6b062b433d 100644 --- a/vendor/go.etcd.io/etcd/mvcc/kvstore_compaction.go +++ b/vendor/go.etcd.io/etcd/mvcc/kvstore_compaction.go @@ -43,6 +43,7 @@ func (s *store) scheduleCompaction(compactMainRev int64, keep map[revision]struc rev = bytesToRev(key) if _, ok := keep[rev]; !ok { tx.UnsafeDelete(keyBucketName, key) + keyCompactions++ } } diff --git a/vendor/go.etcd.io/etcd/mvcc/metrics.go b/vendor/go.etcd.io/etcd/mvcc/metrics.go index 7526ee4b593a..42932c40d348 100644 --- a/vendor/go.etcd.io/etcd/mvcc/metrics.go +++ b/vendor/go.etcd.io/etcd/mvcc/metrics.go @@ -296,6 +296,14 @@ var ( // overridden by mvcc initialization reportCompactRevMu sync.RWMutex reportCompactRev = func() float64 { return 0 } + + totalPutSizeGauge = prometheus.NewGauge( + prometheus.GaugeOpts{ + Namespace: "etcd_debugging", + Subsystem: "mvcc", + Name: "total_put_size_in_bytes", + Help: "The total size of put kv pairs seen by this member.", + }) ) func init() { @@ -325,6 +333,7 @@ func init() { prometheus.MustRegister(hashRevSec) prometheus.MustRegister(currentRev) prometheus.MustRegister(compactRev) + prometheus.MustRegister(totalPutSizeGauge) } // ReportEventReceived reports that an event is received. diff --git a/vendor/go.etcd.io/etcd/mvcc/metrics_txn.go b/vendor/go.etcd.io/etcd/mvcc/metrics_txn.go index 64b629c785b6..17f1b31caf7d 100644 --- a/vendor/go.etcd.io/etcd/mvcc/metrics_txn.go +++ b/vendor/go.etcd.io/etcd/mvcc/metrics_txn.go @@ -21,14 +21,15 @@ type metricsTxnWrite struct { ranges uint puts uint deletes uint + putSize int64 } func newMetricsTxnRead(tr TxnRead) TxnRead { - return &metricsTxnWrite{&txnReadWrite{tr}, 0, 0, 0} + return &metricsTxnWrite{&txnReadWrite{tr}, 0, 0, 0, 0} } func newMetricsTxnWrite(tw TxnWrite) TxnWrite { - return &metricsTxnWrite{tw, 0, 0, 0} + return &metricsTxnWrite{tw, 0, 0, 0, 0} } func (tw *metricsTxnWrite) Range(key, end []byte, ro RangeOptions) (*RangeResult, error) { @@ -43,6 +44,8 @@ func (tw *metricsTxnWrite) DeleteRange(key, end []byte) (n, rev int64) { func (tw *metricsTxnWrite) Put(key, value []byte, lease lease.LeaseID) (rev int64) { tw.puts++ + size := int64(len(key) + len(value)) + tw.putSize += size return tw.TxnWrite.Put(key, value, lease) } @@ -60,6 +63,7 @@ func (tw *metricsTxnWrite) End() { puts := float64(tw.puts) putCounter.Add(puts) putCounterDebug.Add(puts) // TODO: remove in 3.5 release + totalPutSizeGauge.Add(float64(tw.putSize)) deletes := float64(tw.deletes) deleteCounter.Add(deletes) diff --git a/vendor/go.etcd.io/etcd/mvcc/watchable_store.go b/vendor/go.etcd.io/etcd/mvcc/watchable_store.go index a51e5aa529b3..55d0e9dee91e 100644 --- a/vendor/go.etcd.io/etcd/mvcc/watchable_store.go +++ b/vendor/go.etcd.io/etcd/mvcc/watchable_store.go @@ -15,6 +15,7 @@ package mvcc import ( + "go.etcd.io/etcd/auth" "sync" "time" @@ -29,9 +30,8 @@ import ( var ( // chanBufLen is the length of the buffered chan // for sending out watched events. - // TODO: find a good buf value. 1024 is just a random one that - // seems to be reasonable. - chanBufLen = 1024 + // See https://github.com/etcd-io/etcd/issues/11906 for more detail. + chanBufLen = 128 // maxWatchersPerSync is the number of watchers to sync in a single batch maxWatchersPerSync = 512 @@ -69,11 +69,11 @@ type watchableStore struct { // cancel operations. type cancelFunc func() -func New(lg *zap.Logger, b backend.Backend, le lease.Lessor, ig ConsistentIndexGetter, cfg StoreConfig) ConsistentWatchableKV { - return newWatchableStore(lg, b, le, ig, cfg) +func New(lg *zap.Logger, b backend.Backend, le lease.Lessor, as auth.AuthStore, ig ConsistentIndexGetter, cfg StoreConfig) ConsistentWatchableKV { + return newWatchableStore(lg, b, le, as, ig, cfg) } -func newWatchableStore(lg *zap.Logger, b backend.Backend, le lease.Lessor, ig ConsistentIndexGetter, cfg StoreConfig) *watchableStore { +func newWatchableStore(lg *zap.Logger, b backend.Backend, le lease.Lessor, as auth.AuthStore, ig ConsistentIndexGetter, cfg StoreConfig) *watchableStore { s := &watchableStore{ store: NewStore(lg, b, le, ig, cfg), victimc: make(chan struct{}, 1), @@ -87,6 +87,10 @@ func newWatchableStore(lg *zap.Logger, b backend.Backend, le lease.Lessor, ig Co // use this store as the deleter so revokes trigger watch events s.le.SetRangeDeleter(func() lease.TxnDelete { return s.Write(traceutil.TODO()) }) } + if as != nil { + // TODO: encapsulating consistentindex into a separate package + as.SetConsistentIndexSyncer(s.store.saveIndex) + } s.wg.Add(2) go s.syncWatchersLoop() go s.syncVictimsLoop() diff --git a/vendor/go.etcd.io/etcd/pkg/fileutil/dir_unix.go b/vendor/go.etcd.io/etcd/pkg/fileutil/dir_unix.go index 58a77dfc1a99..4ce15dc6bcf1 100644 --- a/vendor/go.etcd.io/etcd/pkg/fileutil/dir_unix.go +++ b/vendor/go.etcd.io/etcd/pkg/fileutil/dir_unix.go @@ -18,5 +18,10 @@ package fileutil import "os" +const ( + // PrivateDirMode grants owner to make/remove files inside the directory. + PrivateDirMode = 0700 +) + // OpenDir opens a directory for syncing. func OpenDir(path string) (*os.File, error) { return os.Open(path) } diff --git a/vendor/go.etcd.io/etcd/pkg/fileutil/dir_windows.go b/vendor/go.etcd.io/etcd/pkg/fileutil/dir_windows.go index c123395c0040..a10a90583c79 100644 --- a/vendor/go.etcd.io/etcd/pkg/fileutil/dir_windows.go +++ b/vendor/go.etcd.io/etcd/pkg/fileutil/dir_windows.go @@ -21,6 +21,11 @@ import ( "syscall" ) +const ( + // PrivateDirMode grants owner to make/remove files inside the directory. + PrivateDirMode = 0777 +) + // OpenDir opens a directory in windows with write access for syncing. func OpenDir(path string) (*os.File, error) { fd, err := openDir(path) diff --git a/vendor/go.etcd.io/etcd/pkg/fileutil/fileutil.go b/vendor/go.etcd.io/etcd/pkg/fileutil/fileutil.go index 5d9fb5303955..f36136182b9e 100644 --- a/vendor/go.etcd.io/etcd/pkg/fileutil/fileutil.go +++ b/vendor/go.etcd.io/etcd/pkg/fileutil/fileutil.go @@ -27,8 +27,6 @@ import ( const ( // PrivateFileMode grants owner to read/write a file. PrivateFileMode = 0600 - // PrivateDirMode grants owner to make/remove files inside the directory. - PrivateDirMode = 0700 ) var plog = capnslog.NewPackageLogger("go.etcd.io/etcd", "pkg/fileutil") @@ -46,14 +44,22 @@ func IsDirWriteable(dir string) error { // TouchDirAll is similar to os.MkdirAll. It creates directories with 0700 permission if any directory // does not exists. TouchDirAll also ensures the given directory is writable. func TouchDirAll(dir string) error { - // If path is already a directory, MkdirAll does nothing - // and returns nil. - err := os.MkdirAll(dir, PrivateDirMode) - if err != nil { - // if mkdirAll("a/text") and "text" is not - // a directory, this will return syscall.ENOTDIR - return err + // If path is already a directory, MkdirAll does nothing and returns nil, so, + // first check if dir exist with an expected permission mode. + if Exist(dir) { + err := CheckDirPermission(dir, PrivateDirMode) + if err != nil { + plog.Warningf("check file permission: %v", err) + } + } else { + err := os.MkdirAll(dir, PrivateDirMode) + if err != nil { + // if mkdirAll("a/text") and "text" is not + // a directory, this will return syscall.ENOTDIR + return err + } } + return IsDirWriteable(dir) } @@ -102,3 +108,22 @@ func ZeroToEnd(f *os.File) error { _, err = f.Seek(off, io.SeekStart) return err } + +// CheckDirPermission checks permission on an existing dir. +// Returns error if dir is empty or exist with a different permission than specified. +func CheckDirPermission(dir string, perm os.FileMode) error { + if !Exist(dir) { + return fmt.Errorf("directory %q empty, cannot check permission.", dir) + } + //check the existing permission on the directory + dirInfo, err := os.Stat(dir) + if err != nil { + return err + } + dirMode := dirInfo.Mode().Perm() + if dirMode != perm { + err = fmt.Errorf("directory %q exist, but the permission is %q. The recommended permission is %q to prevent possible unprivileged access to the data.", dir, dirInfo.Mode(), os.FileMode(PrivateDirMode)) + return err + } + return nil +} diff --git a/vendor/go.etcd.io/etcd/pkg/fileutil/purge.go b/vendor/go.etcd.io/etcd/pkg/fileutil/purge.go index fda96c371143..d116f340b6f4 100644 --- a/vendor/go.etcd.io/etcd/pkg/fileutil/purge.go +++ b/vendor/go.etcd.io/etcd/pkg/fileutil/purge.go @@ -25,13 +25,23 @@ import ( ) func PurgeFile(lg *zap.Logger, dirname string, suffix string, max uint, interval time.Duration, stop <-chan struct{}) <-chan error { - return purgeFile(lg, dirname, suffix, max, interval, stop, nil) + return purgeFile(lg, dirname, suffix, max, interval, stop, nil, nil) +} + +func PurgeFileWithDoneNotify(lg *zap.Logger, dirname string, suffix string, max uint, interval time.Duration, stop <-chan struct{}) (<-chan struct{}, <-chan error) { + doneC := make(chan struct{}) + errC := purgeFile(lg, dirname, suffix, max, interval, stop, nil, doneC) + return doneC, errC } // purgeFile is the internal implementation for PurgeFile which can post purged files to purgec if non-nil. -func purgeFile(lg *zap.Logger, dirname string, suffix string, max uint, interval time.Duration, stop <-chan struct{}, purgec chan<- string) <-chan error { +// if donec is non-nil, the function closes it to notify its exit. +func purgeFile(lg *zap.Logger, dirname string, suffix string, max uint, interval time.Duration, stop <-chan struct{}, purgec chan<- string, donec chan<- struct{}) <-chan error { errC := make(chan error, 1) go func() { + if donec != nil { + defer close(donec) + } for { fnames, err := ReadDir(dirname) if err != nil { diff --git a/vendor/go.etcd.io/etcd/pkg/ioutil/pagewriter.go b/vendor/go.etcd.io/etcd/pkg/ioutil/pagewriter.go index 72de1593d3ad..cf9a8dc664dc 100644 --- a/vendor/go.etcd.io/etcd/pkg/ioutil/pagewriter.go +++ b/vendor/go.etcd.io/etcd/pkg/ioutil/pagewriter.go @@ -95,12 +95,23 @@ func (pw *PageWriter) Write(p []byte) (n int, err error) { return n, werr } +// Flush flushes buffered data. func (pw *PageWriter) Flush() error { + _, err := pw.flush() + return err +} + +// FlushN flushes buffered data and returns the number of written bytes. +func (pw *PageWriter) FlushN() (int, error) { + return pw.flush() +} + +func (pw *PageWriter) flush() (int, error) { if pw.bufferedBytes == 0 { - return nil + return 0, nil } - _, err := pw.w.Write(pw.buf[:pw.bufferedBytes]) + n, err := pw.w.Write(pw.buf[:pw.bufferedBytes]) pw.pageOffset = (pw.pageOffset + pw.bufferedBytes) % pw.pageBytes pw.bufferedBytes = 0 - return err + return n, err } diff --git a/vendor/go.etcd.io/etcd/pkg/runtime/fds_linux.go b/vendor/go.etcd.io/etcd/pkg/runtime/fds_linux.go index 8e9359db28ca..4906d678ff42 100644 --- a/vendor/go.etcd.io/etcd/pkg/runtime/fds_linux.go +++ b/vendor/go.etcd.io/etcd/pkg/runtime/fds_linux.go @@ -16,7 +16,7 @@ package runtime import ( - "io/ioutil" + "os" "syscall" ) @@ -29,9 +29,20 @@ func FDLimit() (uint64, error) { } func FDUsage() (uint64, error) { - fds, err := ioutil.ReadDir("/proc/self/fd") + return countFiles("/proc/self/fd") +} + +// countFiles reads the directory named by dirname and returns the count. +// This is same as stdlib "io/ioutil.ReadDir" but without sorting. +func countFiles(dirname string) (uint64, error) { + f, err := os.Open(dirname) + if err != nil { + return 0, err + } + list, err := f.Readdir(-1) + f.Close() if err != nil { return 0, err } - return uint64(len(fds)), nil + return uint64(len(list)), nil } diff --git a/vendor/go.etcd.io/etcd/pkg/transport/listener.go b/vendor/go.etcd.io/etcd/pkg/transport/listener.go index 80e35bda59ad..7260e4d079c1 100644 --- a/vendor/go.etcd.io/etcd/pkg/transport/listener.go +++ b/vendor/go.etcd.io/etcd/pkg/transport/listener.go @@ -31,6 +31,7 @@ import ( "strings" "time" + "go.etcd.io/etcd/pkg/fileutil" "go.etcd.io/etcd/pkg/tlsutil" "go.uber.org/zap" @@ -114,10 +115,17 @@ func (info TLSInfo) Empty() bool { } func SelfCert(lg *zap.Logger, dirpath string, hosts []string, additionalUsages ...x509.ExtKeyUsage) (info TLSInfo, err error) { - if err = os.MkdirAll(dirpath, 0700); err != nil { + info.Logger = lg + err = fileutil.TouchDirAll(dirpath) + if err != nil { + if info.Logger != nil { + info.Logger.Warn( + "cannot create cert directory", + zap.Error(err), + ) + } return } - info.Logger = lg certPath := filepath.Join(dirpath, "cert.pem") keyPath := filepath.Join(dirpath, "key.pem") diff --git a/vendor/go.etcd.io/etcd/proxy/grpcproxy/metrics.go b/vendor/go.etcd.io/etcd/proxy/grpcproxy/metrics.go index fcab53d84e05..cab29c529e7c 100644 --- a/vendor/go.etcd.io/etcd/proxy/grpcproxy/metrics.go +++ b/vendor/go.etcd.io/etcd/proxy/grpcproxy/metrics.go @@ -89,6 +89,7 @@ func HandleMetrics(mux *http.ServeMux, c *http.Client, eps []string) { resp, err := c.Get(target) if err != nil { http.Error(w, "Internal server error", http.StatusInternalServerError) + return } defer resp.Body.Close() w.Header().Set("Content-Type", "text/plain; version=0.0.4") diff --git a/vendor/go.etcd.io/etcd/version/version.go b/vendor/go.etcd.io/etcd/version/version.go index 7d3a5720281b..ee97e461e7fa 100644 --- a/vendor/go.etcd.io/etcd/version/version.go +++ b/vendor/go.etcd.io/etcd/version/version.go @@ -26,7 +26,7 @@ import ( var ( // MinClusterVersion is the min cluster version this etcd binary is compatible with. MinClusterVersion = "3.0.0" - Version = "3.4.3" + Version = "3.4.13" APIVersion = "unknown" // Git SHA Value will be set during build diff --git a/vendor/go.etcd.io/etcd/wal/decoder.go b/vendor/go.etcd.io/etcd/wal/decoder.go index f2f01fd881c4..d007fe1c7483 100644 --- a/vendor/go.etcd.io/etcd/wal/decoder.go +++ b/vendor/go.etcd.io/etcd/wal/decoder.go @@ -59,6 +59,11 @@ func (d *decoder) decode(rec *walpb.Record) error { return d.decodeRecord(rec) } +// raft max message size is set to 1 MB in etcd server +// assume projects set reasonable message size limit, +// thus entry size should never exceed 10 MB +const maxWALEntrySizeLimit = int64(10 * 1024 * 1024) + func (d *decoder) decodeRecord(rec *walpb.Record) error { if len(d.brs) == 0 { return io.EOF @@ -79,6 +84,9 @@ func (d *decoder) decodeRecord(rec *walpb.Record) error { } recBytes, padBytes := decodeFrameSize(l) + if recBytes >= maxWALEntrySizeLimit-padBytes { + return ErrMaxWALEntrySizeLimitExceeded + } data := make([]byte, recBytes+padBytes) if _, err = io.ReadFull(d.brs[0], data); err != nil { diff --git a/vendor/go.etcd.io/etcd/wal/encoder.go b/vendor/go.etcd.io/etcd/wal/encoder.go index d3877ed5c4ed..4de853b69a9f 100644 --- a/vendor/go.etcd.io/etcd/wal/encoder.go +++ b/vendor/go.etcd.io/etcd/wal/encoder.go @@ -92,7 +92,8 @@ func (e *encoder) encode(rec *walpb.Record) error { if padBytes != 0 { data = append(data, make([]byte, padBytes)...) } - _, err = e.bw.Write(data) + n, err = e.bw.Write(data) + walWriteBytes.Add(float64(n)) return err } @@ -108,13 +109,16 @@ func encodeFrameSize(dataBytes int) (lenField uint64, padBytes int) { func (e *encoder) flush() error { e.mu.Lock() - defer e.mu.Unlock() - return e.bw.Flush() + n, err := e.bw.FlushN() + e.mu.Unlock() + walWriteBytes.Add(float64(n)) + return err } func writeUint64(w io.Writer, n uint64, buf []byte) error { // http://golang.org/src/encoding/binary/binary.go binary.LittleEndian.PutUint64(buf, n) - _, err := w.Write(buf) + nv, err := w.Write(buf) + walWriteBytes.Add(float64(nv)) return err } diff --git a/vendor/go.etcd.io/etcd/wal/metrics.go b/vendor/go.etcd.io/etcd/wal/metrics.go index 22cb8003c98b..814d654cdd30 100644 --- a/vendor/go.etcd.io/etcd/wal/metrics.go +++ b/vendor/go.etcd.io/etcd/wal/metrics.go @@ -27,8 +27,16 @@ var ( // highest bucket start of 0.001 sec * 2^13 == 8.192 sec Buckets: prometheus.ExponentialBuckets(0.001, 2, 14), }) + + walWriteBytes = prometheus.NewGauge(prometheus.GaugeOpts{ + Namespace: "etcd", + Subsystem: "disk", + Name: "wal_write_bytes_total", + Help: "Total number of bytes written in WAL.", + }) ) func init() { prometheus.MustRegister(walFsyncSec) + prometheus.MustRegister(walWriteBytes) } diff --git a/vendor/go.etcd.io/etcd/wal/repair.go b/vendor/go.etcd.io/etcd/wal/repair.go index 15afed01744d..5c7c5d1759f7 100644 --- a/vendor/go.etcd.io/etcd/wal/repair.go +++ b/vendor/go.etcd.io/etcd/wal/repair.go @@ -18,10 +18,10 @@ import ( "io" "os" "path/filepath" + "time" "go.etcd.io/etcd/pkg/fileutil" "go.etcd.io/etcd/wal/walpb" - "go.uber.org/zap" ) @@ -105,6 +105,7 @@ func Repair(lg *zap.Logger, dirpath string) bool { return false } + start := time.Now() if err = fileutil.Fsync(f.File); err != nil { if lg != nil { lg.Warn("failed to fsync", zap.String("path", f.Name()), zap.Error(err)) @@ -113,6 +114,7 @@ func Repair(lg *zap.Logger, dirpath string) bool { } return false } + walFsyncSec.Observe(time.Since(start).Seconds()) if lg != nil { lg.Info("repaired", zap.String("path", f.Name()), zap.Error(io.ErrUnexpectedEOF)) diff --git a/vendor/go.etcd.io/etcd/wal/wal.go b/vendor/go.etcd.io/etcd/wal/wal.go index 5f6f21e3a539..1aced50bdd12 100644 --- a/vendor/go.etcd.io/etcd/wal/wal.go +++ b/vendor/go.etcd.io/etcd/wal/wal.go @@ -56,12 +56,15 @@ var ( plog = capnslog.NewPackageLogger("go.etcd.io/etcd", "wal") - ErrMetadataConflict = errors.New("wal: conflicting metadata found") - ErrFileNotFound = errors.New("wal: file not found") - ErrCRCMismatch = errors.New("wal: crc mismatch") - ErrSnapshotMismatch = errors.New("wal: snapshot mismatch") - ErrSnapshotNotFound = errors.New("wal: snapshot not found") - crcTable = crc32.MakeTable(crc32.Castagnoli) + ErrMetadataConflict = errors.New("wal: conflicting metadata found") + ErrFileNotFound = errors.New("wal: file not found") + ErrCRCMismatch = errors.New("wal: crc mismatch") + ErrSnapshotMismatch = errors.New("wal: snapshot mismatch") + ErrSnapshotNotFound = errors.New("wal: snapshot not found") + ErrSliceOutOfRange = errors.New("wal: slice bounds out of range") + ErrMaxWALEntrySizeLimitExceeded = errors.New("wal: max entry size limit exceeded") + ErrDecoderNotFound = errors.New("wal: decoder not found") + crcTable = crc32.MakeTable(crc32.Castagnoli) ) // WAL is a logical representation of the stable storage. @@ -84,6 +87,8 @@ type WAL struct { decoder *decoder // decoder to decode records readClose func() error // closer for decode reader + unsafeNoSync bool // if set, do not fsync + mu sync.Mutex enti uint64 // index of the last entry saved to the wal encoder *encoder // encoder to encode records @@ -93,7 +98,8 @@ type WAL struct { } // Create creates a WAL ready for appending records. The given metadata is -// recorded at the head of each WAL file, and can be retrieved with ReadAll. +// recorded at the head of each WAL file, and can be retrieved with ReadAll +// after the file is Open. func Create(lg *zap.Logger, dirpath string, metadata []byte) (*WAL, error) { if Exist(dirpath) { return nil, os.ErrExist @@ -204,6 +210,7 @@ func Create(lg *zap.Logger, dirpath string, metadata []byte) (*WAL, error) { } return nil, perr } + start := time.Now() if perr = fileutil.Fsync(pdir); perr != nil { if lg != nil { lg.Warn( @@ -215,6 +222,8 @@ func Create(lg *zap.Logger, dirpath string, metadata []byte) (*WAL, error) { } return nil, perr } + walFsyncSec.Observe(time.Since(start).Seconds()) + if perr = pdir.Close(); perr != nil { if lg != nil { lg.Warn( @@ -230,6 +239,10 @@ func Create(lg *zap.Logger, dirpath string, metadata []byte) (*WAL, error) { return w, nil } +func (w *WAL) SetUnsafeNoFsync() { + w.unsafeNoSync = true +} + func (w *WAL) cleanupWAL(lg *zap.Logger) { var err error if err = w.Close(); err != nil { @@ -425,6 +438,10 @@ func (w *WAL) ReadAll() (metadata []byte, state raftpb.HardState, ents []raftpb. defer w.mu.Unlock() rec := &walpb.Record{} + + if w.decoder == nil { + return nil, state, nil, ErrDecoderNotFound + } decoder := w.decoder var match bool @@ -432,8 +449,15 @@ func (w *WAL) ReadAll() (metadata []byte, state raftpb.HardState, ents []raftpb. switch rec.Type { case entryType: e := mustUnmarshalEntry(rec.Data) + // 0 <= e.Index-w.start.Index - 1 < len(ents) if e.Index > w.start.Index { - ents = append(ents[:e.Index-w.start.Index-1], e) + // prevent "panic: runtime error: slice bounds out of range [:13038096702221461992] with capacity 0" + up := e.Index - w.start.Index - 1 + if up > uint64(len(ents)) { + // return error before append call causes runtime panic + return nil, state, nil, ErrSliceOutOfRange + } + ents = append(ents[:up], e) } w.enti = e.Index @@ -529,6 +553,71 @@ func (w *WAL) ReadAll() (metadata []byte, state raftpb.HardState, ents []raftpb. return metadata, state, ents, err } +// ValidSnapshotEntries returns all the valid snapshot entries in the wal logs in the given directory. +// Snapshot entries are valid if their index is less than or equal to the most recent committed hardstate. +func ValidSnapshotEntries(lg *zap.Logger, walDir string) ([]walpb.Snapshot, error) { + var snaps []walpb.Snapshot + var state raftpb.HardState + var err error + + rec := &walpb.Record{} + names, err := readWALNames(lg, walDir) + if err != nil { + return nil, err + } + + // open wal files in read mode, so that there is no conflict + // when the same WAL is opened elsewhere in write mode + rs, _, closer, err := openWALFiles(lg, walDir, names, 0, false) + if err != nil { + return nil, err + } + defer func() { + if closer != nil { + closer() + } + }() + + // create a new decoder from the readers on the WAL files + decoder := newDecoder(rs...) + + for err = decoder.decode(rec); err == nil; err = decoder.decode(rec) { + switch rec.Type { + case snapshotType: + var loadedSnap walpb.Snapshot + pbutil.MustUnmarshal(&loadedSnap, rec.Data) + snaps = append(snaps, loadedSnap) + case stateType: + state = mustUnmarshalState(rec.Data) + case crcType: + crc := decoder.crc.Sum32() + // current crc of decoder must match the crc of the record. + // do no need to match 0 crc, since the decoder is a new one at this case. + if crc != 0 && rec.Validate(crc) != nil { + return nil, ErrCRCMismatch + } + decoder.updateCRC(rec.Crc) + } + } + // We do not have to read out all the WAL entries + // as the decoder is opened in read mode. + if err != io.EOF && err != io.ErrUnexpectedEOF { + return nil, err + } + + // filter out any snaps that are newer than the committed hardstate + n := 0 + for _, s := range snaps { + if s.Index <= state.Commit { + snaps[n] = s + n++ + } + } + snaps = snaps[:n:n] + + return snaps, nil +} + // Verify reads through the given WAL and verifies that it is not corrupted. // It creates a new decoder to read through the records of the given WAL. // It does not conflict with any open WAL, but it is recommended not to @@ -667,9 +756,11 @@ func (w *WAL) cut() error { if err = os.Rename(newTail.Name(), fpath); err != nil { return err } + start := time.Now() if err = fileutil.Fsync(w.dirFile); err != nil { return err } + walFsyncSec.Observe(time.Since(start).Seconds()) // reopen newTail with its new path so calls to Name() match the wal filename format newTail.Close() @@ -698,6 +789,9 @@ func (w *WAL) cut() error { } func (w *WAL) sync() error { + if w.unsafeNoSync { + return nil + } if w.encoder != nil { if err := w.encoder.flush(); err != nil { return err @@ -723,6 +817,10 @@ func (w *WAL) sync() error { return err } +func (w *WAL) Sync() error { + return w.sync() +} + // ReleaseLockTo releases the locks, which has smaller index than the given index // except the largest one among them. // For example, if WAL is holding lock 1,2,3,4,5,6, ReleaseLockTo(4) will release diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bson.go b/vendor/go.mongodb.org/mongo-driver/bson/bson.go deleted file mode 100644 index 37bf9811f315..