From 68f374ac9a1b7962875afb5f76bf84dacf20a805 Mon Sep 17 00:00:00 2001 From: Owen Rumney Date: Thu, 13 Oct 2022 18:24:14 +0100 Subject: [PATCH] feat: add support for scanning azure ARM (#3011) Signed-off-by: Owen Rumney --- docs/docs/misconfiguration/policy/builtin.md | 1 + docs/docs/misconfiguration/scanning.md | 2 +- docs/getting-started/quickstart.md | 2 +- go.mod | 56 +- go.sum | 215 +--- integration/standalone_tar_test.go | 148 +-- pkg/fanal/artifact/local/fs_test.go | 991 +++++++++++++----- .../multiple-failures/rego/policy.rego | 32 + .../multiple-failures/src/deploy.json | 57 + .../azurearm/no-results/rego/policy.rego | 32 + .../azurearm/no-results/src/.gitkeep | 0 .../azurearm/passed/rego/policy.rego | 33 + .../misconfig/azurearm/passed/src/deploy.json | 46 + .../azurearm/single-failure/rego/policy.rego | 32 + .../azurearm/single-failure/src/deploy.json | 46 + pkg/fanal/cache/mock_artifact_cache.go | 1 + pkg/fanal/handler/misconf/misconf.go | 29 +- pkg/fanal/types/const.go | 1 + 18 files changed, 1169 insertions(+), 555 deletions(-) create mode 100644 pkg/fanal/artifact/local/testdata/misconfig/azurearm/multiple-failures/rego/policy.rego create mode 100644 pkg/fanal/artifact/local/testdata/misconfig/azurearm/multiple-failures/src/deploy.json create mode 100644 pkg/fanal/artifact/local/testdata/misconfig/azurearm/no-results/rego/policy.rego create mode 100644 pkg/fanal/artifact/local/testdata/misconfig/azurearm/no-results/src/.gitkeep create mode 100644 pkg/fanal/artifact/local/testdata/misconfig/azurearm/passed/rego/policy.rego create mode 100644 pkg/fanal/artifact/local/testdata/misconfig/azurearm/passed/src/deploy.json create mode 100644 pkg/fanal/artifact/local/testdata/misconfig/azurearm/single-failure/rego/policy.rego create mode 100644 pkg/fanal/artifact/local/testdata/misconfig/azurearm/single-failure/src/deploy.json diff --git a/docs/docs/misconfiguration/policy/builtin.md b/docs/docs/misconfiguration/policy/builtin.md index 50781ac5f5..4beaf470cc 100644 --- a/docs/docs/misconfiguration/policy/builtin.md +++ b/docs/docs/misconfiguration/policy/builtin.md @@ -11,6 +11,7 @@ Those policies are managed under [defsec repository][defsec]. | Dockerfile, Containerfile | [defsec][docker] | | Terraform | [defsec][defsec] | | CloudFormation | [defsec][defsec] | +| Azure ARM Template | [defsec][defsec] | | Helm Chart | [defsec][kubernetes] | | RBAC | [defsec][rbac] | diff --git a/docs/docs/misconfiguration/scanning.md b/docs/docs/misconfiguration/scanning.md index 478231aa6e..95768e0322 100644 --- a/docs/docs/misconfiguration/scanning.md +++ b/docs/docs/misconfiguration/scanning.md @@ -6,7 +6,7 @@ Also, you can write your own policies in [Rego][rego] to scan JSON, YAML, etc, l ## Quick start -Simply specify a directory containing IaC files such as Terraform, CloudFormation and Dockerfile. +Simply specify a directory containing IaC files such as Terraform, CloudFormation, Azure ARM templates, Helm Charts and Dockerfile. ``` bash $ trivy config [YOUR_IaC_DIRECTORY] diff --git a/docs/getting-started/quickstart.md b/docs/getting-started/quickstart.md index e4055bdaf7..7fb521a7f6 100644 --- a/docs/getting-started/quickstart.md +++ b/docs/getting-started/quickstart.md @@ -51,7 +51,7 @@ For more details, see [vulnerability][vulnerability] and [secret][secret] pages. ## Scan directory for misconfigurations -Simply specify a directory containing IaC files such as Terraform and Dockerfile. +Simply specify a directory containing IaC files such as Terraform, CloudFormation, Azure ARM templates, Helm and Dockerfile. ``` $ trivy config [YOUR_IAC_DIR] diff --git a/go.mod b/go.mod index d76f696e65..c48797195c 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/NYTimes/gziphandler v1.1.1 github.com/alicebob/miniredis/v2 v2.23.0 github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 - github.com/aquasecurity/defsec v0.78.0 + github.com/aquasecurity/defsec v0.80.1 github.com/aquasecurity/go-dep-parser