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bson.go +++ /dev/null @@ -1,60 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// -// Based on gopkg.in/mgo.v2/bson by Gustavo Niemeyer -// See THIRD-PARTY-NOTICES for original license terms. - -// +build go1.9 - -package bson // import "go.mongodb.org/mongo-driver/bson" - -import ( - "go.mongodb.org/mongo-driver/bson/primitive" -) - -// Zeroer allows custom struct types to implement a report of zero -// state. All struct types that don't implement Zeroer or where IsZero -// returns false are considered to be not zero. -type Zeroer interface { - IsZero() bool -} - -// D represents a BSON Document. This type can be used to represent BSON in a concise and readable -// manner. It should generally be used when serializing to BSON. For deserializing, the Raw or -// Document types should be used. -// -// Example usage: -// -// bson.D{{"foo", "bar"}, {"hello", "world"}, {"pi", 3.14159}} -// -// This type should be used in situations where order matters, such as MongoDB commands. If the -// order is not important, a map is more comfortable and concise. -type D = primitive.D - -// E represents a BSON element for a D. It is usually used inside a D. -type E = primitive.E - -// M is an unordered, concise representation of a BSON Document. It should generally be used to -// serialize BSON when the order of the elements of a BSON document do not matter. If the element -// order matters, use a D instead. -// -// Example usage: -// -// bson.M{"foo": "bar", "hello": "world", "pi": 3.14159} -// -// This type is handled in the encoders as a regular map[string]interface{}. The elements will be -// serialized in an undefined, random order, and the order will be different each time. -type M = primitive.M - -// An A represents a BSON array. This type can be used to represent a BSON array in a concise and -// readable manner. It should generally be used when serializing to BSON. For deserializing, the -// RawArray or Array types should be used. -// -// Example usage: -// -// bson.A{"bar", "world", 3.14159, bson.D{{"qux", 12345}}} -// -type A = primitive.A diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bson_1_8.go b/vendor/go.mongodb.org/mongo-driver/bson/bson_1_8.go deleted file mode 100644 index caf5f50a716e..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bson_1_8.go +++ /dev/null @@ -1,91 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -// +build !go1.9 - -package bson // import "go.mongodb.org/mongo-driver/bson" - -import ( - "math" - "strconv" - "strings" -) - -// Zeroer allows custom struct types to implement a report of zero -// state. All struct types that don't implement Zeroer or where IsZero -// returns false are considered to be not zero. -type Zeroer interface { - IsZero() bool -} - -// D represents a BSON Document. This type can be used to represent BSON in a concise and readable -// manner. It should generally be used when serializing to BSON. For deserializing, the Raw or -// Document types should be used. -// -// Example usage: -// -// primitive.D{{"foo", "bar"}, {"hello", "world"}, {"pi", 3.14159}} -// -// This type should be used in situations where order matters, such as MongoDB commands. If the -// order is not important, a map is more comfortable and concise. -type D []E - -// Map creates a map from the elements of the D. -func (d D) Map() M { - m := make(M, len(d)) - for _, e := range d { - m[e.Key] = e.Value - } - return m -} - -// E represents a BSON element for a D. It is usually used inside a D. -type E struct { - Key string - Value interface{} -} - -// M is an unordered, concise representation of a BSON Document. It should generally be used to -// serialize BSON when the order of the elements of a BSON document do not matter. If the element -// order matters, use a D instead. -// -// Example usage: -// -// primitive.M{"foo": "bar", "hello": "world", "pi": 3.14159} -// -// This type is handled in the encoders as a regular map[string]interface{}. The elements will be -// serialized in an undefined, random order, and the order will be different each time. -type M map[string]interface{} - -// An A represents a BSON array. This type can be used to represent a BSON array in a concise and -// readable manner. It should generally be used when serializing to BSON. For deserializing, the -// RawArray or Array types should be used. -// -// Example usage: -// -// primitive.A{"bar", "world", 3.14159, primitive.D{{"qux", 12345}}} -// -type A []interface{} - -func formatDouble(f float64) string { - var s string - if math.IsInf(f, 1) { - s = "Infinity" - } else if math.IsInf(f, -1) { - s = "-Infinity" - } else if math.IsNaN(f) { - s = "NaN" - } else { - // Print exactly one decimalType place for integers; otherwise, print as many are necessary to - // perfectly represent it. - s = strconv.FormatFloat(f, 'G', -1, 64) - if !strings.ContainsRune(s, '.') { - s += ".0" - } - } - - return s -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/bsoncodec.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/bsoncodec.go deleted file mode 100644 index 0ebc9a156426..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/bsoncodec.go +++ /dev/null @@ -1,163 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec // import "go.mongodb.org/mongo-driver/bson/bsoncodec" - -import ( - "fmt" - "reflect" - "strings" - - "go.mongodb.org/mongo-driver/bson/bsonrw" - "go.mongodb.org/mongo-driver/bson/bsontype" -) - -// Marshaler is an interface implemented by types that can marshal themselves -// into a BSON document represented as bytes. The bytes returned must be a valid -// BSON document if the error is nil. -type Marshaler interface { - MarshalBSON() ([]byte, error) -} - -// ValueMarshaler is an interface implemented by types that can marshal -// themselves into a BSON value as bytes. The type must be the valid type for -// the bytes returned. The bytes and byte type together must be valid if the -// error is nil. -type ValueMarshaler interface { - MarshalBSONValue() (bsontype.Type, []byte, error) -} - -// Unmarshaler is an interface implemented by types that can unmarshal a BSON -// document representation of themselves. The BSON bytes can be assumed to be -// valid. UnmarshalBSON must copy the BSON bytes if it wishes to retain the data -// after returning. -type Unmarshaler interface { - UnmarshalBSON([]byte) error -} - -// ValueUnmarshaler is an interface implemented by types that can unmarshal a -// BSON value representaiton of themselves. The BSON bytes and type can be -// assumed to be valid. UnmarshalBSONValue must copy the BSON value bytes if it -// wishes to retain the data after returning. -type ValueUnmarshaler interface { - UnmarshalBSONValue(bsontype.Type, []byte) error -} - -// ValueEncoderError is an error returned from a ValueEncoder when the provided value can't be -// encoded by the ValueEncoder. -type ValueEncoderError struct { - Name string - Types []reflect.Type - Kinds []reflect.Kind - Received reflect.Value -} - -func (vee ValueEncoderError) Error() string { - typeKinds := make([]string, 0, len(vee.Types)+len(vee.Kinds)) - for _, t := range vee.Types { - typeKinds = append(typeKinds, t.String()) - } - for _, k := range vee.Kinds { - if k == reflect.Map { - typeKinds = append(typeKinds, "map[string]*") - continue - } - typeKinds = append(typeKinds, k.String()) - } - received := vee.Received.Kind().String() - if vee.Received.IsValid() { - received = vee.Received.Type().String() - } - return fmt.Sprintf("%s can only encode valid %s, but got %s", vee.Name, strings.Join(typeKinds, ", "), received) -} - -// ValueDecoderError is an error returned from a ValueDecoder when the provided value can't be -// decoded by the ValueDecoder. -type ValueDecoderError struct { - Name string - Types []reflect.Type - Kinds []reflect.Kind - Received reflect.Value -} - -func (vde ValueDecoderError) Error() string { - typeKinds := make([]string, 0, len(vde.Types)+len(vde.Kinds)) - for _, t := range vde.Types { - typeKinds = append(typeKinds, t.String()) - } - for _, k := range vde.Kinds { - if k == reflect.Map { - typeKinds = append(typeKinds, "map[string]*") - continue - } - typeKinds = append(typeKinds, k.String()) - } - received := vde.Received.Kind().String() - if vde.Received.IsValid() { - received = vde.Received.Type().String() - } - return fmt.Sprintf("%s can only decode valid and settable %s, but got %s", vde.Name, strings.Join(typeKinds, ", "), received) -} - -// EncodeContext is the contextual information required for a Codec to encode a -// value. -type EncodeContext struct { - *Registry - MinSize bool -} - -// DecodeContext is the contextual information required for a Codec to decode a -// value. -type DecodeContext struct { - *Registry - Truncate bool - // Ancestor is the type of a containing document. This is mainly used to determine what type - // should be used when decoding an embedded document into an empty interface. For example, if - // Ancestor is a bson.M, BSON embedded document values being decoded into an empty interface - // will be decoded into a bson.M. - Ancestor reflect.Type -} - -// ValueCodec is the interface that groups the methods to encode and decode -// values. -type ValueCodec interface { - ValueEncoder - ValueDecoder -} - -// ValueEncoder is the interface implemented by types that can handle the encoding of a value. -type ValueEncoder interface { - EncodeValue(EncodeContext, bsonrw.ValueWriter, reflect.Value) error -} - -// ValueEncoderFunc is an adapter function that allows a function with the correct signature to be -// used as a ValueEncoder. -type ValueEncoderFunc func(EncodeContext, bsonrw.ValueWriter, reflect.Value) error - -// EncodeValue implements the ValueEncoder interface. -func (fn ValueEncoderFunc) EncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - return fn(ec, vw, val) -} - -// ValueDecoder is the interface implemented by types that can handle the decoding of a value. -type ValueDecoder interface { - DecodeValue(DecodeContext, bsonrw.ValueReader, reflect.Value) error -} - -// ValueDecoderFunc is an adapter function that allows a function with the correct signature to be -// used as a ValueDecoder. -type ValueDecoderFunc func(DecodeContext, bsonrw.ValueReader, reflect.Value) error - -// DecodeValue implements the ValueDecoder interface. -func (fn ValueDecoderFunc) DecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - return fn(dc, vr, val) -} - -// CodecZeroer is the interface implemented by Codecs that can also determine if -// a value of the type that would be encoded is zero. -type CodecZeroer interface { - IsTypeZero(interface{}) bool -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/default_value_decoders.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/default_value_decoders.go deleted file mode 100644 index 65cd1c0a55c5..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/default_value_decoders.go +++ /dev/null @@ -1,1014 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec - -import ( - "encoding/json" - "errors" - "fmt" - "math" - "net/url" - "reflect" - "strconv" - "time" - - "go.mongodb.org/mongo-driver/bson/bsonrw" - "go.mongodb.org/mongo-driver/bson/bsontype" - "go.mongodb.org/mongo-driver/bson/primitive" - "go.mongodb.org/mongo-driver/x/bsonx/bsoncore" -) - -var defaultValueDecoders DefaultValueDecoders - -// DefaultValueDecoders is a namespace type for the default ValueDecoders used -// when creating a registry. -type DefaultValueDecoders struct{} - -// RegisterDefaultDecoders will register the decoder methods attached to DefaultValueDecoders with -// the provided RegistryBuilder. -// -// There is no support for decoding map[string]interface{} becuase there is no decoder for -// interface{}, so users must either register this decoder themselves or use the -// EmptyInterfaceDecoder avaialble in the bson package. -func (dvd DefaultValueDecoders) RegisterDefaultDecoders(rb *RegistryBuilder) { - if rb == nil { - panic(errors.New("argument to RegisterDefaultDecoders must not be nil")) - } - - rb. - RegisterDecoder(tBinary, ValueDecoderFunc(dvd.BinaryDecodeValue)). - RegisterDecoder(tUndefined, ValueDecoderFunc(dvd.UndefinedDecodeValue)). - RegisterDecoder(tDateTime, ValueDecoderFunc(dvd.DateTimeDecodeValue)). - RegisterDecoder(tNull, ValueDecoderFunc(dvd.NullDecodeValue)). - RegisterDecoder(tRegex, ValueDecoderFunc(dvd.RegexDecodeValue)). - RegisterDecoder(tDBPointer, ValueDecoderFunc(dvd.DBPointerDecodeValue)). - RegisterDecoder(tTimestamp, ValueDecoderFunc(dvd.TimestampDecodeValue)). - RegisterDecoder(tMinKey, ValueDecoderFunc(dvd.MinKeyDecodeValue)). - RegisterDecoder(tMaxKey, ValueDecoderFunc(dvd.MaxKeyDecodeValue)). - RegisterDecoder(tJavaScript, ValueDecoderFunc(dvd.JavaScriptDecodeValue)). - RegisterDecoder(tSymbol, ValueDecoderFunc(dvd.SymbolDecodeValue)). - RegisterDecoder(tByteSlice, ValueDecoderFunc(dvd.ByteSliceDecodeValue)). - RegisterDecoder(tTime, ValueDecoderFunc(dvd.TimeDecodeValue)). - RegisterDecoder(tEmpty, ValueDecoderFunc(dvd.EmptyInterfaceDecodeValue)). - RegisterDecoder(tOID, ValueDecoderFunc(dvd.ObjectIDDecodeValue)). - RegisterDecoder(tDecimal, ValueDecoderFunc(dvd.Decimal128DecodeValue)). - RegisterDecoder(tJSONNumber, ValueDecoderFunc(dvd.JSONNumberDecodeValue)). - RegisterDecoder(tURL, ValueDecoderFunc(dvd.URLDecodeValue)). - RegisterDecoder(tValueUnmarshaler, ValueDecoderFunc(dvd.ValueUnmarshalerDecodeValue)). - RegisterDecoder(tUnmarshaler, ValueDecoderFunc(dvd.UnmarshalerDecodeValue)). - RegisterDecoder(tCoreDocument, ValueDecoderFunc(dvd.CoreDocumentDecodeValue)). - RegisterDecoder(tCodeWithScope, ValueDecoderFunc(dvd.CodeWithScopeDecodeValue)). - RegisterDefaultDecoder(reflect.Bool, ValueDecoderFunc(dvd.BooleanDecodeValue)). - RegisterDefaultDecoder(reflect.Int, ValueDecoderFunc(dvd.IntDecodeValue)). - RegisterDefaultDecoder(reflect.Int8, ValueDecoderFunc(dvd.IntDecodeValue)). - RegisterDefaultDecoder(reflect.Int16, ValueDecoderFunc(dvd.IntDecodeValue)). - RegisterDefaultDecoder(reflect.Int32, ValueDecoderFunc(dvd.IntDecodeValue)). - RegisterDefaultDecoder(reflect.Int64, ValueDecoderFunc(dvd.IntDecodeValue)). - RegisterDefaultDecoder(reflect.Uint, ValueDecoderFunc(dvd.UintDecodeValue)). - RegisterDefaultDecoder(reflect.Uint8, ValueDecoderFunc(dvd.UintDecodeValue)). - RegisterDefaultDecoder(reflect.Uint16, ValueDecoderFunc(dvd.UintDecodeValue)). - RegisterDefaultDecoder(reflect.Uint32, ValueDecoderFunc(dvd.UintDecodeValue)). - RegisterDefaultDecoder(reflect.Uint64, ValueDecoderFunc(dvd.UintDecodeValue)). - RegisterDefaultDecoder(reflect.Float32, ValueDecoderFunc(dvd.FloatDecodeValue)). - RegisterDefaultDecoder(reflect.Float64, ValueDecoderFunc(dvd.FloatDecodeValue)). - RegisterDefaultDecoder(reflect.Array, ValueDecoderFunc(dvd.ArrayDecodeValue)). - RegisterDefaultDecoder(reflect.Map, ValueDecoderFunc(dvd.MapDecodeValue)). - RegisterDefaultDecoder(reflect.Slice, ValueDecoderFunc(dvd.SliceDecodeValue)). - RegisterDefaultDecoder(reflect.String, ValueDecoderFunc(dvd.StringDecodeValue)). - RegisterDefaultDecoder(reflect.Struct, &StructCodec{cache: make(map[reflect.Type]*structDescription), parser: DefaultStructTagParser}). - RegisterDefaultDecoder(reflect.Ptr, NewPointerCodec()). - RegisterTypeMapEntry(bsontype.Double, tFloat64). - RegisterTypeMapEntry(bsontype.String, tString). - RegisterTypeMapEntry(bsontype.Array, tA). - RegisterTypeMapEntry(bsontype.Binary, tBinary). - RegisterTypeMapEntry(bsontype.Undefined, tUndefined). - RegisterTypeMapEntry(bsontype.ObjectID, tOID). - RegisterTypeMapEntry(bsontype.Boolean, tBool). - RegisterTypeMapEntry(bsontype.DateTime, tDateTime). - RegisterTypeMapEntry(bsontype.Regex, tRegex). - RegisterTypeMapEntry(bsontype.DBPointer, tDBPointer). - RegisterTypeMapEntry(bsontype.JavaScript, tJavaScript). - RegisterTypeMapEntry(bsontype.Symbol, tSymbol). - RegisterTypeMapEntry(bsontype.CodeWithScope, tCodeWithScope). - RegisterTypeMapEntry(bsontype.Int32, tInt32). - RegisterTypeMapEntry(bsontype.Int64, tInt64). - RegisterTypeMapEntry(bsontype.Timestamp, tTimestamp). - RegisterTypeMapEntry(bsontype.Decimal128, tDecimal). - RegisterTypeMapEntry(bsontype.MinKey, tMinKey). - RegisterTypeMapEntry(bsontype.MaxKey, tMaxKey). - RegisterTypeMapEntry(bsontype.Type(0), tD) -} - -// BooleanDecodeValue is the ValueDecoderFunc for bool types. -func (dvd DefaultValueDecoders) BooleanDecodeValue(dctx DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if vr.Type() != bsontype.Boolean { - return fmt.Errorf("cannot decode %v into a boolean", vr.Type()) - } - if !val.IsValid() || !val.CanSet() || val.Kind() != reflect.Bool { - return ValueDecoderError{Name: "BooleanDecodeValue", Kinds: []reflect.Kind{reflect.Bool}, Received: val} - } - - b, err := vr.ReadBoolean() - val.SetBool(b) - return err -} - -// IntDecodeValue is the ValueDecoderFunc for bool types. -func (dvd DefaultValueDecoders) IntDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - var i64 int64 - var err error - switch vr.Type() { - case bsontype.Int32: - i32, err := vr.ReadInt32() - if err != nil { - return err - } - i64 = int64(i32) - case bsontype.Int64: - i64, err = vr.ReadInt64() - if err != nil { - return err - } - case bsontype.Double: - f64, err := vr.ReadDouble() - if err != nil { - return err - } - if !dc.Truncate && math.Floor(f64) != f64 { - return errors.New("IntDecodeValue can only truncate float64 to an integer type when truncation is enabled") - } - if f64 > float64(math.MaxInt64) { - return fmt.Errorf("%g overflows int64", f64) - } - i64 = int64(f64) - default: - return fmt.Errorf("cannot decode %v into an integer type", vr.Type()) - } - - if !val.CanSet() { - return ValueDecoderError{ - Name: "IntDecodeValue", - Kinds: []reflect.Kind{reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int}, - Received: val, - } - } - - switch val.Kind() { - case reflect.Int8: - if i64 < math.MinInt8 || i64 > math.MaxInt8 { - return fmt.Errorf("%d overflows int8", i64) - } - case reflect.Int16: - if i64 < math.MinInt16 || i64 > math.MaxInt16 { - return fmt.Errorf("%d overflows int16", i64) - } - case reflect.Int32: - if i64 < math.MinInt32 || i64 > math.MaxInt32 { - return fmt.Errorf("%d overflows int32", i64) - } - case reflect.Int64: - case reflect.Int: - if int64(int(i64)) != i64 { // Can we fit this inside of an int - return fmt.Errorf("%d overflows int", i64) - } - default: - return ValueDecoderError{ - Name: "IntDecodeValue", - Kinds: []reflect.Kind{reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int}, - Received: val, - } - } - - val.SetInt(i64) - return nil -} - -// UintDecodeValue is the ValueDecoderFunc for uint types. -func (dvd DefaultValueDecoders) UintDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - var i64 int64 - var err error - switch vr.Type() { - case bsontype.Int32: - i32, err := vr.ReadInt32() - if err != nil { - return err - } - i64 = int64(i32) - case bsontype.Int64: - i64, err = vr.ReadInt64() - if err != nil { - return err - } - case bsontype.Double: - f64, err := vr.ReadDouble() - if err != nil { - return err - } - if !dc.Truncate && math.Floor(f64) != f64 { - return errors.New("UintDecodeValue can only truncate float64 to an integer type when truncation is enabled") - } - if f64 > float64(math.MaxInt64) { - return fmt.Errorf("%g overflows int64", f64) - } - i64 = int64(f64) - default: - return fmt.Errorf("cannot decode %v into an integer type", vr.Type()) - } - - if !val.CanSet() { - return ValueDecoderError{ - Name: "UintDecodeValue", - Kinds: []reflect.Kind{reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint}, - Received: val, - } - } - - switch val.Kind() { - case reflect.Uint8: - if i64 < 0 || i64 > math.MaxUint8 { - return fmt.Errorf("%d overflows uint8", i64) - } - case reflect.Uint16: - if i64 < 0 || i64 > math.MaxUint16 { - return fmt.Errorf("%d overflows uint16", i64) - } - case reflect.Uint32: - if i64 < 0 || i64 > math.MaxUint32 { - return fmt.Errorf("%d overflows uint32", i64) - } - case reflect.Uint64: - if i64 < 0 { - return fmt.Errorf("%d overflows uint64", i64) - } - case reflect.Uint: - if i64 < 0 || int64(uint(i64)) != i64 { // Can we fit this inside of an uint - return fmt.Errorf("%d overflows uint", i64) - } - default: - return ValueDecoderError{ - Name: "UintDecodeValue", - Kinds: []reflect.Kind{reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint}, - Received: val, - } - } - - val.SetUint(uint64(i64)) - return nil -} - -// FloatDecodeValue is the ValueDecoderFunc for float types. -func (dvd DefaultValueDecoders) FloatDecodeValue(ec DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - var f float64 - var err error - switch vr.Type() { - case bsontype.Int32: - i32, err := vr.ReadInt32() - if err != nil { - return err - } - f = float64(i32) - case bsontype.Int64: - i64, err := vr.ReadInt64() - if err != nil { - return err - } - f = float64(i64) - case bsontype.Double: - f, err = vr.ReadDouble() - if err != nil { - return err - } - default: - return fmt.Errorf("cannot decode %v into a float32 or float64 type", vr.Type()) - } - - if !val.CanSet() { - return ValueDecoderError{Name: "FloatDecodeValue", Kinds: []reflect.Kind{reflect.Float32, reflect.Float64}, Received: val} - } - - switch val.Kind() { - case reflect.Float32: - if !ec.Truncate && float64(float32(f)) != f { - return errors.New("FloatDecodeValue can only convert float64 to float32 when truncation is allowed") - } - case reflect.Float64: - default: - return ValueDecoderError{Name: "FloatDecodeValue", Kinds: []reflect.Kind{reflect.Float32, reflect.Float64}, Received: val} - } - - val.SetFloat(f) - return nil -} - -// StringDecodeValue is the ValueDecoderFunc for string types. -func (dvd DefaultValueDecoders) StringDecodeValue(dctx DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - var str string - var err error - switch vr.Type() { - // TODO(GODRIVER-577): Handle JavaScript and Symbol BSON types when allowed. - case bsontype.String: - str, err = vr.ReadString() - if err != nil { - return err - } - default: - return fmt.Errorf("cannot decode %v into a string type", vr.Type()) - } - if !val.CanSet() || val.Kind() != reflect.String { - return ValueDecoderError{Name: "StringDecodeValue", Kinds: []reflect.Kind{reflect.String}, Received: val} - } - - val.SetString(str) - return nil -} - -// JavaScriptDecodeValue is the ValueDecoderFunc for the primitive.JavaScript type. -func (DefaultValueDecoders) JavaScriptDecodeValue(dctx DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tJavaScript { - return ValueDecoderError{Name: "BinaryDecodeValue", Types: []reflect.Type{tJavaScript}, Received: val} - } - - if vr.Type() != bsontype.JavaScript { - return fmt.Errorf("cannot decode %v into a primitive.JavaScript", vr.Type()) - } - - js, err := vr.ReadJavascript() - if err != nil { - return err - } - - val.SetString(js) - return nil -} - -// SymbolDecodeValue is the ValueDecoderFunc for the primitive.Symbol type. -func (DefaultValueDecoders) SymbolDecodeValue(dctx DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tSymbol { - return ValueDecoderError{Name: "BinaryDecodeValue", Types: []reflect.Type{tSymbol}, Received: val} - } - - if vr.Type() != bsontype.Symbol { - return fmt.Errorf("cannot decode %v into a primitive.Symbol", vr.Type()) - } - - symbol, err := vr.ReadSymbol() - if err != nil { - return err - } - - val.SetString(symbol) - return nil -} - -// BinaryDecodeValue is the ValueDecoderFunc for Binary. -func (DefaultValueDecoders) BinaryDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tBinary { - return ValueDecoderError{Name: "BinaryDecodeValue", Types: []reflect.Type{tBinary}, Received: val} - } - - if vr.Type() != bsontype.Binary { - return fmt.Errorf("cannot decode %v into a Binary", vr.Type()) - } - - data, subtype, err := vr.ReadBinary() - if err != nil { - return err - } - - val.Set(reflect.ValueOf(primitive.Binary{Subtype: subtype, Data: data})) - return nil -} - -// UndefinedDecodeValue is the ValueDecoderFunc for Undefined. -func (DefaultValueDecoders) UndefinedDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tUndefined { - return ValueDecoderError{Name: "UndefinedDecodeValue", Types: []reflect.Type{tUndefined}, Received: val} - } - - if vr.Type() != bsontype.Undefined { - return fmt.Errorf("cannot decode %v into an Undefined", vr.Type()) - } - - val.Set(reflect.ValueOf(primitive.Undefined{})) - return vr.ReadUndefined() -} - -// ObjectIDDecodeValue is the ValueDecoderFunc for primitive.ObjectID. -func (dvd DefaultValueDecoders) ObjectIDDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tOID { - return ValueDecoderError{Name: "ObjectIDDecodeValue", Types: []reflect.Type{tOID}, Received: val} - } - - if vr.Type() != bsontype.ObjectID { - return fmt.Errorf("cannot decode %v into an ObjectID", vr.Type()) - } - oid, err := vr.ReadObjectID() - val.Set(reflect.ValueOf(oid)) - return err -} - -// DateTimeDecodeValue is the ValueDecoderFunc for DateTime. -func (DefaultValueDecoders) DateTimeDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tDateTime { - return ValueDecoderError{Name: "DateTimeDecodeValue", Types: []reflect.Type{tDateTime}, Received: val} - } - - if vr.Type() != bsontype.DateTime { - return fmt.Errorf("cannot decode %v into a DateTime", vr.Type()) - } - - dt, err := vr.ReadDateTime() - if err != nil { - return err - } - - val.Set(reflect.ValueOf(primitive.DateTime(dt))) - return nil -} - -// NullDecodeValue is the ValueDecoderFunc for Null. -func (DefaultValueDecoders) NullDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tNull { - return ValueDecoderError{Name: "NullDecodeValue", Types: []reflect.Type{tNull}, Received: val} - } - - if vr.Type() != bsontype.Null { - return fmt.Errorf("cannot decode %v into a Null", vr.Type()) - } - - val.Set(reflect.ValueOf(primitive.Null{})) - return vr.ReadNull() -} - -// RegexDecodeValue is the ValueDecoderFunc for Regex. -func (DefaultValueDecoders) RegexDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tRegex { - return ValueDecoderError{Name: "RegexDecodeValue", Types: []reflect.Type{tRegex}, Received: val} - } - - if vr.Type() != bsontype.Regex { - return fmt.Errorf("cannot decode %v into a Regex", vr.Type()) - } - - pattern, options, err := vr.ReadRegex() - if err != nil { - return err - } - - val.Set(reflect.ValueOf(primitive.Regex{Pattern: pattern, Options: options})) - return nil -} - -// DBPointerDecodeValue is the ValueDecoderFunc for DBPointer. -func (DefaultValueDecoders) DBPointerDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tDBPointer { - return ValueDecoderError{Name: "DBPointerDecodeValue", Types: []reflect.Type{tDBPointer}, Received: val} - } - - if vr.Type() != bsontype.DBPointer { - return fmt.Errorf("cannot decode %v into a DBPointer", vr.Type()) - } - - ns, pointer, err := vr.ReadDBPointer() - if err != nil { - return err - } - - val.Set(reflect.ValueOf(primitive.DBPointer{DB: ns, Pointer: pointer})) - return nil -} - -// TimestampDecodeValue is the ValueDecoderFunc for Timestamp. -func (DefaultValueDecoders) TimestampDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tTimestamp { - return ValueDecoderError{Name: "TimestampDecodeValue", Types: []reflect.Type{tTimestamp}, Received: val} - } - - if vr.Type() != bsontype.Timestamp { - return fmt.Errorf("cannot decode %v into a Timestamp", vr.Type()) - } - - t, incr, err := vr.ReadTimestamp() - if err != nil { - return err - } - - val.Set(reflect.ValueOf(primitive.Timestamp{T: t, I: incr})) - return nil -} - -// MinKeyDecodeValue is the ValueDecoderFunc for MinKey. -func (DefaultValueDecoders) MinKeyDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tMinKey { - return ValueDecoderError{Name: "MinKeyDecodeValue", Types: []reflect.Type{tMinKey}, Received: val} - } - - if vr.Type() != bsontype.MinKey { - return fmt.Errorf("cannot decode %v into a MinKey", vr.Type()) - } - - val.Set(reflect.ValueOf(primitive.MinKey{})) - return vr.ReadMinKey() -} - -// MaxKeyDecodeValue is the ValueDecoderFunc for MaxKey. -func (DefaultValueDecoders) MaxKeyDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tMaxKey { - return ValueDecoderError{Name: "MaxKeyDecodeValue", Types: []reflect.Type{tMaxKey}, Received: val} - } - - if vr.Type() != bsontype.MaxKey { - return fmt.Errorf("cannot decode %v into a MaxKey", vr.Type()) - } - - val.Set(reflect.ValueOf(primitive.MaxKey{})) - return vr.ReadMaxKey() -} - -// Decimal128DecodeValue is the ValueDecoderFunc for primitive.Decimal128. -func (dvd DefaultValueDecoders) Decimal128DecodeValue(dctx DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if vr.Type() != bsontype.Decimal128 { - return fmt.Errorf("cannot decode %v into a primitive.Decimal128", vr.Type()) - } - - if !val.CanSet() || val.Type() != tDecimal { - return ValueDecoderError{Name: "Decimal128DecodeValue", Types: []reflect.Type{tDecimal}, Received: val} - } - d128, err := vr.ReadDecimal128() - val.Set(reflect.ValueOf(d128)) - return err -} - -// JSONNumberDecodeValue is the ValueDecoderFunc for json.Number. -func (dvd DefaultValueDecoders) JSONNumberDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tJSONNumber { - return ValueDecoderError{Name: "JSONNumberDecodeValue", Types: []reflect.Type{tJSONNumber}, Received: val} - } - - switch vr.Type() { - case bsontype.Double: - f64, err := vr.ReadDouble() - if err != nil { - return err - } - val.Set(reflect.ValueOf(json.Number(strconv.FormatFloat(f64, 'g', -1, 64)))) - case bsontype.Int32: - i32, err := vr.ReadInt32() - if err != nil { - return err - } - val.Set(reflect.ValueOf(json.Number(strconv.FormatInt(int64(i32), 10)))) - case bsontype.Int64: - i64, err := vr.ReadInt64() - if err != nil { - return err - } - val.Set(reflect.ValueOf(json.Number(strconv.FormatInt(i64, 10)))) - default: - return fmt.Errorf("cannot decode %v into a json.Number", vr.Type()) - } - - return nil -} - -// URLDecodeValue is the ValueDecoderFunc for url.URL. -func (dvd DefaultValueDecoders) URLDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if vr.Type() != bsontype.String { - return fmt.Errorf("cannot decode %v into a *url.URL", vr.Type()) - } - - str, err := vr.ReadString() - if err != nil { - return err - } - - u, err := url.Parse(str) - if err != nil { - return err - } - - if !val.CanSet() || val.Type() != tURL { - return ValueDecoderError{Name: "URLDecodeValue", Types: []reflect.Type{tURL}, Received: val} - } - - val.Set(reflect.ValueOf(u).Elem()) - return nil -} - -// TimeDecodeValue is the ValueDecoderFunc for time.Time. -func (dvd DefaultValueDecoders) TimeDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if vr.Type() != bsontype.DateTime { - return fmt.Errorf("cannot decode %v into a time.Time", vr.Type()) - } - - dt, err := vr.ReadDateTime() - if err != nil { - return err - } - - if !val.CanSet() || val.Type() != tTime { - return ValueDecoderError{Name: "TimeDecodeValue", Types: []reflect.Type{tTime}, Received: val} - } - - val.Set(reflect.ValueOf(time.Unix(dt/1000, dt%1000*1000000).UTC())) - return nil -} - -// ByteSliceDecodeValue is the ValueDecoderFunc for []byte. -func (dvd DefaultValueDecoders) ByteSliceDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if vr.Type() != bsontype.Binary && vr.Type() != bsontype.Null { - return fmt.Errorf("cannot decode %v into a []byte", vr.Type()) - } - - if !val.CanSet() || val.Type() != tByteSlice { - return ValueDecoderError{Name: "ByteSliceDecodeValue", Types: []reflect.Type{tByteSlice}, Received: val} - } - - if vr.Type() == bsontype.Null { - val.Set(reflect.Zero(val.Type())) - return vr.ReadNull() - } - - data, subtype, err := vr.ReadBinary() - if err != nil { - return err - } - if subtype != 0x00 { - return fmt.Errorf("ByteSliceDecodeValue can only be used to decode subtype 0x00 for %s, got %v", bsontype.Binary, subtype) - } - - val.Set(reflect.ValueOf(data)) - return nil -} - -// MapDecodeValue is the ValueDecoderFunc for map[string]* types. -func (dvd DefaultValueDecoders) MapDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Kind() != reflect.Map || val.Type().Key().Kind() != reflect.String { - return ValueDecoderError{Name: "MapDecodeValue", Kinds: []reflect.Kind{reflect.Map}, Received: val} - } - - switch vr.Type() { - case bsontype.Type(0), bsontype.EmbeddedDocument: - case bsontype.Null: - val.Set(reflect.Zero(val.Type())) - return vr.ReadNull() - default: - return fmt.Errorf("cannot decode %v into a %s", vr.Type(), val.Type()) - } - - dr, err := vr.ReadDocument() - if err != nil { - return err - } - - if val.IsNil() { - val.Set(reflect.MakeMap(val.Type())) - } - - eType := val.Type().Elem() - decoder, err := dc.LookupDecoder(eType) - if err != nil { - return err - } - - if eType == tEmpty { - dc.Ancestor = val.Type() - } - - keyType := val.Type().Key() - for { - key, vr, err := dr.ReadElement() - if err == bsonrw.ErrEOD { - break - } - if err != nil { - return err - } - - elem := reflect.New(eType).Elem() - - err = decoder.DecodeValue(dc, vr, elem) - if err != nil { - return err - } - - val.SetMapIndex(reflect.ValueOf(key).Convert(keyType), elem) - } - return nil -} - -// ArrayDecodeValue is the ValueDecoderFunc for array types. -func (dvd DefaultValueDecoders) ArrayDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.IsValid() || val.Kind() != reflect.Array { - return ValueDecoderError{Name: "ArrayDecodeValue", Kinds: []reflect.Kind{reflect.Array}, Received: val} - } - - switch vr.Type() { - case bsontype.Array: - case bsontype.Type(0), bsontype.EmbeddedDocument: - if val.Type().Elem() != tE { - return fmt.Errorf("cannot decode document into %s", val.Type()) - } - default: - return fmt.Errorf("cannot decode %v into an array", vr.Type()) - } - - var elemsFunc func(DecodeContext, bsonrw.ValueReader, reflect.Value) ([]reflect.Value, error) - switch val.Type().Elem() { - case tE: - elemsFunc = dvd.decodeD - default: - elemsFunc = dvd.decodeDefault - } - - elems, err := elemsFunc(dc, vr, val) - if err != nil { - return err - } - - if len(elems) > val.Len() { - return fmt.Errorf("more elements returned in array than can fit inside %s", val.Type()) - } - - for idx, elem := range elems { - val.Index(idx).Set(elem) - } - - return nil -} - -// SliceDecodeValue is the ValueDecoderFunc for slice types. -func (dvd DefaultValueDecoders) SliceDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Kind() != reflect.Slice { - return ValueDecoderError{Name: "SliceDecodeValue", Kinds: []reflect.Kind{reflect.Slice}, Received: val} - } - - switch vr.Type() { - case bsontype.Array: - case bsontype.Null: - val.Set(reflect.Zero(val.Type())) - return vr.ReadNull() - case bsontype.Type(0), bsontype.EmbeddedDocument: - if val.Type().Elem() != tE { - return fmt.Errorf("cannot decode document into %s", val.Type()) - } - default: - return fmt.Errorf("cannot decode %v into a slice", vr.Type()) - } - - var elemsFunc func(DecodeContext, bsonrw.ValueReader, reflect.Value) ([]reflect.Value, error) - switch val.Type().Elem() { - case tE: - dc.Ancestor = val.Type() - elemsFunc = dvd.decodeD - default: - elemsFunc = dvd.decodeDefault - } - - elems, err := elemsFunc(dc, vr, val) - if err != nil { - return err - } - - if val.IsNil() { - val.Set(reflect.MakeSlice(val.Type(), 0, len(elems))) - } - - val.SetLen(0) - val.Set(reflect.Append(val, elems...)) - - return nil -} - -// ValueUnmarshalerDecodeValue is the ValueDecoderFunc for ValueUnmarshaler implementations. -func (dvd DefaultValueDecoders) ValueUnmarshalerDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.IsValid() || (!val.Type().Implements(tValueUnmarshaler) && !reflect.PtrTo(val.Type()).Implements(tValueUnmarshaler)) { - return ValueDecoderError{Name: "ValueUnmarshalerDecodeValue", Types: []reflect.Type{tValueUnmarshaler}, Received: val} - } - - if val.Kind() == reflect.Ptr && val.IsNil() { - if !val.CanSet() { - return ValueDecoderError{Name: "ValueUnmarshalerDecodeValue", Types: []reflect.Type{tValueUnmarshaler}, Received: val} - } - val.Set(reflect.New(val.Type().Elem())) - } - - if !val.Type().Implements(tValueUnmarshaler) { - if !val.CanAddr() { - return ValueDecoderError{Name: "ValueUnmarshalerDecodeValue", Types: []reflect.Type{tValueUnmarshaler}, Received: val} - } - val = val.Addr() // If they type doesn't implement the interface, a pointer to it must. - } - - t, src, err := bsonrw.Copier{}.CopyValueToBytes(vr) - if err != nil { - return err - } - - fn := val.Convert(tValueUnmarshaler).MethodByName("UnmarshalBSONValue") - errVal := fn.Call([]reflect.Value{reflect.ValueOf(t), reflect.ValueOf(src)})[0] - if !errVal.IsNil() { - return errVal.Interface().(error) - } - return nil -} - -// UnmarshalerDecodeValue is the ValueDecoderFunc for Unmarshaler implementations. -func (dvd DefaultValueDecoders) UnmarshalerDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.IsValid() || (!val.Type().Implements(tUnmarshaler) && !reflect.PtrTo(val.Type()).Implements(tUnmarshaler)) { - return ValueDecoderError{Name: "UnmarshalerDecodeValue", Types: []reflect.Type{tUnmarshaler}, Received: val} - } - - if val.Kind() == reflect.Ptr && val.IsNil() { - if !val.CanSet() { - return ValueDecoderError{Name: "UnmarshalerDecodeValue", Types: []reflect.Type{tUnmarshaler}, Received: val} - } - val.Set(reflect.New(val.Type().Elem())) - } - - if !val.Type().Implements(tUnmarshaler) { - if !val.CanAddr() { - return ValueDecoderError{Name: "UnmarshalerDecodeValue", Types: []reflect.Type{tUnmarshaler}, Received: val} - } - val = val.Addr() // If they type doesn't implement the interface, a pointer to it must. - } - - _, src, err := bsonrw.Copier{}.CopyValueToBytes(vr) - if err != nil { - return err - } - - fn := val.Convert(tUnmarshaler).MethodByName("UnmarshalBSON") - errVal := fn.Call([]reflect.Value{reflect.ValueOf(src)})[0] - if !errVal.IsNil() { - return errVal.Interface().(error) - } - return nil -} - -// EmptyInterfaceDecodeValue is the ValueDecoderFunc for interface{}. -func (dvd DefaultValueDecoders) EmptyInterfaceDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tEmpty { - return ValueDecoderError{Name: "EmptyInterfaceDecodeValue", Types: []reflect.Type{tEmpty}, Received: val} - } - - rtype, err := dc.LookupTypeMapEntry(vr.Type()) - if err != nil { - switch vr.Type() { - case bsontype.EmbeddedDocument: - if dc.Ancestor != nil { - rtype = dc.Ancestor - break - } - rtype = tD - case bsontype.Null: - val.Set(reflect.Zero(val.Type())) - return vr.ReadNull() - default: - return err - } - } - - decoder, err := dc.LookupDecoder(rtype) - if err != nil { - return err - } - - elem := reflect.New(rtype).Elem() - err = decoder.DecodeValue(dc, vr, elem) - if err != nil { - return err - } - - val.Set(elem) - return nil -} - -// CoreDocumentDecodeValue is the ValueDecoderFunc for bsoncore.Document. -func (DefaultValueDecoders) CoreDocumentDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tCoreDocument { - return ValueDecoderError{Name: "CoreDocumentDecodeValue", Types: []reflect.Type{tCoreDocument}, Received: val} - } - - if val.IsNil() { - val.Set(reflect.MakeSlice(val.Type(), 0, 0)) - } - - val.SetLen(0) - - cdoc, err := bsonrw.Copier{}.AppendDocumentBytes(val.Interface().