v0.0.0-20221011183558-5415cc446853 github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 @@ -18,7 +18,7 @@ require ( github.com/aquasecurity/testdocker v0.0.0-20210911155206-e1e85f5a1516 github.com/aquasecurity/trivy-db v0.0.0-20220627104749-930461748b63 github.com/aquasecurity/trivy-kubernetes v0.3.1-0.20220823151349-b90b48958b91 - github.com/aws/aws-sdk-go v1.44.109 + github.com/aws/aws-sdk-go v1.44.114 github.com/aws/aws-sdk-go-v2 v1.16.16 github.com/aws/aws-sdk-go-v2/config v1.17.8 github.com/aws/aws-sdk-go-v2/service/sts v1.16.19 @@ -72,7 +72,7 @@ require ( golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f google.golang.org/protobuf v1.28.1 gopkg.in/yaml.v3 v3.0.1 - k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 + k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed ) require ( @@ -84,24 +84,24 @@ require ( github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.17 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.3.24 // indirect github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.14 // indirect - github.com/aws/aws-sdk-go-v2/service/accessanalyzer v1.15.18 // indirect + github.com/aws/aws-sdk-go-v2/service/accessanalyzer v1.16.0 // indirect github.com/aws/aws-sdk-go-v2/service/apigateway v1.15.20 // indirect github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.12.18 // indirect github.com/aws/aws-sdk-go-v2/service/athena v1.18.10 // indirect github.com/aws/aws-sdk-go-v2/service/cloudfront v1.20.5 // indirect - github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.18.1 // indirect + github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.18.2 // indirect github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.21.6 // indirect github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.15.20 // indirect github.com/aws/aws-sdk-go-v2/service/codebuild v1.19.17 // indirect github.com/aws/aws-sdk-go-v2/service/docdb v1.19.11 // indirect github.com/aws/aws-sdk-go-v2/service/dynamodb v1.17.1 // indirect - github.com/aws/aws-sdk-go-v2/service/ec2 v1.61.0 // indirect + github.com/aws/aws-sdk-go-v2/service/ec2 v1.63.1 // indirect github.com/aws/aws-sdk-go-v2/service/ecr v1.17.18 // indirect - github.com/aws/aws-sdk-go-v2/service/ecs v1.18.22 // indirect + github.com/aws/aws-sdk-go-v2/service/ecs v1.18.23 // indirect github.com/aws/aws-sdk-go-v2/service/efs v1.17.15 // indirect github.com/aws/aws-sdk-go-v2/service/eks v1.22.1 // indirect github.com/aws/aws-sdk-go-v2/service/elasticache v1.22.10 // indirect - github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.18.19 // indirect + github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.18.20 // indirect github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.16.10 // indirect github.com/aws/aws-sdk-go-v2/service/emr v1.20.11 // indirect github.com/aws/aws-sdk-go-v2/service/iam v1.18.19 // indirect @@ -162,7 +162,7 @@ require ( github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/BurntSushi/toml v1.2.0 // indirect github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible - github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd // indirect + github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/semver/v3 v3.1.1 // indirect @@ -185,7 +185,7 @@ require ( github.com/briandowns/spinner v1.12.0 // indirect github.com/cenkalti/backoff/v4 v4.1.3 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect - github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5 // indirect + github.com/chai2010/gettext-go v1.0.2 // indirect github.com/containerd/cgroups v1.0.4 // indirect github.com/containerd/continuity v0.3.0 // indirect github.com/containerd/fifo v1.0.0 // indirect @@ -206,7 +206,7 @@ require ( github.com/docker/go-units v0.4.0 // indirect github.com/ekzhu/minhash-lsh v0.0.0-20171225071031-5c06ee8586a1 // indirect github.com/emirpasic/gods v1.12.0 // indirect - github.com/evanphx/json-patch v4.12.0+incompatible // indirect + github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect github.com/fsnotify/fsnotify v1.5.4 // indirect github.com/ghodss/yaml v1.0.0 // indirect @@ -242,7 +242,7 @@ require ( github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.6.0 // indirect - github.com/hashicorp/hcl/v2 v2.13.0 // indirect + github.com/hashicorp/hcl/v2 v2.14.1 // indirect github.com/hhatto/gorst v0.0.0-20181029133204-ca9f730cac5b // indirect github.com/huandu/xstrings v1.3.2 // indirect github.com/imdario/mergo v0.3.13 // indirect @@ -307,7 +307,7 @@ require ( github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 // indirect github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 // indirect github.com/rivo/uniseg v0.2.0 // indirect - github.com/rubenv/sql-migrate v1.1.1 // indirect + github.com/rubenv/sql-migrate v1.1.2 // indirect github.com/russross/blackfriday v1.6.0 // indirect github.com/saracen/walker v0.0.0-20191201085201-324a081bae7e github.com/sergi/go-diff v1.1.0 // indirect @@ -357,17 +357,17 @@ require ( gopkg.in/yaml.v2 v2.4.0 // indirect gotest.tools v2.2.0+incompatible gotest.tools/v3 v3.2.0 // indirect - helm.sh/helm/v3 v3.9.3 // indirect - k8s.io/api v0.25.0-alpha.2 // indirect - k8s.io/apiextensions-apiserver v0.24.2 // indirect - k8s.io/apimachinery v0.25.0-alpha.2 // indirect - k8s.io/apiserver v0.24.2 // indirect - k8s.io/cli-runtime v0.24.4 // indirect - k8s.io/client-go v0.25.0-alpha.2 // indirect - k8s.io/component-base v0.24.4 // indirect - k8s.io/klog/v2 v2.70.0 // indirect - k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8 // indirect - k8s.io/kubectl v0.24.4 // indirect + helm.sh/helm/v3 v3.10.0 // indirect + k8s.io/api v0.25.0 // indirect + k8s.io/apiextensions-apiserver v0.25.0 // indirect + k8s.io/apimachinery v0.25.0 // indirect + k8s.io/apiserver v0.25.0 // indirect + k8s.io/cli-runtime v0.25.0 // indirect + k8s.io/client-go v0.25.0 // indirect + k8s.io/component-base v0.25.0 // indirect + k8s.io/klog/v2 v2.70.1 // indirect + k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect + k8s.io/kubectl v0.25.0 // indirect lukechampine.com/uint128 v1.1.1 // indirect modernc.org/cc/v3 v3.36.0 // indirect modernc.org/ccgo/v3 v3.16.6 // indirect @@ -379,10 +379,10 @@ require ( modernc.org/strutil v1.1.1 // indirect modernc.org/token v1.0.0 // indirect oras.land/oras-go v1.2.0 // indirect - sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect - sigs.k8s.io/kustomize/api v0.11.4 // indirect - sigs.k8s.io/kustomize/kyaml v0.13.6 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect + sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect + sigs.k8s.io/kustomize/api v0.12.1 // indirect + sigs.k8s.io/kustomize/kyaml v0.13.9 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.3.0 // indirect ) diff --git a/go.sum b/go.sum index 9d4f0d54f9..dea0682ad0 100644 --- a/go.sum +++ b/go.sum @@ -76,13 +76,11 @@ github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSW github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= github.com/Azure/go-autorest/autorest v0.11.28 h1:ndAExarwr5Y+GaHE6VCaY1kyS/HwwGGyuimVhWsHOEM= github.com/Azure/go-autorest/autorest v0.11.28/go.mod h1:MrkzG3Y3AH668QyF9KRk5neJnGgmhQ6krbhR8Q5eMvA= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/adal v0.9.21 h1:jjQnVFXPfekaqb8vIsv2G1lxshoW+oGv4MDlhRtnYZk= github.com/Azure/go-autorest/autorest/adal v0.9.21/go.mod h1:zua7mBUaCc5YnSLKYgGJR/w5ePdMDA6H56upLsHzA9U= @@ -110,8 +108,8 @@ github.com/CycloneDX/cyclonedx-go v0.6.0/go.mod h1:nQCiF4Tvrg5Ieu8qPhYMvzPGMu5I7 github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60= github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible h1:juIaKLLVhqzP55d8x4cSVgwyQv76Z55/fRv/UBr2KkQ= github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible/go.mod h1:BB1eHdMLYEFuFdBlRMb0N7YGVdM5s6Pt0njxgvfbGGs= -github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd h1:sjQovDkwrZp8u+gxLtPgKGjk5hCxuy2hrRejBTA9xFU= -github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E= +github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= +github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= @@ -187,7 +185,6 @@ github.com/alicebob/miniredis/v2 v2.23.0/go.mod h1:XNqvJdQJv5mSuVMc0ynneafpnL/zv github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210826220005-b48c857c3a0e/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= github.com/apparentlymart/go-cidr v1.1.0 h1:2mAhrMoF+nhXqxTzSZMUzDHkLjmIHC+Zzn4tdgBZjnU= github.com/apparentlymart/go-cidr v1.1.