(bsoncore.Document), vr) - val.Set(reflect.ValueOf(cdoc)) - return err -} - -func (dvd DefaultValueDecoders) decodeDefault(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) ([]reflect.Value, error) { - elems := make([]reflect.Value, 0) - - ar, err := vr.ReadArray() - if err != nil { - return nil, err - } - - eType := val.Type().Elem() - - decoder, err := dc.LookupDecoder(eType) - if err != nil { - return nil, err - } - - for { - vr, err := ar.ReadValue() - if err == bsonrw.ErrEOA { - break - } - if err != nil { - return nil, err - } - - elem := reflect.New(eType).Elem() - - err = decoder.DecodeValue(dc, vr, elem) - if err != nil { - return nil, err - } - elems = append(elems, elem) - } - - return elems, nil -} - -// CodeWithScopeDecodeValue is the ValueDecoderFunc for CodeWithScope. -func (dvd DefaultValueDecoders) CodeWithScopeDecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Type() != tCodeWithScope { - return ValueDecoderError{Name: "CodeWithScopeDecodeValue", Types: []reflect.Type{tCodeWithScope}, Received: val} - } - - if vr.Type() != bsontype.CodeWithScope { - return fmt.Errorf("cannot decode %v into a primitive.CodeWithScope", vr.Type()) - } - - code, dr, err := vr.ReadCodeWithScope() - if err != nil { - return err - } - - scope := reflect.New(tD).Elem() - - elems, err := dvd.decodeElemsFromDocumentReader(dc, dr) - if err != nil { - return err - } - - scope.Set(reflect.MakeSlice(tD, 0, len(elems))) - scope.Set(reflect.Append(scope, elems...)) - - val.Set(reflect.ValueOf(primitive.CodeWithScope{Code: primitive.JavaScript(code), Scope: scope.Interface().(primitive.D)})) - return nil -} - -func (dvd DefaultValueDecoders) decodeD(dc DecodeContext, vr bsonrw.ValueReader, _ reflect.Value) ([]reflect.Value, error) { - switch vr.Type() { - case bsontype.Type(0), bsontype.EmbeddedDocument: - default: - return nil, fmt.Errorf("cannot decode %v into a D", vr.Type()) - } - - dr, err := vr.ReadDocument() - if err != nil { - return nil, err - } - - return dvd.decodeElemsFromDocumentReader(dc, dr) -} - -func (DefaultValueDecoders) decodeElemsFromDocumentReader(dc DecodeContext, dr bsonrw.DocumentReader) ([]reflect.Value, error) { - decoder, err := dc.LookupDecoder(tEmpty) - if err != nil { - return nil, err - } - - elems := make([]reflect.Value, 0) - for { - key, vr, err := dr.ReadElement() - if err == bsonrw.ErrEOD { - break - } - if err != nil { - return nil, err - } - - val := reflect.New(tEmpty).Elem() - err = decoder.DecodeValue(dc, vr, val) - if err != nil { - return nil, err - } - - elems = append(elems, reflect.ValueOf(primitive.E{Key: key, Value: val.Interface()})) - } - - return elems, nil -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/default_value_encoders.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/default_value_encoders.go deleted file mode 100644 index 39ebfc7ecd3e..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/default_value_encoders.go +++ /dev/null @@ -1,648 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec - -import ( - "encoding/json" - "errors" - "fmt" - "math" - "net/url" - "reflect" - "sync" - "time" - - "go.mongodb.org/mongo-driver/bson/bsonrw" - "go.mongodb.org/mongo-driver/bson/bsontype" - "go.mongodb.org/mongo-driver/bson/primitive" - "go.mongodb.org/mongo-driver/x/bsonx/bsoncore" -) - -var defaultValueEncoders DefaultValueEncoders - -var bvwPool = bsonrw.NewBSONValueWriterPool() - -var sliceWriterPool = sync.Pool{ - New: func() interface{} { - sw := make(bsonrw.SliceWriter, 0, 0) - return &sw - }, -} - -func encodeElement(ec EncodeContext, dw bsonrw.DocumentWriter, e primitive.E) error { - vw, err := dw.WriteDocumentElement(e.Key) - if err != nil { - return err - } - - if e.Value == nil { - return vw.WriteNull() - } - encoder, err := ec.LookupEncoder(reflect.TypeOf(e.Value)) - if err != nil { - return err - } - - err = encoder.EncodeValue(ec, vw, reflect.ValueOf(e.Value)) - if err != nil { - return err - } - return nil -} - -// DefaultValueEncoders is a namespace type for the default ValueEncoders used -// when creating a registry. -type DefaultValueEncoders struct{} - -// RegisterDefaultEncoders will register the encoder methods attached to DefaultValueEncoders with -// the provided RegistryBuilder. -func (dve DefaultValueEncoders) RegisterDefaultEncoders(rb *RegistryBuilder) { - if rb == nil { - panic(errors.New("argument to RegisterDefaultEncoders must not be nil")) - } - rb. - RegisterEncoder(tByteSlice, ValueEncoderFunc(dve.ByteSliceEncodeValue)). - RegisterEncoder(tTime, ValueEncoderFunc(dve.TimeEncodeValue)). - RegisterEncoder(tEmpty, ValueEncoderFunc(dve.EmptyInterfaceEncodeValue)). - RegisterEncoder(tOID, ValueEncoderFunc(dve.ObjectIDEncodeValue)). - RegisterEncoder(tDecimal, ValueEncoderFunc(dve.Decimal128EncodeValue)). - RegisterEncoder(tJSONNumber, ValueEncoderFunc(dve.JSONNumberEncodeValue)). - RegisterEncoder(tURL, ValueEncoderFunc(dve.URLEncodeValue)). - RegisterEncoder(tValueMarshaler, ValueEncoderFunc(dve.ValueMarshalerEncodeValue)). - RegisterEncoder(tMarshaler, ValueEncoderFunc(dve.MarshalerEncodeValue)). - RegisterEncoder(tProxy, ValueEncoderFunc(dve.ProxyEncodeValue)). - RegisterEncoder(tJavaScript, ValueEncoderFunc(dve.JavaScriptEncodeValue)). - RegisterEncoder(tSymbol, ValueEncoderFunc(dve.SymbolEncodeValue)). - RegisterEncoder(tBinary, ValueEncoderFunc(dve.BinaryEncodeValue)). - RegisterEncoder(tUndefined, ValueEncoderFunc(dve.UndefinedEncodeValue)). - RegisterEncoder(tDateTime, ValueEncoderFunc(dve.DateTimeEncodeValue)). - RegisterEncoder(tNull, ValueEncoderFunc(dve.NullEncodeValue)). - RegisterEncoder(tRegex, ValueEncoderFunc(dve.RegexEncodeValue)). - RegisterEncoder(tDBPointer, ValueEncoderFunc(dve.DBPointerEncodeValue)). - RegisterEncoder(tTimestamp, ValueEncoderFunc(dve.TimestampEncodeValue)). - RegisterEncoder(tMinKey, ValueEncoderFunc(dve.MinKeyEncodeValue)). - RegisterEncoder(tMaxKey, ValueEncoderFunc(dve.MaxKeyEncodeValue)). - RegisterEncoder(tCoreDocument, ValueEncoderFunc(dve.CoreDocumentEncodeValue)). - RegisterEncoder(tCodeWithScope, ValueEncoderFunc(dve.CodeWithScopeEncodeValue)). - RegisterDefaultEncoder(reflect.Bool, ValueEncoderFunc(dve.BooleanEncodeValue)). - RegisterDefaultEncoder(reflect.Int, ValueEncoderFunc(dve.IntEncodeValue)). - RegisterDefaultEncoder(reflect.Int8, ValueEncoderFunc(dve.IntEncodeValue)). - RegisterDefaultEncoder(reflect.Int16, ValueEncoderFunc(dve.IntEncodeValue)). - RegisterDefaultEncoder(reflect.Int32, ValueEncoderFunc(dve.IntEncodeValue)). - RegisterDefaultEncoder(reflect.Int64, ValueEncoderFunc(dve.IntEncodeValue)). - RegisterDefaultEncoder(reflect.Uint, ValueEncoderFunc(dve.UintEncodeValue)). - RegisterDefaultEncoder(reflect.Uint8, ValueEncoderFunc(dve.UintEncodeValue)). - RegisterDefaultEncoder(reflect.Uint16, ValueEncoderFunc(dve.UintEncodeValue)). - RegisterDefaultEncoder(reflect.Uint32, ValueEncoderFunc(dve.UintEncodeValue)). - RegisterDefaultEncoder(reflect.Uint64, ValueEncoderFunc(dve.UintEncodeValue)). - RegisterDefaultEncoder(reflect.Float32, ValueEncoderFunc(dve.FloatEncodeValue)). - RegisterDefaultEncoder(reflect.Float64, ValueEncoderFunc(dve.FloatEncodeValue)). - RegisterDefaultEncoder(reflect.Array, ValueEncoderFunc(dve.ArrayEncodeValue)). - RegisterDefaultEncoder(reflect.Map, ValueEncoderFunc(dve.MapEncodeValue)). - RegisterDefaultEncoder(reflect.Slice, ValueEncoderFunc(dve.SliceEncodeValue)). - RegisterDefaultEncoder(reflect.String, ValueEncoderFunc(dve.StringEncodeValue)). - RegisterDefaultEncoder(reflect.Struct, &StructCodec{cache: make(map[reflect.Type]*structDescription), parser: DefaultStructTagParser}). - RegisterDefaultEncoder(reflect.Ptr, NewPointerCodec()) -} - -// BooleanEncodeValue is the ValueEncoderFunc for bool types. -func (dve DefaultValueEncoders) BooleanEncodeValue(ectx EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Kind() != reflect.Bool { - return ValueEncoderError{Name: "BooleanEncodeValue", Kinds: []reflect.Kind{reflect.Bool}, Received: val} - } - return vw.WriteBoolean(val.Bool()) -} - -func fitsIn32Bits(i int64) bool { - return math.MinInt32 <= i && i <= math.MaxInt32 -} - -// IntEncodeValue is the ValueEncoderFunc for int types. -func (dve DefaultValueEncoders) IntEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - switch val.Kind() { - case reflect.Int8, reflect.Int16, reflect.Int32: - return vw.WriteInt32(int32(val.Int())) - case reflect.Int: - i64 := val.Int() - if fitsIn32Bits(i64) { - return vw.WriteInt32(int32(i64)) - } - return vw.WriteInt64(i64) - case reflect.Int64: - i64 := val.Int() - if ec.MinSize && fitsIn32Bits(i64) { - return vw.WriteInt32(int32(i64)) - } - return vw.WriteInt64(i64) - } - - return ValueEncoderError{ - Name: "IntEncodeValue", - Kinds: []reflect.Kind{reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int}, - Received: val, - } -} - -// UintEncodeValue is the ValueEncoderFunc for uint types. -func (dve DefaultValueEncoders) UintEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - switch val.Kind() { - case reflect.Uint8, reflect.Uint16: - return vw.WriteInt32(int32(val.Uint())) - case reflect.Uint, reflect.Uint32, reflect.Uint64: - u64 := val.Uint() - if ec.MinSize && u64 <= math.MaxInt32 { - return vw.WriteInt32(int32(u64)) - } - if u64 > math.MaxInt64 { - return fmt.Errorf("%d overflows int64", u64) - } - return vw.WriteInt64(int64(u64)) - } - - return ValueEncoderError{ - Name: "UintEncodeValue", - Kinds: []reflect.Kind{reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint}, - Received: val, - } -} - -// FloatEncodeValue is the ValueEncoderFunc for float types. -func (dve DefaultValueEncoders) FloatEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - switch val.Kind() { - case reflect.Float32, reflect.Float64: - return vw.WriteDouble(val.Float()) - } - - return ValueEncoderError{Name: "FloatEncodeValue", Kinds: []reflect.Kind{reflect.Float32, reflect.Float64}, Received: val} -} - -// StringEncodeValue is the ValueEncoderFunc for string types. -func (dve DefaultValueEncoders) StringEncodeValue(ectx EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if val.Kind() != reflect.String { - return ValueEncoderError{ - Name: "StringEncodeValue", - Kinds: []reflect.Kind{reflect.String}, - Received: val, - } - } - - return vw.WriteString(val.String()) -} - -// ObjectIDEncodeValue is the ValueEncoderFunc for primitive.ObjectID. -func (dve DefaultValueEncoders) ObjectIDEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tOID { - return ValueEncoderError{Name: "ObjectIDEncodeValue", Types: []reflect.Type{tOID}, Received: val} - } - return vw.WriteObjectID(val.Interface().(primitive.ObjectID)) -} - -// Decimal128EncodeValue is the ValueEncoderFunc for primitive.Decimal128. -func (dve DefaultValueEncoders) Decimal128EncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tDecimal { - return ValueEncoderError{Name: "Decimal128EncodeValue", Types: []reflect.Type{tDecimal}, Received: val} - } - return vw.WriteDecimal128(val.Interface().(primitive.Decimal128)) -} - -// JSONNumberEncodeValue is the ValueEncoderFunc for json.Number. -func (dve DefaultValueEncoders) JSONNumberEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tJSONNumber { - return ValueEncoderError{Name: "JSONNumberEncodeValue", Types: []reflect.Type{tJSONNumber}, Received: val} - } - jsnum := val.Interface().(json.Number) - - // Attempt int first, then float64 - if i64, err := jsnum.Int64(); err == nil { - return dve.IntEncodeValue(ec, vw, reflect.ValueOf(i64)) - } - - f64, err := jsnum.Float64() - if err != nil { - return err - } - - return dve.FloatEncodeValue(ec, vw, reflect.ValueOf(f64)) -} - -// URLEncodeValue is the ValueEncoderFunc for url.URL. -func (dve DefaultValueEncoders) URLEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tURL { - return ValueEncoderError{Name: "URLEncodeValue", Types: []reflect.Type{tURL}, Received: val} - } - u := val.Interface().(url.URL) - return vw.WriteString(u.String()) -} - -// TimeEncodeValue is the ValueEncoderFunc for time.TIme. -func (dve DefaultValueEncoders) TimeEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tTime { - return ValueEncoderError{Name: "TimeEncodeValue", Types: []reflect.Type{tTime}, Received: val} - } - tt := val.Interface().(time.Time) - return vw.WriteDateTime(tt.Unix()*1000 + int64(tt.Nanosecond()/1e6)) -} - -// ByteSliceEncodeValue is the ValueEncoderFunc for []byte. -func (dve DefaultValueEncoders) ByteSliceEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tByteSlice { - return ValueEncoderError{Name: "ByteSliceEncodeValue", Types: []reflect.Type{tByteSlice}, Received: val} - } - if val.IsNil() { - return vw.WriteNull() - } - return vw.WriteBinary(val.Interface().([]byte)) -} - -// MapEncodeValue is the ValueEncoderFunc for map[string]* types. -func (dve DefaultValueEncoders) MapEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Kind() != reflect.Map || val.Type().Key().Kind() != reflect.String { - return ValueEncoderError{Name: "MapEncodeValue", Kinds: []reflect.Kind{reflect.Map}, Received: val} - } - - if val.IsNil() { - // If we have a nill map but we can't WriteNull, that means we're probably trying to encode - // to a TopLevel document. We can't currently tell if this is what actually happened, but if - // there's a deeper underlying problem, the error will also be returned from WriteDocument, - // so just continue. The operations on a map reflection value are valid, so we can call - // MapKeys within mapEncodeValue without a problem. - err := vw.WriteNull() - if err == nil { - return nil - } - } - - dw, err := vw.WriteDocument() - if err != nil { - return err - } - - return dve.mapEncodeValue(ec, dw, val, nil) -} - -// mapEncodeValue handles encoding of the values of a map. The collisionFn returns -// true if the provided key exists, this is mainly used for inline maps in the -// struct codec. -func (dve DefaultValueEncoders) mapEncodeValue(ec EncodeContext, dw bsonrw.DocumentWriter, val reflect.Value, collisionFn func(string) bool) error { - - encoder, err := ec.LookupEncoder(val.Type().Elem()) - if err != nil { - return err - } - - keys := val.MapKeys() - for _, key := range keys { - if collisionFn != nil && collisionFn(key.String()) { - return fmt.Errorf("Key %s of inlined map conflicts with a struct field name", key) - } - vw, err := dw.WriteDocumentElement(key.String()) - if err != nil { - return err - } - - if enc, ok := encoder.(ValueEncoder); ok { - err = enc.EncodeValue(ec, vw, val.MapIndex(key)) - if err != nil { - return err - } - continue - } - err = encoder.EncodeValue(ec, vw, val.MapIndex(key)) - if err != nil { - return err - } - } - - return dw.WriteDocumentEnd() -} - -// ArrayEncodeValue is the ValueEncoderFunc for array types. -func (dve DefaultValueEncoders) ArrayEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Kind() != reflect.Array { - return ValueEncoderError{Name: "ArrayEncodeValue", Kinds: []reflect.Kind{reflect.Array}, Received: val} - } - - // If we have a []primitive.E we want to treat it as a document instead of as an array. - if val.Type().Elem() == tE { - dw, err := vw.WriteDocument() - if err != nil { - return err - } - - for idx := 0; idx < val.Len(); idx++ { - e := val.Index(idx).Interface().(primitive.E) - err = encodeElement(ec, dw, e) - if err != nil { - return err - } - } - - return dw.WriteDocumentEnd() - } - - aw, err := vw.WriteArray() - if err != nil { - return err - } - - encoder, err := ec.LookupEncoder(val.Type().Elem()) - if err != nil { - return err - } - - for idx := 0; idx < val.Len(); idx++ { - vw, err := aw.WriteArrayElement() - if err != nil { - return err - } - - err = encoder.EncodeValue(ec, vw, val.Index(idx)) - if err != nil { - return err - } - } - return aw.WriteArrayEnd() -} - -// SliceEncodeValue is the ValueEncoderFunc for slice types. -func (dve DefaultValueEncoders) SliceEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Kind() != reflect.Slice { - return ValueEncoderError{Name: "SliceEncodeValue", Kinds: []reflect.Kind{reflect.Slice}, Received: val} - } - - if val.IsNil() { - return vw.WriteNull() - } - - // If we have a []primitive.E we want to treat it as a document instead of as an array. - if val.Type().ConvertibleTo(tD) { - d := val.Convert(tD).Interface().(primitive.D) - - dw, err := vw.WriteDocument() - if err != nil { - return err - } - - for _, e := range d { - err = encodeElement(ec, dw, e) - if err != nil { - return err - } - } - - return dw.WriteDocumentEnd() - } - - aw, err := vw.WriteArray() - if err != nil { - return err - } - - encoder, err := ec.LookupEncoder(val.Type().Elem()) - if err != nil { - return err - } - - for idx := 0; idx < val.Len(); idx++ { - vw, err := aw.WriteArrayElement() - if err != nil { - return err - } - - err = encoder.EncodeValue(ec, vw, val.Index(idx)) - if err != nil { - return err - } - } - return aw.WriteArrayEnd() -} - -// EmptyInterfaceEncodeValue is the ValueEncoderFunc for interface{}. -func (dve DefaultValueEncoders) EmptyInterfaceEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tEmpty { - return ValueEncoderError{Name: "EmptyInterfaceEncodeValue", Types: []reflect.Type{tEmpty}, Received: val} - } - - if val.IsNil() { - return vw.WriteNull() - } - encoder, err := ec.LookupEncoder(val.Elem().Type()) - if err != nil { - return err - } - - return encoder.EncodeValue(ec, vw, val.Elem()) -} - -// ValueMarshalerEncodeValue is the ValueEncoderFunc for ValueMarshaler implementations. -func (dve DefaultValueEncoders) ValueMarshalerEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || !val.Type().Implements(tValueMarshaler) { - return ValueEncoderError{Name: "ValueMarshalerEncodeValue", Types: []reflect.Type{tValueMarshaler}, Received: val} - } - - fn := val.Convert(tValueMarshaler).MethodByName("MarshalBSONValue") - returns := fn.Call(nil) - if !returns[2].IsNil() { - return returns[2].Interface().(error) - } - t, data := returns[0].Interface().(bsontype.Type), returns[1].Interface().([]byte) - return bsonrw.Copier{}.CopyValueFromBytes(vw, t, data) -} - -// MarshalerEncodeValue is the ValueEncoderFunc for Marshaler implementations. -func (dve DefaultValueEncoders) MarshalerEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || !val.Type().Implements(tMarshaler) { - return ValueEncoderError{Name: "MarshalerEncodeValue", Types: []reflect.Type{tMarshaler}, Received: val} - } - - fn := val.Convert(tMarshaler).MethodByName("MarshalBSON") - returns := fn.Call(nil) - if !returns[1].IsNil() { - return returns[1].Interface().(error) - } - data := returns[0].Interface().([]byte) - return bsonrw.Copier{}.CopyValueFromBytes(vw, bsontype.EmbeddedDocument, data) -} - -// ProxyEncodeValue is the ValueEncoderFunc for Proxy implementations. -func (dve DefaultValueEncoders) ProxyEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || !val.Type().Implements(tProxy) { - return ValueEncoderError{Name: "ProxyEncodeValue", Types: []reflect.Type{tProxy}, Received: val} - } - - fn := val.Convert(tProxy).MethodByName("ProxyBSON") - returns := fn.Call(nil) - if !returns[1].IsNil() { - return returns[1].Interface().(error) - } - data := returns[0] - var encoder ValueEncoder - var err error - if data.Elem().IsValid() { - encoder, err = ec.LookupEncoder(data.Elem().Type()) - } else { - encoder, err = ec.LookupEncoder(nil) - } - if err != nil { - return err - } - return encoder.EncodeValue(ec, vw, data.Elem()) -} - -// JavaScriptEncodeValue is the ValueEncoderFunc for the primitive.JavaScript type. -func (DefaultValueEncoders) JavaScriptEncodeValue(ectx EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tJavaScript { - return ValueEncoderError{Name: "JavaScriptEncodeValue", Types: []reflect.Type{tJavaScript}, Received: val} - } - - return vw.WriteJavascript(val.String()) -} - -// SymbolEncodeValue is the ValueEncoderFunc for the primitive.Symbol type. -func (DefaultValueEncoders) SymbolEncodeValue(ectx EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tSymbol { - return ValueEncoderError{Name: "SymbolEncodeValue", Types: []reflect.Type{tSymbol}, Received: val} - } - - return vw.WriteSymbol(val.String()) -} - -// BinaryEncodeValue is the ValueEncoderFunc for Binary. -func (DefaultValueEncoders) BinaryEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tBinary { - return ValueEncoderError{Name: "BinaryEncodeValue", Types: []reflect.Type{tBinary}, Received: val} - } - b := val.Interface().(primitive.Binary) - - return vw.WriteBinaryWithSubtype(b.Data, b.Subtype) -} - -// UndefinedEncodeValue is the ValueEncoderFunc for Undefined. -func (DefaultValueEncoders) UndefinedEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tUndefined { - return ValueEncoderError{Name: "UndefinedEncodeValue", Types: []reflect.Type{tUndefined}, Received: val} - } - - return vw.WriteUndefined() -} - -// DateTimeEncodeValue is the ValueEncoderFunc for DateTime. -func (DefaultValueEncoders) DateTimeEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tDateTime { - return ValueEncoderError{Name: "DateTimeEncodeValue", Types: []reflect.Type{tDateTime}, Received: val} - } - - return vw.WriteDateTime(val.Int()) -} - -// NullEncodeValue is the ValueEncoderFunc for Null. -func (DefaultValueEncoders) NullEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tNull { - return ValueEncoderError{Name: "NullEncodeValue", Types: []reflect.Type{tNull}, Received: val} - } - - return vw.WriteNull() -} - -// RegexEncodeValue is the ValueEncoderFunc for Regex. -func (DefaultValueEncoders) RegexEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tRegex { - return ValueEncoderError{Name: "RegexEncodeValue", Types: []reflect.Type{tRegex}, Received: val} - } - - regex := val.Interface().(primitive.Regex) - - return vw.WriteRegex(regex.Pattern, regex.Options) -} - -// DBPointerEncodeValue is the ValueEncoderFunc for DBPointer. -func (DefaultValueEncoders) DBPointerEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tDBPointer { - return ValueEncoderError{Name: "DBPointerEncodeValue", Types: []reflect.Type{tDBPointer}, Received: val} - } - - dbp := val.Interface().(primitive.DBPointer) - - return vw.WriteDBPointer(dbp.DB, dbp.Pointer) -} - -// TimestampEncodeValue is the ValueEncoderFunc for Timestamp. -func (DefaultValueEncoders) TimestampEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tTimestamp { - return ValueEncoderError{Name: "TimestampEncodeValue", Types: []reflect.Type{tTimestamp}, Received: val} - } - - ts := val.Interface().(primitive.Timestamp) - - return vw.WriteTimestamp(ts.T, ts.I) -} - -// MinKeyEncodeValue is the ValueEncoderFunc for MinKey. -func (DefaultValueEncoders) MinKeyEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tMinKey { - return ValueEncoderError{Name: "MinKeyEncodeValue", Types: []reflect.Type{tMinKey}, Received: val} - } - - return vw.WriteMinKey() -} - -// MaxKeyEncodeValue is the ValueEncoderFunc for MaxKey. -func (DefaultValueEncoders) MaxKeyEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tMaxKey { - return ValueEncoderError{Name: "MaxKeyEncodeValue", Types: []reflect.Type{tMaxKey}, Received: val} - } - - return vw.WriteMaxKey() -} - -// CoreDocumentEncodeValue is the ValueEncoderFunc for bsoncore.Document. -func (DefaultValueEncoders) CoreDocumentEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tCoreDocument { - return ValueEncoderError{Name: "CoreDocumentEncodeValue", Types: []reflect.Type{tCoreDocument}, Received: val} - } - - cdoc := val.Interface().(bsoncore.Document) - - return bsonrw.Copier{}.CopyDocumentFromBytes(vw, cdoc) -} - -// CodeWithScopeEncodeValue is the ValueEncoderFunc for CodeWithScope. -func (dve DefaultValueEncoders) CodeWithScopeEncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Type() != tCodeWithScope { - return ValueEncoderError{Name: "CodeWithScopeEncodeValue", Types: []reflect.Type{tCodeWithScope}, Received: val} - } - - cws := val.Interface().(primitive.CodeWithScope) - - dw, err := vw.WriteCodeWithScope(string(cws.Code)) - if err != nil { - return err - } - - sw := sliceWriterPool.Get().(*bsonrw.SliceWriter) - defer sliceWriterPool.Put(sw) - *sw = (*sw)[:0] - - scopeVW := bvwPool.Get(sw) - defer bvwPool.Put(scopeVW) - - encoder, err := ec.LookupEncoder(reflect.TypeOf(cws.Scope)) - if err != nil { - return err - } - - err = encoder.EncodeValue(ec, scopeVW, reflect.ValueOf(cws.Scope)) - if err != nil { - return err - } - - err = bsonrw.Copier{}.CopyBytesToDocumentWriter(dw, *sw) - if err != nil { - return err - } - return dw.WriteDocumentEnd() -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/doc.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/doc.go deleted file mode 100644 index 978511cbfabe..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/doc.go +++ /dev/null @@ -1,61 +0,0 @@ -// Package bsoncodec provides a system for encoding values to BSON representations and decoding -// values from BSON representations. This package considers both binary BSON and ExtendedJSON as -// BSON representations. The types in this package enable a flexible system for handling this -// encoding and decoding. -// -// The codec system is composed of two parts: -// -// 1) ValueEncoders and ValueDecoders that handle encoding and decoding Go values to and from BSON -// representations. -// -// 2) A Registry that holds these ValueEncoders and ValueDecoders and provides methods for -// retrieving them. -// -// ValueEncoders and ValueDecoders -// -// The ValueEncoder interface is implemented by types that can encode a provided Go type to BSON. -// The value to encode is provided as a reflect.Value and a bsonrw.ValueWriter is used within the -// EncodeValue method to actually create the BSON representation. For convenience, ValueEncoderFunc -// is provided to allow use of a function with the correct signature as a ValueEncoder. An -// EncodeContext instance is provided to allow implementations to lookup further ValueEncoders and -// to provide configuration information. -// -// The ValueDecoder interface is the inverse of the ValueEncoder. Implementations should ensure that -// the value they receive is settable. Similar to ValueEncoderFunc, ValueDecoderFunc is provided to -// allow the use of a function with the correct signature as a ValueDecoder. A DecodeContext -// instance is provided and serves similar functionality to the EncodeContext. -// -// Registry and RegistryBuilder -// -// A Registry is an immutable store for ValueEncoders, ValueDecoders, and a type map. For looking up -// ValueEncoders and Decoders the Registry first attempts to find a ValueEncoder or ValueDecoder for -// the type provided; if one cannot be found it then checks to see if a registered ValueEncoder or -// ValueDecoder exists for an interface the type implements. Finally, the reflect.Kind of the type -// is used to lookup a default ValueEncoder or ValueDecoder for that kind. If no ValueEncoder or -// ValueDecoder can be found, an error is returned. -// -// The Registry also holds a type map. This allows users to retrieve the Go type that should be used -// when decoding a BSON value into an empty interface. This is primarily only used for the empty -// interface ValueDecoder. -// -// A RegistryBuilder is used to construct a Registry. The Register methods are used to associate -// either a reflect.Type or a reflect.Kind with a ValueEncoder or ValueDecoder. A RegistryBuilder -// returned from NewRegistryBuilder contains no registered ValueEncoders nor ValueDecoders and -// contains an empty type map. -// -// The RegisterTypeMapEntry method handles associating a BSON type with a Go type. For example, if -// you want to decode BSON int64 and int32 values into Go int instances, you would do the following: -// -// var regbuilder *RegistryBuilder = ... intType := reflect.TypeOf(int(0)) -// regbuilder.RegisterTypeMapEntry(bsontype.Int64, intType).RegisterTypeMapEntry(bsontype.Int32, -// intType) -// -// DefaultValueEncoders and DefaultValueDecoders -// -// The DefaultValueEncoders and DefaultValueDecoders types provide a full set of ValueEncoders and -// ValueDecoders for handling a wide range of Go types, including all of the types within the -// primitive package. To make registering these codecs easier, a helper method on each type is -// provided. For the DefaultValueEncoders type the method is called RegisterDefaultEncoders and for -// the DefaultValueDecoders type the method is called RegisterDefaultDecoders, this method also -// handles registering type map entries for each BSON type. -package bsoncodec diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/mode.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/mode.go deleted file mode 100644 index fbd9f0a9e972..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/mode.go +++ /dev/null @@ -1,65 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec - -import "fmt" - -type mode int - -const ( - _ mode = iota - mTopLevel - mDocument - mArray - mValue - mElement - mCodeWithScope - mSpacer -) - -func (m mode) String() string { - var str string - - switch m { - case mTopLevel: - str = "TopLevel" - case mDocument: - str = "DocumentMode" - case mArray: - str = "ArrayMode" - case mValue: - str = "ValueMode" - case mElement: - str = "ElementMode" - case mCodeWithScope: - str = "CodeWithScopeMode" - case mSpacer: - str = "CodeWithScopeSpacerFrame" - default: - str = "UnknownMode" - } - - return str -} - -// TransitionError is an error returned when an invalid progressing a -// ValueReader or ValueWriter state machine occurs. -type TransitionError struct { - parent mode - current mode - destination mode -} - -func (te TransitionError) Error() string { - if te.destination == mode(0) { - return fmt.Sprintf("invalid state transition: cannot read/write value while in %s", te.current) - } - if te.parent == mode(0) { - return fmt.Sprintf("invalid state transition: %s -> %s", te.current, te.destination) - } - return fmt.Sprintf("invalid state transition: %s -> %s; parent %s", te.current, te.destination, te.parent) -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/pointer_codec.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/pointer_codec.go deleted file mode 100644 index 0d9502f214a5..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/pointer_codec.go +++ /dev/null @@ -1,110 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec - -import ( - "reflect" - "sync" - - "go.mongodb.org/mongo-driver/bson/bsonrw" - "go.mongodb.org/mongo-driver/bson/bsontype" -) - -var defaultPointerCodec = &PointerCodec{ - ecache: make(map[reflect.Type]ValueEncoder), - dcache: make(map[reflect.Type]ValueDecoder), -} - -var _ ValueEncoder = &PointerCodec{} -var _ ValueDecoder = &PointerCodec{} - -// PointerCodec is the Codec used for pointers. -type PointerCodec struct { - ecache map[reflect.Type]ValueEncoder - dcache map[reflect.Type]ValueDecoder - l sync.RWMutex -} - -// NewPointerCodec returns a PointerCodec that has been initialized. -func NewPointerCodec() *PointerCodec { - return &PointerCodec{ - ecache: make(map[reflect.Type]ValueEncoder), - dcache: make(map[reflect.Type]ValueDecoder), - } -} - -// EncodeValue handles encoding a pointer by either encoding it to BSON Null if the pointer is nil -// or looking up an encoder for the type of value the pointer points to. -func (pc *PointerCodec) EncodeValue(ec EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if val.Kind() != reflect.Ptr { - if !val.IsValid() { - return vw.WriteNull() - } - return ValueEncoderError{Name: "PointerCodec.EncodeValue", Kinds: []reflect.Kind{reflect.Ptr}, Received: val} - } - - if val.IsNil() { - return vw.WriteNull() - } - - pc.l.RLock() - enc, ok := pc.ecache[val.Type()] - pc.l.RUnlock() - if ok { - if enc == nil { - return ErrNoEncoder{Type: val.Type()} - } - return enc.EncodeValue(ec, vw, val.Elem()) - } - - enc, err := ec.LookupEncoder(val.Type().Elem()) - pc.l.Lock() - pc.ecache[val.Type()] = enc - pc.l.Unlock() - if err != nil { - return err - } - - return enc.EncodeValue(ec, vw, val.Elem()) -} - -// DecodeValue handles decoding a pointer by looking up a decoder for the type it points to and -// using that to decode. If the BSON value is Null, this method will set the pointer to nil. -func (pc *PointerCodec) DecodeValue(dc DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Kind() != reflect.Ptr { - return ValueDecoderError{Name: "PointerCodec.DecodeValue", Kinds: []reflect.Kind{reflect.Ptr}, Received: val} - } - - if vr.Type() == bsontype.Null { - val.Set(reflect.Zero(val.Type())) - return vr.ReadNull() - } - - if val.IsNil() { - val.Set(reflect.New(val.Type().Elem())) - } - - pc.l.RLock() - dec, ok := pc.dcache[val.Type()] - pc.l.RUnlock() - if ok { - if dec == nil { - return ErrNoDecoder{Type: val.Type()} - } - return dec.DecodeValue(dc, vr, val.Elem()) - } - - dec, err := dc.LookupDecoder(val.Type().Elem()) - pc.l.Lock() - pc.dcache[val.Type()] = dec - pc.l.Unlock() - if err != nil { - return err - } - - return dec.DecodeValue(dc, vr, val.Elem()) -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/proxy.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/proxy.go deleted file mode 100644 index 4cf2b01ab482..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/proxy.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec - -// Proxy is an interface implemented by types that cannot themselves be directly encoded. Types -// that implement this interface with have ProxyBSON called during the encoding process and that -// value will be encoded in place for the implementer. -type Proxy interface { - ProxyBSON() (interface{}, error) -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/registry.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/registry.go deleted file mode 100644 index 42e362b6adf2..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/registry.go +++ /dev/null @@ -1,384 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec - -import ( - "errors" - "reflect" - "sync" - - "go.mongodb.org/mongo-driver/bson/bsontype" -) - -// ErrNilType is returned when nil is passed to either LookupEncoder or LookupDecoder. -var ErrNilType = errors.New("cannot perform a decoder lookup on ") - -// ErrNotPointer is returned when a non-pointer type is provided to LookupDecoder. -var ErrNotPointer = errors.New("non-pointer provided to LookupDecoder") - -// ErrNoEncoder is returned when there wasn't an encoder available for a type. -type ErrNoEncoder struct { - Type reflect.Type -} - -func (ene ErrNoEncoder) Error() string { - if ene.Type == nil { - return "no encoder found for " - } - return "no encoder found for " + ene.Type.String() -} - -// ErrNoDecoder is returned when there wasn't a decoder available for a type. -type ErrNoDecoder struct { - Type reflect.Type -} - -func (end ErrNoDecoder) Error() string { - return "no decoder found for " + end.Type.String() -} - -// ErrNoTypeMapEntry is returned when there wasn't a type available for the provided BSON type. -type ErrNoTypeMapEntry struct { - Type bsontype.Type -} - -func (entme ErrNoTypeMapEntry) Error() string { - return "no type map entry found for " + entme.Type.String() -} - -// ErrNotInterface is returned when the provided type is not an interface. -var ErrNotInterface = errors.New("The provided type is not an interface") - -var defaultRegistry *Registry - -func init() { - defaultRegistry = buildDefaultRegistry() -} - -// A RegistryBuilder is used to build a Registry. This type is not goroutine -// safe. -type RegistryBuilder struct { - typeEncoders map[reflect.Type]ValueEncoder - interfaceEncoders []interfaceValueEncoder - kindEncoders map[reflect.Kind]ValueEncoder - - typeDecoders map[reflect.Type]ValueDecoder - interfaceDecoders []interfaceValueDecoder - kindDecoders map[reflect.Kind]ValueDecoder - - typeMap map[bsontype.Type]reflect.Type -} - -// A Registry is used to store and retrieve codecs for types and interfaces. This type is the main -// typed passed around and Encoders and Decoders are constructed from it. -type Registry struct { - typeEncoders map[reflect.Type]ValueEncoder - typeDecoders map[reflect.Type]ValueDecoder - - interfaceEncoders []interfaceValueEncoder - interfaceDecoders []interfaceValueDecoder - - kindEncoders map[reflect.Kind]ValueEncoder - kindDecoders map[reflect.Kind]ValueDecoder - - typeMap map[bsontype.Type]reflect.Type - - mu sync.RWMutex -} - -// NewRegistryBuilder creates a new empty RegistryBuilder. -func NewRegistryBuilder() *RegistryBuilder { - return &RegistryBuilder{ - typeEncoders: make(map[reflect.Type]ValueEncoder), - typeDecoders: make(map[reflect.Type]ValueDecoder), - - interfaceEncoders: make([]interfaceValueEncoder, 0), - interfaceDecoders: make([]interfaceValueDecoder, 0), - - kindEncoders: make(map[reflect.Kind]ValueEncoder), - kindDecoders: make(map[reflect.Kind]ValueDecoder), - - typeMap: make(map[bsontype.Type]reflect.Type), - } -} - -func buildDefaultRegistry() *Registry { - rb := NewRegistryBuilder() - defaultValueEncoders.RegisterDefaultEncoders(rb) - defaultValueDecoders.RegisterDefaultDecoders(rb) - return rb.Build() -} - -// RegisterCodec will register the provided ValueCodec for the provided type. -func (rb *RegistryBuilder) RegisterCodec(t reflect.Type, codec ValueCodec) *RegistryBuilder { - rb.RegisterEncoder(t, codec) - rb.RegisterDecoder(t, codec) - return rb -} - -// RegisterEncoder will register the provided ValueEncoder to the provided type. -// -// The type registered will be used directly, so an encoder can be registered for a type and a -// different encoder can be registered for a pointer to that type. -func (rb *RegistryBuilder) RegisterEncoder(t reflect.Type, enc ValueEncoder) *RegistryBuilder { - if t == tEmpty { - rb.typeEncoders[t] = enc - return rb - } - switch t.Kind() { - case reflect.Interface: - for idx, ir := range rb.interfaceEncoders { - if ir.i == t { - rb.interfaceEncoders[idx].ve = enc - return rb - } - } - - rb.interfaceEncoders = append(rb.interfaceEncoders, interfaceValueEncoder{i: t, ve: enc}) - default: - rb.typeEncoders[t] = enc - } - return rb -} - -// RegisterDecoder will register the provided ValueDecoder to the provided type. -// -// The type registered will be used directly, so a decoder can be registered for a type and a -// different decoder can be registered for a pointer to that type. -func (rb *RegistryBuilder) RegisterDecoder(t reflect.Type, dec ValueDecoder) *RegistryBuilder { - if t == nil { - rb.typeDecoders[nil] = dec - return rb - } - if t == tEmpty { - rb.typeDecoders[t] = dec - return rb - } - switch t.Kind() { - case reflect.Interface: - for idx, ir := range rb.interfaceDecoders { - if ir.i == t { - rb.interfaceDecoders[idx].vd = dec - return rb - } - } - - rb.interfaceDecoders = append(rb.interfaceDecoders, interfaceValueDecoder{i: t, vd: dec}) - default: - rb.typeDecoders[t] = dec - } - return rb -} - -// RegisterDefaultEncoder will registr the provided ValueEncoder to the provided -// kind. -func (rb *RegistryBuilder) RegisterDefaultEncoder(kind reflect.Kind, enc ValueEncoder) *RegistryBuilder { - rb.kindEncoders[kind] = enc - return rb -} - -// RegisterDefaultDecoder will register the provided ValueDecoder to the -// provided kind. -func (rb *RegistryBuilder) RegisterDefaultDecoder(kind reflect.Kind, dec ValueDecoder) *RegistryBuilder { - rb.kindDecoders[kind] = dec - return rb -} - -// RegisterTypeMapEntry will register the provided type to the BSON type. The primary usage for this -// mapping is decoding situations where an empty interface is used and a default type needs to be -// created and decoded into. -// -// NOTE: It is unlikely that registering a type for BSON Embedded Document is actually desired. By -// registering a type map entry for BSON Embedded Document the type registered will be used in any -// case where a BSON Embedded Document will be decoded into an empty interface. For example, if you -// register primitive.M, the EmptyInterface decoder will always use primitive.M, even if an ancestor -// was a primitive.D. -func (rb *RegistryBuilder) RegisterTypeMapEntry(bt bsontype.Type, rt reflect.Type) *RegistryBuilder { - rb.typeMap[bt] = rt - return rb -} - -// Build creates a Registry from the current state of this RegistryBuilder. -func (rb *RegistryBuilder) Build() *Registry { - registry := new(Registry) - - registry.typeEncoders = make(map[reflect.Type]ValueEncoder) - for t, enc := range rb.typeEncoders { - registry.typeEncoders[t] = enc - } - - registry.typeDecoders = make(map[reflect.Type]ValueDecoder) - for t, dec := range rb.typeDecoders { - registry.typeDecoders[t] = dec - } - - registry.interfaceEncoders = make([]interfaceValueEncoder, len(rb.interfaceEncoders)) - copy(registry.interfaceEncoders, rb.interfaceEncoders) - - registry.interfaceDecoders = make([]interfaceValueDecoder, len(rb.interfaceDecoders)) - copy(registry.interfaceDecoders, rb.interfaceDecoders) - - registry.kindEncoders = make(map[reflect.Kind]ValueEncoder) - for kind, enc := range rb.kindEncoders { - registry.kindEncoders[kind] = enc - } - - registry.kindDecoders = make(map[reflect.Kind]ValueDecoder) - for kind, dec := range rb.kindDecoders { - registry.kindDecoders[kind] = dec - } - - registry.typeMap = make(map[bsontype.Type]reflect.Type) - for bt, rt := range rb.typeMap { - registry.typeMap[bt] = rt - } - - return registry -} - -// LookupEncoder will inspect the registry for an encoder that satisfies the -// type provided. An encoder registered for a specific type will take -// precedence over an encoder registered for an interface the type satisfies, -// which takes precedence over an encoder for the reflect.Kind of the value. If -// no encoder can be found, an error is returned. -func (r *Registry) LookupEncoder(t reflect.Type) (ValueEncoder, error) { - encodererr := ErrNoEncoder{Type: t} - r.mu.RLock() - enc, found := r.lookupTypeEncoder(t) - r.mu.RUnlock() - if found { - if enc == nil { - return nil, ErrNoEncoder{Type: t} - } - return enc, nil - } - - enc, found = r.lookupInterfaceEncoder(t) - if found { - r.mu.Lock() - r.typeEncoders[t] = enc - r.mu.Unlock() - return enc, nil - } - - if t == nil { - r.mu.Lock() - r.typeEncoders[t] = nil - r.mu.Unlock() - return nil, encodererr - } - - enc, found = r.kindEncoders[t.Kind()] - if !found { - r.mu.Lock() - r.typeEncoders[t] = nil - r.mu.Unlock() - return nil, encodererr - } - - r.mu.Lock() - r.typeEncoders[t] = enc - r.mu.Unlock() - return enc, nil -} - -func (r *Registry) lookupTypeEncoder(t reflect.Type) (ValueEncoder, bool) { - enc, found := r.typeEncoders[t] - return enc, found -} - -func (r *Registry) lookupInterfaceEncoder(t reflect.Type) (ValueEncoder, bool) { - if t == nil { - return nil, false - } - for _, ienc := range r.interfaceEncoders { - if !t.Implements(ienc.i) { - continue - } - - return ienc.ve, true - } - return nil, false -} - -// LookupDecoder will inspect the registry for a decoder that satisfies the -// type provided. A decoder registered for a specific type will take -// precedence over a decoder registered for an interface the type satisfies, -// which takes precedence over a decoder for the reflect.Kind of the value. If -// no decoder can be found, an error is returned. -func (r *Registry) LookupDecoder(t reflect.Type) (ValueDecoder, error) { - if t == nil { - return nil, ErrNilType - } - decodererr := ErrNoDecoder{Type: t} - r.mu.RLock() - dec, found := r.lookupTypeDecoder(t) - r.mu.RUnlock() - if found { - if dec == nil { - return nil, ErrNoDecoder{Type: t} - } - return dec, nil - } - - dec, found = r.lookupInterfaceDecoder(t) - if found { - r.mu.Lock() - r.typeDecoders[t] = dec - r.mu.Unlock() - return dec, nil - } - - dec, found = r.kindDecoders[t.Kind()] - if !found { - r.mu.Lock() - r.typeDecoders[t] = nil - r.mu.Unlock() - return nil, decodererr - } - - r.mu.Lock() - r.typeDecoders[t] = dec - r.mu.Unlock() - return dec, nil -} - -func (r *Registry) lookupTypeDecoder(t reflect.Type) (ValueDecoder, bool) { - dec, found := r.typeDecoders[t] - return dec, found -} - -func (r *Registry) lookupInterfaceDecoder(t reflect.Type) (ValueDecoder, bool) { - for _, idec := range r.interfaceDecoders { - if !t.Implements(idec.i) && !reflect.PtrTo(t).Implements(idec.i) { - continue - } - - return idec.vd, true - } - return nil, false -} - -// LookupTypeMapEntry inspects the registry's type map for a Go type for the corresponding BSON -// type. If no type is found, ErrNoTypeMapEntry is returned. -func (r *Registry) LookupTypeMapEntry(bt bsontype.Type) (reflect.Type, error) { - t, ok := r.typeMap[bt] - if !ok || t == nil { - return nil, ErrNoTypeMapEntry{Type: bt} - } - return t, nil -} - -type interfaceValueEncoder struct { - i reflect.Type - ve ValueEncoder -} - -type interfaceValueDecoder struct { - i reflect.Type - vd ValueDecoder -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/struct_codec.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/struct_codec.go deleted file mode 100644 index 56eeff94b171..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/struct_codec.go +++ /dev/null @@ -1,367 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec - -import ( - "errors" - "fmt" - "reflect" - "strings" - "sync" - - "go.mongodb.org/mongo-driver/bson/bsonrw" - "go.mongodb.org/mongo-driver/bson/bsontype" -) - -var defaultStructCodec = &StructCodec{ - cache: make(map[reflect.Type]*structDescription), - parser: DefaultStructTagParser, -} - -// Zeroer allows custom struct types to implement a report of zero -// state. All struct types that don't implement Zeroer or where IsZero -// returns false are considered to be not zero. -type Zeroer interface { - IsZero() bool -} - -// StructCodec is the Codec used for struct values. -type StructCodec struct { - cache map[reflect.Type]*structDescription - l sync.RWMutex - parser StructTagParser -} - -var _ ValueEncoder = &StructCodec{} -var _ ValueDecoder = &StructCodec{} - -// NewStructCodec returns a StructCodec that uses p for struct tag parsing. -func NewStructCodec(p StructTagParser) (*StructCodec, error) { - if p == nil { - return nil, errors.New("a StructTagParser must be provided to NewStructCodec") - } - - return &StructCodec{ - cache: make(map[reflect.Type]*structDescription), - parser: p, - }, nil -} - -// EncodeValue handles encoding generic struct types. -func (sc *StructCodec) EncodeValue(r EncodeContext, vw bsonrw.ValueWriter, val reflect.Value) error { - if !val.IsValid() || val.Kind() != reflect.Struct { - return ValueEncoderError{Name: "StructCodec.EncodeValue", Kinds: []reflect.Kind{reflect.Struct}, Received: val} - } - - sd, err := sc.describeStruct(r.Registry, val.Type()) - if err != nil { - return err - } - - dw, err := vw.WriteDocument() - if err != nil { - return err - } - var rv reflect.Value - for _, desc := range sd.fl { - if desc.inline == nil { - rv = val.Field(desc.idx) - } else { - rv = val.FieldByIndex(desc.inline) - } - - if desc.encoder == nil { - return ErrNoEncoder{Type: rv.Type()} - } - - encoder := desc.encoder - - iszero := sc.isZero - if iz, ok := encoder.(CodecZeroer); ok { - iszero = iz.IsTypeZero - } - - if desc.omitEmpty && iszero(rv.Interface()) { - continue - } - - vw2, err := dw.WriteDocumentElement(desc.name) - if err != nil { - return err - } - - ectx := EncodeContext{Registry: r.Registry, MinSize: desc.minSize} - err = encoder.EncodeValue(ectx, vw2, rv) - if err != nil { - return err - } - } - - if sd.inlineMap >= 0 { - rv := val.Field(sd.inlineMap) - collisionFn := func(key string) bool { - _, exists := sd.fm[key] - return exists - } - - return defaultValueEncoders.mapEncodeValue(r, dw, rv, collisionFn) - } - - return dw.WriteDocumentEnd() -} - -// DecodeValue implements the Codec interface. -// By default, map types in val will not be cleared. If a map has existing key/value pairs, it will be extended with the new ones from vr. -// For slices, the decoder will set the length of the slice to zero and append all elements. The underlying array will not be cleared. -func (sc *StructCodec) DecodeValue(r DecodeContext, vr bsonrw.ValueReader, val reflect.Value) error { - if !val.CanSet() || val.Kind() != reflect.Struct { - return ValueDecoderError{Name: "StructCodec.DecodeValue", Kinds: []reflect.Kind{reflect.Struct}, Received: val} - } - - switch vr.Type() { - case bsontype.Type(0), bsontype.EmbeddedDocument: - default: - return fmt.Errorf("cannot decode %v into a %s", vr.Type(), val.Type()) - } - - sd, err := sc.describeStruct(r.Registry, val.Type()) - if err != nil { - return err - } - - var decoder ValueDecoder - var inlineMap reflect.Value - if sd.inlineMap >= 0 { - inlineMap = val.Field(sd.inlineMap) - if inlineMap.IsNil() { - inlineMap.Set(reflect.MakeMap(inlineMap.Type())) - } - decoder, err = r.LookupDecoder(inlineMap.Type().Elem()) - if err != nil { - return err - } - } - - dr, err := vr.ReadDocument() - if err != nil { - return err - } - - for { - name, vr, err := dr.ReadElement() - if err == bsonrw.ErrEOD { - break - } - if err != nil { - return err - } - - fd, exists := sd.fm[name] - if !exists { - // if the original name isn't found in the struct description, try again with the name in lowercase - // this could match if a BSON tag isn't specified because by default, describeStruct lowercases all field - // names - fd, exists = sd.fm[strings.ToLower(name)] - } - - if !exists { - if sd.inlineMap < 0 { - // The encoding/json package requires a flag to return on error for non-existent fields. - // This functionality seems appropriate for the struct codec. - err = vr.Skip() - if err != nil { - return err - } - continue - } - - elem := reflect.New(inlineMap.Type().Elem()).Elem() - err = decoder.DecodeValue(r, vr, elem) - if err != nil { - return err - } - inlineMap.SetMapIndex(reflect.ValueOf(name), elem) - continue - } - - var field reflect.Value - if fd.inline == nil { - field = val.Field(fd.idx) - } else { - field = val.FieldByIndex(fd.inline) - } - - if !field.CanSet() { // Being settable is a super set of being addressable. - return fmt.Errorf("cannot decode element '%s' into field %v; it is not settable", name, field) - } - if field.Kind() == reflect.Ptr && field.IsNil() { - field.Set(reflect.New(field.Type().Elem())) - } - field = field.Addr() - - dctx := DecodeContext{Registry: r.Registry, Truncate: fd.truncate || r.Truncate} - if fd.decoder == nil { - return ErrNoDecoder{Type: field.Elem().Type()} - } - - if decoder, ok := fd.decoder.(ValueDecoder); ok { - err = decoder.DecodeValue(dctx, vr, field.Elem()) - if err != nil { - return err - } - continue - } - err = fd.decoder.DecodeValue(dctx, vr, field) - if err != nil { - return err - } - } - - return nil -} - -func (sc *StructCodec) isZero(i interface{}) bool { - v := reflect.ValueOf(i) - - // check the value validity - if !v.IsValid() { - return true - } - - if z, ok := v.Interface().(Zeroer); ok && (v.Kind() != reflect.Ptr || !v.IsNil()) { - return z.IsZero() - } - - switch v.Kind() { - case reflect.Array, reflect.Map, reflect.Slice, reflect.String: - return v.Len() == 0 - case reflect.Bool: - return !v.Bool() - case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: - return v.Int() == 0 - case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr: - return v.Uint() == 0 - case reflect.Float32, reflect.Float64: - return v.Float() == 0 - case reflect.Interface, reflect.Ptr: - return v.IsNil() - } - - return false -} - -type structDescription struct { - fm map[string]fieldDescription - fl []fieldDescription - inlineMap int -} - -type fieldDescription struct { - name string - idx int - omitEmpty bool - minSize bool - truncate bool - inline []int - encoder ValueEncoder - decoder ValueDecoder -} - -func (sc *StructCodec) describeStruct(r *Registry, t reflect.Type) (*structDescription, error) { - // We need to analyze the struct, including getting the tags, collecting - // information about inlining, and create a map of the field name to the field. - sc.l.RLock() - ds, exists := sc.cache[t] - sc.l.RUnlock() - if exists { - return ds, nil - } - - numFields := t.NumField() - sd := &structDescription{ - fm: make(map[string]fieldDescription, numFields), - fl: make([]fieldDescription, 0, numFields), - inlineMap: -1, - } - - for i := 0; i < numFields; i++ { - sf := t.Field(i) - if sf.PkgPath != "" { - // unexported, ignore - continue - } - - encoder, err := r.LookupEncoder(sf.Type) - if err != nil { - encoder = nil - } - decoder, err := r.LookupDecoder(sf.Type) - if err != nil { - decoder = nil - } - - description := fieldDescription{idx: i, encoder: encoder, decoder: decoder} - - stags, err := sc.parser.ParseStructTags(sf) - if err != nil { - return nil, err - } - if stags.Skip { - continue - } - description.name = stags.Name - description.omitEmpty = stags.OmitEmpty - description.minSize = stags.MinSize - description.truncate = stags.Truncate - - if stags.Inline { - switch sf.Type.Kind() { - case reflect.Map: - if sd.inlineMap >= 0 { - return nil, errors.New("(struct " + t.String() + ") multiple inline maps") - } - if sf.Type.Key() != tString { - return nil, errors.New("(struct " + t.String() + ") inline map must have a string keys") - } - sd.inlineMap = description.idx - case reflect.Struct: - inlinesf, err := sc.describeStruct(r, sf.Type) - if err != nil { - return nil, err - } - for _, fd := range inlinesf.fl { - if _, exists := sd.fm[fd.name]; exists { - return nil, fmt.Errorf("(struct %s) duplicated key %s", t.String(), fd.name) - } - if fd.inline == nil { - fd.inline = []int{i, fd.idx} - } else { - fd.inline = append([]int{i}, fd.inline...) - } - sd.fm[fd.name] = fd - sd.fl = append(sd.fl, fd) - } - default: - return nil, fmt.Errorf("(struct %s) inline fields must be either a struct or a map", t.String()) - } - continue - } - - if _, exists := sd.fm[description.name]; exists { - return nil, fmt.Errorf("struct %s) duplicated key %s", t.String(), description.name) - } - - sd.fm[description.name] = description - sd.fl = append(sd.fl, description) - } - - sc.l.Lock() - sc.cache[t] = sd - sc.l.Unlock() - - return sd, nil -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/struct_tag_parser.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/struct_tag_parser.go deleted file mode 100644 index 69d0ae4d0617..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/struct_tag_parser.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec - -import ( - "reflect" - "strings" -) - -// StructTagParser returns the struct tags for a given struct field. -type StructTagParser interface { - ParseStructTags(reflect.StructField) (StructTags, error) -} - -// StructTagParserFunc is an adapter that allows a generic function to be used -// as a StructTagParser. -type StructTagParserFunc func(reflect.StructField) (StructTags, error) - -// ParseStructTags implements the StructTagParser interface. -func (stpf StructTagParserFunc) ParseStructTags(sf reflect.StructField) (StructTags, error) { - return stpf(sf) -} - -// StructTags represents the struct tag fields that the StructCodec uses during -// the encoding and decoding process. -// -// In the case of a struct, the lowercased field name is used as the key for each exported -// field but this behavior may be changed using a struct tag. The tag may also contain flags to -// adjust the marshalling behavior for the field. -// -// The properties are defined below: -// -// OmitEmpty Only include the field if it's not set to the zero value for the type or to -// empty slices or maps. -// -// MinSize Marshal an integer of a type larger than 32 bits value as an int32, if that's -// feasible while preserving the numeric value. -// -// Truncate When unmarshaling a BSON double, it is permitted to lose precision to fit within -// a float32. -// -// Inline Inline the field, which must be a struct or a map, causing all of its fields -// or keys to be processed as if they were part of the outer struct. For maps, -// keys must not conflict with the bson keys of other struct fields. -// -// Skip This struct field should be skipped. This is usually denoted by parsing a "-" -// for the name. -// -// TODO(skriptble): Add tags for undefined as nil and for null as nil. -type StructTags struct { - Name string - OmitEmpty bool - MinSize bool - Truncate bool - Inline bool - Skip bool -} - -// DefaultStructTagParser is the StructTagParser used by the StructCodec by default. -// It will handle the bson struct tag. See the documentation for StructTags to see -// what each of the returned fields means. -// -// If there is no name in the struct tag fields, the struct field name is lowercased. -// The tag formats accepted are: -// -// "[][,[,]]" -// -// `(...) bson:"[][,[,]]" (...)` -// -// An example: -// -// type T struct { -// A bool -// B int "myb" -// C string "myc,omitempty" -// D string `bson:",omitempty" json:"jsonkey"` -// E int64 ",minsize" -// F int64 "myf,omitempty,minsize" -// } -// -// A struct tag either consisting entirely of '-' or with a bson key with a -// value consisting entirely of '-' will return a StructTags with Skip true and -// the remaining fields will be their default values. -var DefaultStructTagParser StructTagParserFunc = func(sf reflect.StructField) (StructTags, error) { - key := strings.ToLower(sf.Name) - tag, ok := sf.Tag.Lookup("bson") - if !ok && !strings.Contains(string(sf.Tag), ":") && len(sf.Tag) > 0 { - tag = string(sf.Tag) - } - var st StructTags - if tag == "-" { - st.Skip = true - return st, nil - } - - for idx, str := range strings.Split(tag, ",") { - if idx == 0 && str != "" { - key = str - } - switch str { - case "omitempty": - st.OmitEmpty = true - case "minsize": - st.MinSize = true - case "truncate": - st.Truncate = true - case "inline": - st.Inline = true - } - } - - st.Name = key - - return st, nil -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/types.go b/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/types.go deleted file mode 100644 index 77264876aa0b..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsoncodec/types.go +++ /dev/null @@ -1,80 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsoncodec - -import ( - "encoding/json" - "net/url" - "reflect" - "time" - - "go.mongodb.org/mongo-driver/bson/primitive" - "go.mongodb.org/mongo-driver/x/bsonx/bsoncore" -) - -var ptBool = reflect.TypeOf((*bool)(nil)) -var ptInt8 = reflect.TypeOf((*int8)(nil)) -var ptInt16 = reflect.TypeOf((*int16)(nil)) -var ptInt32 = reflect.TypeOf((*int32)(nil)) -var ptInt64 = reflect.TypeOf((*int64)(nil)) -var ptInt = reflect.TypeOf((*int)(nil)) -var ptUint8 = reflect.TypeOf((*uint8)(nil)) -var ptUint16 = reflect.TypeOf((*uint16)(nil)) -var ptUint32 = reflect.TypeOf((*uint32)(nil)) -var ptUint64 = reflect.TypeOf((*uint64)(nil)) -var ptUint = reflect.TypeOf((*uint)(nil)) -var ptFloat32 = reflect.TypeOf((*float32)(nil)) -var ptFloat64 = reflect.TypeOf((*float64)(nil)) -var ptString = reflect.TypeOf((*string)(nil)) - -var tBool = reflect.TypeOf(false) -var tFloat32 = reflect.TypeOf(float32(0)) -var tFloat64 = reflect.TypeOf(float64(0)) -var tInt = reflect.TypeOf(int(0)) -var tInt8 = reflect.TypeOf(int8(0)) -var tInt16 = reflect.TypeOf(int16(0)) -var tInt32 = reflect.TypeOf(int32(0)) -var tInt64 = reflect.TypeOf(int64(0)) -var tString = reflect.TypeOf("") -var tTime = reflect.TypeOf(time.Time{}) -var tUint = reflect.TypeOf(uint(0)) -var tUint8 = reflect.TypeOf(uint8(0)) -var tUint16 = reflect.TypeOf(uint16(0)) -var tUint32 = reflect.TypeOf(uint32(0)) -var tUint64 = reflect.TypeOf(uint64(0)) - -var tEmpty = reflect.TypeOf((*interface{})(nil)).Elem() -var tByteSlice = reflect.TypeOf([]byte(nil)) -var tByte = reflect.TypeOf(byte(0x00)) -var tURL = reflect.TypeOf(url.URL{}) -var tJSONNumber = reflect.TypeOf(json.Number("")) - -var tValueMarshaler = reflect.TypeOf((*ValueMarshaler)(nil)).Elem() -var tValueUnmarshaler = reflect.TypeOf((*ValueUnmarshaler)(nil)).Elem() -var tMarshaler = reflect.TypeOf((*Marshaler)(nil)).Elem() -var tUnmarshaler = reflect.TypeOf((*Unmarshaler)(nil)).Elem() -var tProxy = reflect.TypeOf((*Proxy)(nil)).Elem() - -var tBinary = reflect.TypeOf(primitive.Binary{}) -var tUndefined = reflect.TypeOf(primitive.Undefined{}) -var tOID = reflect.TypeOf(primitive.ObjectID{}) -var tDateTime = reflect.TypeOf(primitive.DateTime(0)) -var tNull = reflect.TypeOf(primitive.Null{}) -var tRegex = reflect.TypeOf(primitive.Regex{}) -var tCodeWithScope = reflect.TypeOf(primitive.CodeWithScope{}) -var tDBPointer = reflect.TypeOf(primitive.DBPointer{}) -var tJavaScript = reflect.TypeOf(primitive.JavaScript("")) -var tSymbol = reflect.TypeOf(primitive.Symbol("")) -var tTimestamp = reflect.TypeOf(primitive.Timestamp{}) -var tDecimal = reflect.TypeOf(primitive.Decimal128{}) -var tMinKey = reflect.TypeOf(primitive.MinKey{}) -var tMaxKey = reflect.TypeOf(primitive.MaxKey{}) -var tD = reflect.TypeOf(primitive.D{}) -var tA = reflect.TypeOf(primitive.A{}) -var tE = reflect.TypeOf(primitive.E{}) - -var tCoreDocument = reflect.TypeOf(bsoncore.Document{}) diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/copier.go b/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/copier.go deleted file mode 100644 index 02e3a7e3d051..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/copier.go +++ /dev/null @@ -1,389 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsonrw - -import ( - "fmt" - "io" - - "go.mongodb.org/mongo-driver/bson/bsontype" - "go.mongodb.org/mongo-driver/bson/primitive" - "go.mongodb.org/mongo-driver/x/bsonx/bsoncore" -) - -// Copier is a type that allows copying between ValueReaders, ValueWriters, and -// []byte values. -type Copier struct{} - -// NewCopier creates a new copier with the given registry. If a nil registry is provided -// a default registry is used. -func NewCopier() Copier { - return Copier{} -} - -// CopyDocument handles copying a document from src to dst. -func CopyDocument(dst ValueWriter, src ValueReader) error { - return Copier{}.CopyDocument(dst, src) -} - -// CopyDocument handles copying one document from the src to the dst. -func (c Copier) CopyDocument(dst ValueWriter, src ValueReader) error { - dr, err := src.ReadDocument() - if err != nil { - return err - } - - dw, err := dst.WriteDocument() - if err != nil { - return err - } - - return c.copyDocumentCore(dw, dr) -} - -// CopyDocumentFromBytes copies the values from a BSON document represented as a -// []byte to a ValueWriter. -func (c Copier) CopyDocumentFromBytes(dst ValueWriter, src []byte) error { - dw, err := dst.WriteDocument() - if err != nil { - return err - } - - err = c.CopyBytesToDocumentWriter(dw, src) - if err != nil { - return err - } - - return dw.WriteDocumentEnd() -} - -// CopyBytesToDocumentWriter copies the values from a BSON document represented as a []byte to a -// DocumentWriter. -func (c Copier) CopyBytesToDocumentWriter(dst DocumentWriter, src []byte) error { - // TODO(skriptble): Create errors types here. Anything thats a tag should be a property. - length, rem, ok := bsoncore.ReadLength(src) - if !ok { - return fmt.Errorf("couldn't read length from src, not enough bytes. length=%d", len(src)) - } - if len(src) < int(length) { - return fmt.Errorf("length read exceeds number of bytes available. length=%d bytes=%d", len(src), length) - } - rem = rem[:length-4] - - var t bsontype.Type - var key string - var val bsoncore.Value - for { - t, rem, ok = bsoncore.ReadType(rem) - if !ok { - return io.EOF - } - if t == bsontype.Type(0) { - if len(rem) != 0 { - return fmt.Errorf("document end byte found before end of document. remaining bytes=%v", rem) - } - break - } - - key, rem, ok = bsoncore.ReadKey(rem) - if !ok { - return fmt.Errorf("invalid key found. remaining bytes=%v", rem) - } - dvw, err := dst.WriteDocumentElement(key) - if err != nil { - return err - } - val, rem, ok = bsoncore.ReadValue(rem, t) - if !ok { - return fmt.Errorf("not enough bytes available to read type. bytes=%d type=%s", len(rem), t) - } - err = c.CopyValueFromBytes(dvw, t, val.Data) - if err != nil { - return err - } - } - return nil -} - -// CopyDocumentToBytes copies an entire document from the ValueReader and -// returns it as bytes. -func (c Copier) CopyDocumentToBytes(src ValueReader) ([]byte, error) { - return c.AppendDocumentBytes(nil, src) -} - -// AppendDocumentBytes functions the same as CopyDocumentToBytes, but will -// append the result to dst. -func (c Copier) AppendDocumentBytes(dst []byte, src ValueReader) ([]byte, error) { - if br, ok := src.(BytesReader); ok { - _, dst, err := br.ReadValueBytes(dst) - return dst, err - } - - vw := vwPool.Get().(*valueWriter) - defer vwPool.Put(vw) - - vw.reset(dst) - - err := c.CopyDocument(vw, src) - dst = vw.buf - return dst, err -} - -// CopyValueFromBytes will write the value represtend by t and src to dst. -func (c Copier) CopyValueFromBytes(dst ValueWriter, t bsontype.Type, src []byte) error { - if wvb, ok := dst.(BytesWriter); ok { - return wvb.WriteValueBytes(t, src) - } - - vr := vrPool.Get().(*valueReader) - defer vrPool.Put(vr) - - vr.reset(src) - vr.pushElement(t) - - return c.CopyValue(dst, vr) -} - -// CopyValueToBytes copies a value from src and returns it as a bsontype.Type and a -// []byte. -func (c Copier) CopyValueToBytes(src ValueReader) (bsontype.Type, []byte, error) { - return c.AppendValueBytes(nil, src) -} - -// AppendValueBytes functions the same as CopyValueToBytes, but will append the -// result to dst. -func (c Copier) AppendValueBytes(dst []byte, src ValueReader) (bsontype.Type, []byte, error) { - if br, ok := src.(BytesReader); ok { - return br.ReadValueBytes(dst) - } - - vw := vwPool.Get().(*valueWriter) - defer vwPool.Put(vw) - - start := len(dst) - - vw.reset(dst) - vw.push(mElement) - - err := c.CopyValue(vw, src) - if err != nil { - return 0, dst, err - } - - return bsontype.Type(vw.buf[start]), vw.buf[start+2:], nil -} - -// CopyValue will copy a single value from src to dst. -func (c Copier) CopyValue(dst ValueWriter, src ValueReader) error { - var err error - switch src.Type() { - case bsontype.Double: - var f64 float64 - f64, err = src.ReadDouble() - if err != nil { - break - } - err = dst.WriteDouble(f64) - case bsontype.String: - var str string - str, err = src.ReadString() - if err != nil { - return err - } - err = dst.WriteString(str) - case bsontype.EmbeddedDocument: - err = c.CopyDocument(dst, src) - case bsontype.Array: - err = c.copyArray(dst, src) - case bsontype.Binary: - var data []byte - var subtype byte - data, subtype, err = src.ReadBinary() - if err != nil { - break - } - err = dst.WriteBinaryWithSubtype(data, subtype) - case bsontype.Undefined: - err = src.ReadUndefined() - if err != nil { - break - } - err = dst.WriteUndefined() - case bsontype.ObjectID: - var oid primitive.ObjectID - oid, err = src.ReadObjectID() - if err != nil { - break - } - err = dst.WriteObjectID(oid) - case bsontype.Boolean: - var b bool - b, err = src.ReadBoolean() - if err != nil { - break - } - err = dst.WriteBoolean(b) - case bsontype.DateTime: - var dt int64 - dt, err = src.ReadDateTime() - if err != nil { - break - } - err = dst.WriteDateTime(dt) - case bsontype.Null: - err = src.ReadNull() - if err != nil { - break - } - err = dst.WriteNull() - case bsontype.Regex: - var pattern, options string - pattern, options, err = src.ReadRegex() - if err != nil { - break - } - err = dst.WriteRegex(pattern, options) - case bsontype.DBPointer: - var ns string - var pointer primitive.ObjectID - ns, pointer, err = src.ReadDBPointer() - if err != nil { - break - } - err = dst.WriteDBPointer(ns, pointer) - case bsontype.JavaScript: - var js string - js, err = src.ReadJavascript() - if err != nil { - break - } - err = dst.WriteJavascript(js) - case bsontype.Symbol: - var symbol string - symbol, err = src.ReadSymbol() - if err != nil { - break - } - err = dst.WriteSymbol(symbol) - case bsontype.CodeWithScope: - var code string - var srcScope DocumentReader - code, srcScope, err = src.ReadCodeWithScope() - if err != nil { - break - } - - var dstScope DocumentWriter - dstScope, err = dst.WriteCodeWithScope(code) - if err != nil { - break - } - err = c.copyDocumentCore(dstScope, srcScope) - case bsontype.Int32: - var i32 int32 - i32, err = src.ReadInt32() - if err != nil { - break - } - err = dst.WriteInt32(i32) - case bsontype.Timestamp: - var t, i uint32 - t, i, err = src.ReadTimestamp() - if err != nil { - break - } - err = dst.WriteTimestamp(t, i) - case bsontype.Int64: - var i64 int64 - i64, err = src.ReadInt64() - if err != nil { - break - } - err = dst.WriteInt64(i64) - case bsontype.Decimal128: - var d128 primitive.Decimal128 - d128, err = src.ReadDecimal128() - if err != nil { - break - } - err = dst.WriteDecimal128(d128) - case bsontype.MinKey: - err = src.ReadMinKey() - if err != nil { - break - } - err = dst.WriteMinKey() - case bsontype.MaxKey: - err = src.ReadMaxKey() - if err != nil { - break - } - err = dst.WriteMaxKey() - default: - err = fmt.Errorf("Cannot copy unknown BSON type %s", src.Type()) - } - - return err -} - -func (c Copier) copyArray(dst ValueWriter, src ValueReader) error { - ar, err := src.ReadArray() - if err != nil { - return err - } - - aw, err := dst.WriteArray() - if err != nil { - return err - } - - for { - vr, err := ar.ReadValue() - if err == ErrEOA { - break - } - if err != nil { - return err - } - - vw, err := aw.WriteArrayElement() - if err != nil { - return err - } - - err = c.CopyValue(vw, vr) - if err != nil { - return err - } - } - - return aw.WriteArrayEnd() -} - -func (c Copier) copyDocumentCore(dw DocumentWriter, dr DocumentReader) error { - for { - key, vr, err := dr.ReadElement() - if err == ErrEOD { - break - } - if err != nil { - return err - } - - vw, err := dw.WriteDocumentElement(key) - if err != nil { - return err - } - - err = c.CopyValue(vw, vr) - if err != nil { - return err - } - } - - return dw.WriteDocumentEnd() -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/doc.go b/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/doc.go deleted file mode 100644 index 750b0d2af51e..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/doc.go +++ /dev/null @@ -1,9 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -// Package bsonrw contains abstractions for reading and writing -// BSON and BSON like types from sources. -package bsonrw // import "go.mongodb.org/mongo-driver/bson/bsonrw" diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_parser.go b/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_parser.go deleted file mode 100644 index 9e223edf9d00..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_parser.go +++ /dev/null @@ -1,731 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsonrw - -import ( - "errors" - "fmt" - "io" - - "go.mongodb.org/mongo-driver/bson/bsontype" -) - -const maxNestingDepth = 200 - -// ErrInvalidJSON indicates the JSON input is invalid -var ErrInvalidJSON = errors.New("invalid JSON input") - -type jsonParseState byte - -const ( - jpsStartState jsonParseState = iota - jpsSawBeginObject - jpsSawEndObject - jpsSawBeginArray - jpsSawEndArray - jpsSawColon - jpsSawComma - jpsSawKey - jpsSawValue - jpsDoneState - jpsInvalidState -) - -type jsonParseMode byte - -const ( - jpmInvalidMode jsonParseMode = iota - jpmObjectMode - jpmArrayMode -) - -type extJSONValue struct { - t bsontype.Type - v interface{} -} - -type extJSONObject struct { - keys []string - values []*extJSONValue -} - -type extJSONParser struct { - js *jsonScanner - s jsonParseState - m []jsonParseMode - k string - v *extJSONValue - - err error - canonical bool - depth int - maxDepth int - - emptyObject bool -} - -// newExtJSONParser returns a new extended JSON parser, ready to to begin -// parsing from the first character of the argued json input. It will not -// perform any read-ahead and will therefore not report any errors about -// malformed JSON at this point. -func newExtJSONParser(r io.Reader, canonical bool) *extJSONParser { - return &extJSONParser{ - js: &jsonScanner{r: r}, - s: jpsStartState, - m: []jsonParseMode{}, - canonical: canonical, - maxDepth: maxNestingDepth, - } -} - -// peekType examines the next value and returns its BSON Type -func (ejp *extJSONParser) peekType() (bsontype.Type, error) { - var t bsontype.Type - var err error - - ejp.advanceState() - switch ejp.s { - case jpsSawValue: - t = ejp.v.t - case jpsSawBeginArray: - t = bsontype.Array - case jpsInvalidState: - err = ejp.err - case jpsSawComma: - // in array mode, seeing a comma means we need to progress again to actually observe a type - if ejp.peekMode() == jpmArrayMode { - return ejp.peekType() - } - case jpsSawEndArray: - // this would only be a valid state if we were in array mode, so return end-of-array error - err = ErrEOA - case jpsSawBeginObject: - // peek key to determine type - ejp.advanceState() - switch ejp.s { - case jpsSawEndObject: // empty embedded document - t = bsontype.EmbeddedDocument - ejp.emptyObject = true - case jpsInvalidState: - err = ejp.err - case jpsSawKey: - t = wrapperKeyBSONType(ejp.k) - - if t == bsontype.JavaScript { - // just saw $code, need to check for $scope at same level - _, err := ejp.readValue(bsontype.JavaScript) - - if err != nil { - break - } - - switch ejp.s { - case jpsSawEndObject: // type is TypeJavaScript - case jpsSawComma: - ejp.advanceState() - if ejp.s == jpsSawKey && ejp.k == "$scope" { - t = bsontype.CodeWithScope - } else { - err = fmt.Errorf("invalid extended JSON: unexpected key %s in CodeWithScope object", ejp.k) - } - case jpsInvalidState: - err = ejp.err - default: - err = ErrInvalidJSON - } - } - } - } - - return t, err -} - -// readKey parses the next key and its type and returns them -func (ejp *extJSONParser) readKey() (string, bsontype.Type, error) { - if ejp.emptyObject { - ejp.emptyObject = false - return "", 0, ErrEOD - } - - // advance to key (or return with error) - switch ejp.s { - case jpsStartState: - ejp.advanceState() - if ejp.s == jpsSawBeginObject { - ejp.advanceState() - } - case jpsSawBeginObject: - ejp.advanceState() - case jpsSawValue, jpsSawEndObject, jpsSawEndArray: - ejp.advanceState() - switch ejp.s { - case jpsSawBeginObject, jpsSawComma: - ejp.advanceState() - case jpsSawEndObject: - return "", 0, ErrEOD - case jpsDoneState: - return "", 0, io.EOF - case jpsInvalidState: - return "", 0, ejp.err - default: - return "", 0, ErrInvalidJSON - } - case jpsSawKey: // do nothing (key was peeked before) - default: - return "", 0, invalidRequestError("key") - } - - // read key - var key string - - switch ejp.s { - case jpsSawKey: - key = ejp.k - case jpsSawEndObject: - return "", 0, ErrEOD - case jpsInvalidState: - return "", 0, ejp.err - default: - return "", 0, invalidRequestError("key") - } - - // check for colon - ejp.advanceState() - if err := ensureColon(ejp.s, key); err != nil { - return "", 0, err - } - - // peek at the value to determine type - t, err := ejp.peekType() - if err != nil { - return "", 0, err - } - - return key, t, nil -} - -// readValue returns the value corresponding to the Type returned by peekType -func (ejp *extJSONParser) readValue(t bsontype.Type) (*extJSONValue, error) { - if ejp.s == jpsInvalidState { - return nil, ejp.err - } - - var v *extJSONValue - - switch t { - case bsontype.Null, bsontype.Boolean, bsontype.String: - if ejp.s != jpsSawValue { - return nil, invalidRequestError(t.String()) - } - v = ejp.v - case bsontype.Int32, bsontype.Int64, bsontype.Double: - // relaxed version allows these to be literal number values - if ejp.s == jpsSawValue { - v = ejp.v - break - } - fallthrough - case bsontype.Decimal128, bsontype.Symbol, bsontype.ObjectID, bsontype.MinKey, bsontype.MaxKey, bsontype.Undefined: - switch ejp.s { - case jpsSawKey: - // read colon - ejp.advanceState() - if err := ensureColon(ejp.s, ejp.k); err != nil { - return nil, err - } - - // read value - ejp.advanceState() - if ejp.s != jpsSawValue || !ejp.ensureExtValueType(t) { - return nil, invalidJSONErrorForType("value", t) - } - - v = ejp.v - - // read end object - ejp.advanceState() - if ejp.s != jpsSawEndObject { - return nil, invalidJSONErrorForType("} after value", t) - } - default: - return nil, invalidRequestError(t.String()) - } - case bsontype.Binary, bsontype.Regex, bsontype.Timestamp, bsontype.DBPointer: - if ejp.s != jpsSawKey { - return nil, invalidRequestError(t.String()) - } - // read colon - ejp.advanceState() - if err := ensureColon(ejp.s, ejp.k); err != nil { - return nil, err - } - - ejp.advanceState() - if t == bsontype.Binary && ejp.s == jpsSawValue { - // convert legacy $binary format - base64 := ejp.v - - ejp.advanceState() - if ejp.s != jpsSawComma { - return nil, invalidJSONErrorForType(",", bsontype.Binary) - } - - ejp.advanceState() - key, t, err := ejp.readKey() - if err != nil { - return nil, err - } - if key != "$type" { - return nil, invalidJSONErrorForType("$type", bsontype.Binary) - } - - subType, err := ejp.readValue(t) - if err != nil { - return nil, err - } - - ejp.advanceState() - if ejp.s != jpsSawEndObject { - return nil, invalidJSONErrorForType("2 key-value pairs and then }", bsontype.Binary) - } - - v = &extJSONValue{ - t: bsontype.EmbeddedDocument, - v: &extJSONObject{ - keys: []string{"base64", "subType"}, - values: []*extJSONValue{base64, subType}, - }, - } - break - } - - // read KV pairs - if ejp.s != jpsSawBeginObject { - return nil, invalidJSONErrorForType("{", t) - } - - keys, vals, err := ejp.readObject(2, true) - if err != nil { - return nil, err - } - - ejp.advanceState() - if ejp.s != jpsSawEndObject { - return nil, invalidJSONErrorForType("2 key-value pairs and then }", t) - } - - v = &extJSONValue{t: bsontype.EmbeddedDocument, v: &extJSONObject{keys: keys, values: vals}} - - case bsontype.DateTime: - switch ejp.s { - case jpsSawValue: - v = ejp.v - case jpsSawKey: - // read colon - ejp.advanceState() - if err := ensureColon(ejp.s, ejp.k); err != nil { - return nil, err - } - - ejp.advanceState() - switch ejp.s { - case jpsSawBeginObject: - keys, vals, err := ejp.readObject(1, true) - if err != nil { - return nil, err - } - v = &extJSONValue{t: bsontype.EmbeddedDocument, v: &extJSONObject{keys: keys, values: vals}} - case jpsSawValue: - if ejp.canonical { - return nil, invalidJSONError("{") - } - v = ejp.v - default: - if ejp.canonical { - return nil, invalidJSONErrorForType("object", t) - } - return nil, invalidJSONErrorForType("ISO-8601 Internet Date/Time Format as decribed in RFC-3339", t) - } - - ejp.advanceState() - if ejp.s != jpsSawEndObject { - return nil, invalidJSONErrorForType("value and then }", t) - } - default: - return nil, invalidRequestError(t.String()) - } - case bsontype.JavaScript: - switch ejp.s { - case jpsSawKey: - // read colon - ejp.advanceState() - if err := ensureColon(ejp.s, ejp.k); err != nil { - return nil, err - } - - // read value - ejp.advanceState() - if ejp.s != jpsSawValue { - return nil, invalidJSONErrorForType("value", t) - } - v = ejp.v - - // read end object or comma and just return - ejp.advanceState() - case jpsSawEndObject: - v = ejp.v - default: - return nil, invalidRequestError(t.String()) - } - case bsontype.CodeWithScope: - if ejp.s == jpsSawKey && ejp.k == "$scope" { - v = ejp.v // this is the $code string from earlier - - // read colon - ejp.advanceState() - if err := ensureColon(ejp.s, ejp.k); err != nil { - return nil, err - } - - // read { - ejp.advanceState() - if ejp.s != jpsSawBeginObject { - return nil, invalidJSONError("$scope to be embedded document") - } - } else { - return nil, invalidRequestError(t.String()) - } - case bsontype.EmbeddedDocument, bsontype.Array: - return nil, invalidRequestError(t.String()) - } - - return v, nil -} - -// readObject is a utility method for reading full objects of known (or expected) size -// it is useful for extended JSON types such as binary, datetime, regex, and timestamp -func (ejp *extJSONParser) readObject(numKeys int, started bool) ([]string, []*extJSONValue, error) { - keys := make([]string, numKeys) - vals := make([]*extJSONValue, numKeys) - - if !started { - ejp.advanceState() - if ejp.s != jpsSawBeginObject { - return nil, nil, invalidJSONError("{") - } - } - - for i := 0; i < numKeys; i++ { - key, t, err := ejp.readKey() - if err != nil { - return nil, nil, err - } - - switch ejp.s { - case jpsSawKey: - v, err := ejp.readValue(t) - if err != nil { - return nil, nil, err - } - - keys[i] = key - vals[i] = v - case jpsSawValue: - keys[i] = key - vals[i] = ejp.v - default: - return nil, nil, invalidJSONError("value") - } - } - - ejp.advanceState() - if ejp.s != jpsSawEndObject { - return nil, nil, invalidJSONError("}") - } - - return keys, vals, nil -} - -// advanceState reads the next JSON token from the scanner and transitions -// from the current state based on that token's type -func (ejp *extJSONParser) advanceState() { - if ejp.s == jpsDoneState || ejp.s == jpsInvalidState { - return - } - - jt, err := ejp.js.nextToken() - - if err != nil { - ejp.err = err - ejp.s = jpsInvalidState - return - } - - valid := ejp.validateToken(jt.t) - if !valid { - ejp.err = unexpectedTokenError(jt) - ejp.s = jpsInvalidState - return - } - - switch jt.t { - case jttBeginObject: - ejp.s = jpsSawBeginObject - ejp.pushMode(jpmObjectMode) - ejp.depth++ - - if ejp.depth > ejp.maxDepth { - ejp.err = nestingDepthError(jt.p, ejp.depth) - ejp.s = jpsInvalidState - } - case jttEndObject: - ejp.s = jpsSawEndObject - ejp.depth-- - - if ejp.popMode() != jpmObjectMode { - ejp.err = unexpectedTokenError(jt) - ejp.s = jpsInvalidState - } - case jttBeginArray: - ejp.s = jpsSawBeginArray - ejp.pushMode(jpmArrayMode) - case jttEndArray: - ejp.s = jpsSawEndArray - - if ejp.popMode() != jpmArrayMode { - ejp.err = unexpectedTokenError(jt) - ejp.s = jpsInvalidState - } - case jttColon: - ejp.s = jpsSawColon - case jttComma: - ejp.s = jpsSawComma - case jttEOF: - ejp.s = jpsDoneState - if len(ejp.m) != 0 { - ejp.err = unexpectedTokenError(jt) - ejp.s = jpsInvalidState - } - case jttString: - switch ejp.s { - case jpsSawComma: - if ejp.peekMode() == jpmArrayMode { - ejp.s = jpsSawValue - ejp.v = extendJSONToken(jt) - return - } - fallthrough - case jpsSawBeginObject: - ejp.s = jpsSawKey - ejp.k = jt.v.(string) - return - } - fallthrough - default: - ejp.s = jpsSawValue - ejp.v = extendJSONToken(jt) - } -} - -var jpsValidTransitionTokens = map[jsonParseState]map[jsonTokenType]bool{ - jpsStartState: { - jttBeginObject: true, - jttBeginArray: true, - jttInt32: true, - jttInt64: true, - jttDouble: true, - jttString: true, - jttBool: true, - jttNull: true, - jttEOF: true, - }, - jpsSawBeginObject: { - jttEndObject: true, - jttString: true, - }, - jpsSawEndObject: { - jttEndObject: true, - jttEndArray: true, - jttComma: true, - jttEOF: true, - }, - jpsSawBeginArray: { - jttBeginObject: true, - jttBeginArray: true, - jttEndArray: true, - jttInt32: true, - jttInt64: true, - jttDouble: true, - jttString: true, - jttBool: true, - jttNull: true, - }, - jpsSawEndArray: { - jttEndObject: true, - jttEndArray: true, - jttComma: true, - jttEOF: true, - }, - jpsSawColon: { - jttBeginObject: true, - jttBeginArray: true, - jttInt32: true, - jttInt64: true, - jttDouble: true, - jttString: true, - jttBool: true, - jttNull: true, - }, - jpsSawComma: { - jttBeginObject: true, - jttBeginArray: true, - jttInt32: true, - jttInt64: true, - jttDouble: true, - jttString: true, - jttBool: true, - jttNull: true, - }, - jpsSawKey: { - jttColon: true, - }, - jpsSawValue: { - jttEndObject: true, - jttEndArray: true, - jttComma: true, - jttEOF: true, - }, - jpsDoneState: {}, - jpsInvalidState: {}, -} - -func (ejp *extJSONParser) validateToken(jtt jsonTokenType) bool { - switch ejp.s { - case jpsSawEndObject: - // if we are at depth zero and the next token is a '{', - // we can consider it valid only if we are not in array mode. - if jtt == jttBeginObject && ejp.depth == 0 { - return ejp.peekMode() != jpmArrayMode - } - case jpsSawComma: - switch ejp.peekMode() { - // the only valid next token after a comma inside a document is a string (a key) - case jpmObjectMode: - return jtt == jttString - case jpmInvalidMode: - return false - } - } - - _, ok := jpsValidTransitionTokens[ejp.s][jtt] - return ok -} - -// ensureExtValueType returns true if the current value has the expected -// value type for single-key extended JSON types. For example, -// {"$numberInt": v} v must be TypeString -func (ejp *extJSONParser) ensureExtValueType(t bsontype.Type) bool { - switch t { - case bsontype.MinKey, bsontype.MaxKey: - return ejp.v.t == bsontype.Int32 - case bsontype.Undefined: - return ejp.v.t == bsontype.Boolean - case bsontype.Int32, bsontype.Int64, bsontype.Double, bsontype.Decimal128, bsontype.Symbol, bsontype.ObjectID: - return ejp.v.t == bsontype.String - default: - return false - } -} - -func (ejp *extJSONParser) pushMode(m jsonParseMode) { - ejp.m = append(ejp.m, m) -} - -func (ejp *extJSONParser) popMode() jsonParseMode { - l := len(ejp.m) - if l == 0 { - return jpmInvalidMode - } - - m := ejp.m[l-1] - ejp.m = ejp.m[:l-1] - - return m -} - -func (ejp *extJSONParser) peekMode() jsonParseMode { - l := len(ejp.m) - if l == 0 { - return jpmInvalidMode - } - - return ejp.m[l-1] -} - -func extendJSONToken(jt *jsonToken) *extJSONValue { - var t bsontype.Type - - switch jt.t { - case jttInt32: - t = bsontype.Int32 - case jttInt64: - t = bsontype.Int64 - case jttDouble: - t = bsontype.Double - case jttString: - t = bsontype.String - case jttBool: - t = bsontype.Boolean - case jttNull: - t = bsontype.Null - default: - return nil - } - - return &extJSONValue{t: t, v: jt.v} -} - -func ensureColon(s jsonParseState, key string) error { - if s != jpsSawColon { - return fmt.Errorf("invalid JSON input: missing colon after key \"%s\"", key) - } - - return nil -} - -func invalidRequestError(s string) error { - return fmt.Errorf("invalid request to read %s", s) -} - -func invalidJSONError(expected string) error { - return fmt.Errorf("invalid JSON input; expected %s", expected) -} - -func invalidJSONErrorForType(expected string, t bsontype.Type) error { - return fmt.Errorf("invalid JSON input; expected %s for %s", expected, t) -} - -func unexpectedTokenError(jt *jsonToken) error { - switch jt.t { - case jttInt32, jttInt64, jttDouble: - return fmt.Errorf("invalid JSON input; unexpected number (%v) at position %d", jt.v, jt.p) - case jttString: - return fmt.Errorf("invalid JSON input; unexpected string (\"%v\") at position %d", jt.v, jt.p) - case jttBool: - return fmt.Errorf("invalid JSON input; unexpected boolean literal (%v) at position %d", jt.v, jt.p) - case jttNull: - return fmt.Errorf("invalid JSON input; unexpected null literal at position %d", jt.p) - case jttEOF: - return fmt.Errorf("invalid JSON input; unexpected end of input at position %d", jt.p) - default: - return fmt.Errorf("invalid JSON input; unexpected %c at position %d", jt.v.(byte), jt.p) - } -} - -func nestingDepthError(p, depth int) error { - return fmt.Errorf("invalid JSON input; nesting too deep (%d levels) at position %d", depth, p) -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_reader.go b/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_reader.go deleted file mode 100644 index dd560c96f631..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_reader.go +++ /dev/null @@ -1,659 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package bsonrw - -import ( - "fmt" - "io" - "sync" - - "go.mongodb.org/mongo-driver/bson/bsontype" - "go.mongodb.org/mongo-driver/bson/primitive" -) - -// ExtJSONValueReaderPool is a pool for ValueReaders that read ExtJSON. -type ExtJSONValueReaderPool struct { - pool sync.Pool -} - -// NewExtJSONValueReaderPool instantiates a new ExtJSONValueReaderPool. -func NewExtJSONValueReaderPool() *ExtJSONValueReaderPool { - return &ExtJSONValueReaderPool{ - pool: sync.Pool{ - New: func() interface{} { - return new(extJSONValueReader) - }, - }, - } -} - -// Get retrieves a ValueReader from the pool and uses src as the underlying ExtJSON. -func (bvrp *ExtJSONValueReaderPool) Get(r io.Reader, canonical bool) (ValueReader, error) { - vr := bvrp.pool.Get().(*extJSONValueReader) - return vr.reset(r, canonical) -} - -// Put inserts a ValueReader into the pool. If the ValueReader is not a ExtJSON ValueReader nothing -// is inserted into the pool and ok will be false. -func (bvrp *ExtJSONValueReaderPool) Put(vr ValueReader) (ok bool) { - bvr, ok := vr.(*extJSONValueReader) - if !ok { - return false - } - - bvr, _ = bvr.reset(nil, false) - bvrp.pool.Put(bvr) - return true -} - -type ejvrState struct { - mode mode - vType bsontype.Type - depth int -} - -// extJSONValueReader is for reading extended JSON. -type extJSONValueReader struct { - p *extJSONParser - - stack []ejvrState - frame int -} - -// NewExtJSONValueReader creates a new ValueReader from a given io.Reader -// It will interpret the JSON of r as canonical or relaxed according to the -// given canonical flag -func NewExtJSONValueReader(r io.Reader, canonical bool) (ValueReader, error) { - return newExtJSONValueReader(r, canonical) -} - -func newExtJSONValueReader(r io.Reader, canonical bool) (*extJSONValueReader, error) { - ejvr := new(extJSONValueReader) - return ejvr.reset(r, canonical) -} - -func (ejvr *extJSONValueReader) reset(r io.Reader, canonical bool) (*extJSONValueReader, error) { - p := newExtJSONParser(r, canonical) - typ, err := p.peekType() - - if err != nil { - return nil, ErrInvalidJSON - } - - var m mode - switch typ { - case bsontype.EmbeddedDocument: - m = mTopLevel - case bsontype.Array: - m = mArray - default: - m = mValue - } - - stack := make([]ejvrState, 1, 5) - stack[0] = ejvrState{ - mode: m, - vType: typ, - } - return &extJSONValueReader{ - p: p, - stack: stack, - }, nil -} - -func (ejvr *extJSONValueReader) advanceFrame() { - if ejvr.frame+1 >= len(ejvr.stack) { // We need to grow the stack - length := len(ejvr.stack) - if length+1 >= cap(ejvr.stack) { - // double it - buf := make([]ejvrState, 2*cap(ejvr.stack)+1) - copy(buf, ejvr.stack) - ejvr.stack = buf - } - ejvr.stack = ejvr.stack[:length+1] - } - ejvr.frame++ - - // Clean the stack - ejvr.stack[ejvr.frame].mode = 0 - ejvr.stack[ejvr.frame].vType = 0 - ejvr.stack[ejvr.frame].depth = 0 -} - -func (ejvr *extJSONValueReader) pushDocument() { - ejvr.advanceFrame() - - ejvr.stack[ejvr.frame].mode = mDocument - ejvr.stack[ejvr.frame].depth = ejvr.p.depth -} - -func (ejvr *extJSONValueReader) pushCodeWithScope() { - ejvr.advanceFrame() - - ejvr.stack[ejvr.frame].mode = mCodeWithScope -} - -func (ejvr *extJSONValueReader) pushArray() { - ejvr.advanceFrame() - - ejvr.stack[ejvr.frame].mode = mArray -} - -func (ejvr *extJSONValueReader) push(m mode, t bsontype.Type) { - ejvr.advanceFrame() - - ejvr.stack[ejvr.frame].mode = m - ejvr.stack[ejvr.frame].vType = t -} - -func (ejvr *extJSONValueReader) pop() { - switch ejvr.stack[ejvr.frame].mode { - case mElement, mValue: - ejvr.frame-- - case mDocument, mArray, mCodeWithScope: - ejvr.frame -= 2 // we pop twice to jump over the vrElement: vrDocument -> vrElement -> vrDocument/TopLevel/etc... - } -} - -func (ejvr *extJSONValueReader) skipDocument() error { - // read entire document until ErrEOD (using readKey and readValue) - _, typ, err := ejvr.p.readKey() - for err == nil { - _, err = ejvr.p.readValue(typ) - if err != nil { - break - } - - _, typ, err = ejvr.p.readKey() - } - - return err -} - -func (ejvr *extJSONValueReader) skipArray() error { - // read entire array until ErrEOA (using peekType) - _, err := ejvr.p.peekType() - for err == nil { - _, err = ejvr.p.peekType() - } - - return err -} - -func (ejvr *extJSONValueReader) invalidTransitionErr(destination mode, name string, modes []mode) error { - te := TransitionError{ - name: name, - current: ejvr.stack[ejvr.frame].mode, - destination: destination, - modes: modes, - action: "read", - } - if ejvr.frame != 0 { - te.parent = ejvr.stack[ejvr.frame-1].mode - } - return te -} - -func (ejvr *extJSONValueReader) typeError(t bsontype.Type) error { - return fmt.Errorf("positioned on %s, but attempted to read %s", ejvr.stack[ejvr.frame].vType, t) -} - -func (ejvr *extJSONValueReader) ensureElementValue(t bsontype.Type, destination mode, callerName string, addModes ...mode) error { - switch ejvr.stack[ejvr.frame].mode { - case mElement, mValue: - if ejvr.stack[ejvr.frame].vType != t { - return ejvr.typeError(t) - } - default: - modes := []mode{mElement, mValue} - if addModes != nil { - modes = append(modes, addModes...) - } - return ejvr.invalidTransitionErr(destination, callerName, modes) - } - - return nil -} - -func (ejvr *extJSONValueReader) Type() bsontype.Type { - return ejvr.stack[ejvr.frame].vType -} - -func (ejvr *extJSONValueReader) Skip() error { - switch ejvr.stack[ejvr.frame].mode { - case mElement, mValue: - default: - return ejvr.invalidTransitionErr(0, "Skip", []mode{mElement, mValue}) - } - - defer ejvr.pop() - - t := ejvr.stack[ejvr.frame].vType - switch t { - case bsontype.Array: - // read entire array until ErrEOA - err := ejvr.skipArray() - if err != ErrEOA { - return err - } - case bsontype.EmbeddedDocument: - // read entire doc until ErrEOD - err := ejvr.skipDocument() - if err != ErrEOD { - return err - } - case bsontype.CodeWithScope: - // read the code portion and set up parser in document mode - _, err := ejvr.p.readValue(t) - if err != nil { - return err - } - - // read until ErrEOD - err = ejvr.skipDocument() - if err != ErrEOD { - return err - } - default: - _, err := ejvr.p.readValue(t) - if err != nil { - return err - } - } - - return nil -} - -func (ejvr *extJSONValueReader) ReadArray() (ArrayReader, error) { - switch ejvr.stack[ejvr.frame].mode { - case mTopLevel: // allow reading array from top level - case mArray: - return ejvr, nil - default: - if err := ejvr.ensureElementValue(bsontype.Array, mArray, "ReadArray", mTopLevel, mArray); err != nil { - return nil, err - } - } - - ejvr.pushArray() - - return ejvr, nil -} - -func (ejvr *extJSONValueReader) ReadBinary() (b []byte, btype byte, err error) { - if err := ejvr.ensureElementValue(bsontype.Binary, 0, "ReadBinary"); err != nil { - return nil, 0, err - } - - v, err := ejvr.p.readValue(bsontype.Binary) - if err != nil { - return nil, 0, err - } - - b, btype, err = v.parseBinary() - - ejvr.pop() - return b, btype, err -} - -func (ejvr *extJSONValueReader) ReadBoolean() (bool, error) { - if err := ejvr.ensureElementValue(bsontype.Boolean, 0, "ReadBoolean"); err != nil { - return false, err - } - - v, err := ejvr.p.readValue(bsontype.Boolean) - if err != nil { - return false, err - } - - if v.t != bsontype.Boolean { - return false, fmt.Errorf("expected type bool, but got type %s", v.t) - } - - ejvr.pop() - return v.v.(bool), nil -} - -func (ejvr *extJSONValueReader) ReadDocument() (DocumentReader, error) { - switch ejvr.stack[ejvr.frame].mode { - case mTopLevel: - return ejvr, nil - case mElement, mValue: - if ejvr.stack[ejvr.frame].vType != bsontype.EmbeddedDocument { - return nil, ejvr.typeError(bsontype.EmbeddedDocument) - } - - ejvr.pushDocument() - return ejvr, nil - default: - return nil, ejvr.invalidTransitionErr(mDocument, "ReadDocument", []mode{mTopLevel, mElement, mValue}) - } -} - -func (ejvr *extJSONValueReader) ReadCodeWithScope() (code string, dr DocumentReader, err error) { - if err = ejvr.ensureElementValue(bsontype.CodeWithScope, 0, "ReadCodeWithScope"); err != nil { - return "", nil, err - } - - v, err := ejvr.p.readValue(bsontype.CodeWithScope) - if err != nil { - return "", nil, err - } - - code, err = v.parseJavascript() - - ejvr.pushCodeWithScope() - return code, ejvr, err -} - -func (ejvr *extJSONValueReader) ReadDBPointer() (ns string, oid primitive.ObjectID, err error) { - if err = ejvr.ensureElementValue(bsontype.DBPointer, 0, "ReadDBPointer"); err != nil { - return "", primitive.NilObjectID, err - } - - v, err := ejvr.p.readValue(bsontype.DBPointer) - if err != nil { - return "", primitive.NilObjectID, err - } - - ns, oid, err = v.parseDBPointer() - - ejvr.pop() - return ns, oid, err -} - -func (ejvr *extJSONValueReader) ReadDateTime() (int64, error) { - if err := ejvr.ensureElementValue(bsontype.DateTime, 0, "ReadDateTime"); err != nil { - return 0, err - } - - v, err := ejvr.p.readValue(bsontype.DateTime) - if err != nil { - return 0, err - } - - d, err := v.parseDateTime() - - ejvr.pop() - return d, err -} - -func (ejvr *extJSONValueReader) ReadDecimal128() (primitive.Decimal128, error) { - if err := ejvr.ensureElementValue(bsontype.Decimal128, 0, "ReadDecimal128"); err != nil { - return primitive.Decimal128{}, err - } - - v, err := ejvr.p.readValue(bsontype.Decimal128) - if err != nil { - return primitive.Decimal128{}, err - } - - d, err := v.parseDecimal128() - - ejvr.pop() - return d, err -} - -func (ejvr *extJSONValueReader) ReadDouble() (float64, error) { - if err := ejvr.ensureElementValue(bsontype.Double, 0, "ReadDouble"); err != nil { - return 0, err - } - - v, err := ejvr.p.readValue(bsontype.Double) - if err != nil { - return 0, err - } - - d, err := v.parseDouble() - - ejvr.pop() - return d, err -} - -func (ejvr *extJSONValueReader) ReadInt32() (int32, error) { - if err := ejvr.ensureElementValue(bsontype.Int32, 0, "ReadInt32"); err != nil { - return 0, err - } - - v, err := ejvr.p.readValue(bsontype.Int32) - if err != nil { - return 0, err - } - - i, err := v.parseInt32() - - ejvr.pop() - return i, err -} - -func (ejvr *extJSONValueReader) ReadInt64() (int64, error) { - if err := ejvr.ensureElementValue(bsontype.Int64, 0, "ReadInt64"); err != nil { - return 0, err - } - - v, err := ejvr.p.readValue(bsontype.Int64) - if err != nil { - return 0, err - } - - i, err := v.parseInt64() - - ejvr.pop() - return i, err -} - -func (ejvr *extJSONValueReader) ReadJavascript() (code string, err error) { - if err = ejvr.ensureElementValue(bsontype.JavaScript, 0, "ReadJavascript"); err != nil { - return "", err - } - - v, err := ejvr.p.readValue(bsontype.JavaScript) - if err != nil { - return "", err - } - - code, err = v.parseJavascript() - - ejvr.pop() - return code, err -} - -func (ejvr *extJSONValueReader) ReadMaxKey() error { - if err := ejvr.ensureElementValue(bsontype.MaxKey, 0, "ReadMaxKey"); err != nil { - return err - } - - v, err := ejvr.p.readValue(bsontype.MaxKey) - if err != nil { - return err - } - - err = v.parseMinMaxKey("max") - - ejvr.pop() - return err -} - -func (ejvr *extJSONValueReader) ReadMinKey() error { - if err := ejvr.ensureElementValue(bsontype.MinKey, 0, "ReadMinKey"); err != nil { - return err - } - - v, err := ejvr.p.readValue(bsontype.MinKey) - if err != nil { - return err - } - - err = v.parseMinMaxKey("min") - - ejvr.pop() - return err -} - -func (ejvr *extJSONValueReader) ReadNull() error { - if err := ejvr.ensureElementValue(bsontype.Null, 0, "ReadNull"); err != nil { - return err - } - - v, err := ejvr.p.readValue(bsontype.Null) - if err != nil { - return err - } - - if v.t != bsontype.Null { - return fmt.Errorf("expected type null but got type %s", v.t) - } - - ejvr.pop() - return nil -} - -func (ejvr *extJSONValueReader) ReadObjectID() (primitive.ObjectID, error) { - if err := ejvr.ensureElementValue(bsontype.ObjectID, 0, "ReadObjectID"); err != nil { - return primitive.ObjectID{}, err - } - - v, err := ejvr.p.readValue(bsontype.ObjectID) - if err != nil { - return primitive.ObjectID{}, err - } - - oid, err := v.parseObjectID() - - ejvr.pop() - return oid, err -} - -func (ejvr *extJSONValueReader) ReadRegex() (pattern string, options string, err error) { - if err = ejvr.ensureElementValue(bsontype.Regex, 0, "ReadRegex"); err != nil { - return "", "", err - } - - v, err := ejvr.p.readValue(bsontype.Regex) - if err != nil { - return "", "", err - } - - pattern, options, err = v.parseRegex() - - ejvr.pop() - return pattern, options, err -} - -func (ejvr *extJSONValueReader) ReadString() (string, error) { - if err := ejvr.ensureElementValue(bsontype.String, 0, "ReadString"); err != nil { - return "", err - } - - v, err := ejvr.p.readValue(bsontype.String) - if err != nil { - return "", err - } - - if v.t != bsontype.String { - return "", fmt.Errorf("expected type string but got type %s", v.t) - } - - ejvr.pop() - return v.v.(string), nil -} - -func (ejvr *extJSONValueReader) ReadSymbol() (symbol string, err error) { - if err = ejvr.ensureElementValue(bsontype.Symbol, 0, "ReadSymbol"); err != nil { - return "", err - } - - v, err := ejvr.p.readValue(bsontype.Symbol) - if err != nil { - return "", err - } - - symbol, err = v.parseSymbol() - - ejvr.pop() - return symbol, err -} - -func (ejvr *extJSONValueReader) ReadTimestamp() (t uint32, i uint32, err error) { - if err = ejvr.ensureElementValue(bsontype.Timestamp, 0, "ReadTimestamp"); err != nil { - return 0, 0, err - } - - v, err := ejvr.p.readValue(bsontype.Timestamp) - if err != nil { - return 0, 0, err - } - - t, i, err = v.parseTimestamp() - - ejvr.pop() - return t, i, err -} - -func (ejvr *extJSONValueReader) ReadUndefined() error { - if err := ejvr.ensureElementValue(bsontype.Undefined, 0, "ReadUndefined"); err != nil { - return err - } - - v, err := ejvr.p.readValue(bsontype.Undefined) - if err != nil { - return err - } - - err = v.parseUndefined() - - ejvr.pop() - return err -} - -func (ejvr *extJSONValueReader) ReadElement() (string, ValueReader, error) { - switch ejvr.stack[ejvr.frame].mode { - case mTopLevel, mDocument, mCodeWithScope: - default: - return "", nil, ejvr.invalidTransitionErr(mElement, "ReadElement", []mode{mTopLevel, mDocument, mCodeWithScope}) - } - - name, t, err := ejvr.p.readKey() - - if err != nil { - if err == ErrEOD { - if ejvr.stack[ejvr.frame].mode == mCodeWithScope { - _, err := ejvr.p.peekType() - if err != nil { - return "", nil, err - } - } - - ejvr.pop() - } - - return "", nil, err - } - - ejvr.push(mElement, t) - return name, ejvr, nil -} - -func (ejvr *extJSONValueReader) ReadValue() (ValueReader, error) { - switch ejvr.stack[ejvr.frame].mode { - case mArray: - default: - return nil, ejvr.invalidTransitionErr(mValue, "ReadValue", []mode{mArray}) - } - - t, err := ejvr.p.peekType() - if err != nil { - if err == ErrEOA { - ejvr.pop() - } - - return nil, err - } - - ejvr.push(mValue, t) - return ejvr, nil -} diff --git a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_tables.go b/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_tables.go deleted file mode 100644 index ba39c9601fb9..000000000000 --- a/vendor/go.mongodb.org/mongo-driver/bson/bsonrw/extjson_tables.go +++ /dev/null @@ -1,223 +0,0 @@ -// Copyright (C) MongoDB, Inc. 2017-present. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// -// Based on github.com/golang/go by The Go Authors -// See THIRD-PARTY-NOTICES for original license terms. - -package bsonrw - -import "unicode/utf8" - -// safeSet holds the value true if the ASCII character with the given array -// position can be represented inside a JSON string without any further -// escaping. -// -// All values are true except for the ASCII control characters (0-31), the -// double quote ("), and the backslash character ("\"). -var safeSet = [utf8.RuneSelf]bool{ - ' ': true, - '!': true, - '"': false, - '#': true, - '$': true, - '%': true, - '&': true, - '\'': true, - '(': true, - ')': true, - '*': true, - '+': true, - ',': true, - '-': true, - '.': true, - '/': true, - '0': true, - '1': true, - '2': true, - '3': true, - '4': true, - '5': true, - '6': true, - '7': true, - '8': true, - '9': true, - ':': true, - ';': true, - '<': true, - '=': true, - '>': true, - '?': true, - '@': true, - 'A': true, - 'B': true, - 'C': true, - 'D': true, - 'E': true, - 'F': true, - 'G': true, - 'H': true, - 'I': true, - 'J': true, - 'K': true, - 'L': true, - 'M': true, - 'N': true, - 'O': true, - 'P': true, - 'Q': true, - 'R': true, - 'S': true, - 'T': true, - 'U': true, - 'V': true, - 'W': true, - 'X': true, - 'Y': true, - 'Z': true, - '[': true, - '\\': false, - ']': true, - '^': true, - '_': true, - '`': true, - 'a': true, - 'b': true, - 'c': true, - 'd': true, - 'e': true, - 'f': true, - 'g': true, - 'h': true, - 'i': true, - 'j': true, - 'k': true, - 'l': true, - 'm': true, - 'n': true, - 'o': true, - 'p': true, - 'q': true, - 'r': true, - 's': true, - 't': true, - 'u': true, - 'v': true, - 'w': true, - 'x': true, - 'y': true, - 'z': true, - '{': true, - '|': true, - '}': true, - '~': true, - '\u007f': true, -} - -// htmlSafeSet holds the value true if the ASCII character with the given -// array position can be safely represented inside a JSON string, embedded -// inside of HTML