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= @@ -195,8 +192,8 @@ github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6 github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 h1:2a30xLN2sUZcMXl50hg+PJCIDdJgIvIbVcKqLJ/ZrtM= github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986/go.mod h1:NT+jyeCzXk6vXR5MTkdn4z64TgGfE5HMLC8qfj5unl8= -github.com/aquasecurity/defsec v0.78.0 h1:C0HjNrKtEM2LT1+adIV5rwczBobqnaJtbZx8D7AgMDQ= -github.com/aquasecurity/defsec v0.78.0/go.mod h1:wg9tVostHI0ynguaVfw+CDxrsQM/nY0sJIRmpu9FzhU= +github.com/aquasecurity/defsec v0.80.1 h1:9v12mK1JHCNyACFFY1bD5m0n8cnER7EaF9MaqpRN6K4= +github.com/aquasecurity/defsec v0.80.1/go.mod h1:xV/dVhDj3cvL6NiWTme4UnYsSlnATjlG8YR9ZQDYGWM= github.com/aquasecurity/go-dep-parser v0.0.0-20221011183558-5415cc446853 h1:Ll9CkzGrZgVXvDARqv2N0R90kAWRwmJEKmg2D4M7v/0= github.com/aquasecurity/go-dep-parser v0.0.0-20221011183558-5415cc446853/go.mod h1:n1NDYrNV4RFozrMCpS8ur2Y8pVTnh9rbOoBr3F9DF0A= github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce h1:QgBRgJvtEOBtUXilDb1MLi1p1MWoyFDXAu5DEUl5nwM= @@ -231,8 +228,8 @@ github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= -github.com/aws/aws-sdk-go v1.44.109 h1:+Na5JPeS0kiEHoBp5Umcuuf+IDqXqD0lXnM920E31YI= -github.com/aws/aws-sdk-go v1.44.109/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= +github.com/aws/aws-sdk-go v1.44.114 h1:plIkWc/RsHr3DXBj4MEw9sEW4CcL/e2ryokc+CKyq1I= +github.com/aws/aws-sdk-go v1.44.114/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/aws/aws-sdk-go-v2 v1.16.16 h1:M1fj4FE2lB4NzRb9Y0xdWsn2P0+2UHVxwKyOa4YJNjk= github.com/aws/aws-sdk-go-v2 v1.16.16/go.mod h1:SwiyXi/1zTUZ6KIAmLK5V5ll8SiURNUYOqTerZPaF9k= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.8 h1:tcFliCWne+zOuUfKNRn8JdFBuWPDuISDH08wD2ULkhk= @@ -251,8 +248,8 @@ github.com/aws/aws-sdk-go-v2/internal/ini v1.3.24 h1:wj5Rwc05hvUSvKuOF29IYb9QrCL github.com/aws/aws-sdk-go-v2/internal/ini v1.3.24/go.mod h1:jULHjqqjDlbyTa7pfM7WICATnOv+iOhjletM3N0Xbu8= github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.14 h1:ZSIPAkAsCCjYrhqfw2+lNzWDzxzHXEckFkTePL5RSWQ= github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.14/go.mod h1:AyGgqiKv9ECM6IZeNQtdT8NnMvUb3/2wokeq2Fgryto= -github.com/aws/aws-sdk-go-v2/service/accessanalyzer v1.15.18 h1:qvWwAHiy7+/QxZbsV7Ko+B4NU6P6TOcb04ptw1zgBGw= -github.com/aws/aws-sdk-go-v2/service/accessanalyzer v1.15.18/go.mod h1:l5+hat25VFsG9jpsXrtEYqw6Ih3pLaC5I4+8hrng7F4= +github.com/aws/aws-sdk-go-v2/service/accessanalyzer v1.16.0 h1:rPv8ZiaTIwLp4JOCQAQcgPx7i2a7FTRY7lnyrNS0HbU= +github.com/aws/aws-sdk-go-v2/service/accessanalyzer v1.16.0/go.mod h1:l5+hat25VFsG9jpsXrtEYqw6Ih3pLaC5I4+8hrng7F4= github.com/aws/aws-sdk-go-v2/service/apigateway v1.15.20 h1:Q6IzscGZ449enDjHFh7aRnmAP4sBTVycBcmVovWp2vU= github.com/aws/aws-sdk-go-v2/service/apigateway v1.15.20/go.mod h1:slYv4+WTWbvNEWX1rvyi7Z2pvWEhA/wb54ImWf5VmjM= github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.12.18 h1:b+6dNRDFDdvW8wZcgHAW0LrLVoJQw5ACUMHU0WjV/1g= @@ -261,8 +258,8 @@ github.com/aws/aws-sdk-go-v2/service/athena v1.18.10 h1:s8cE1HX3Pi53iMg+A+d7gGvm github.com/aws/aws-sdk-go-v2/service/athena v1.18.10/go.mod h1:LiVr7tVQ2lrlv82VQhyuulN8uysLHsEeptFjA5PY1Pc= github.com/aws/aws-sdk-go-v2/service/cloudfront v1.20.5 h1:nLAPA7/DSmDWYP/MGtRNP6bHjiL8Fmyg8qeDxW90nm0= github.com/aws/aws-sdk-go-v2/service/cloudfront v1.20.5/go.mod h1:HYQXu2AKM7RLCn3APoQ5EvL2N/RlI4LSNN8pIGbdaDQ= -github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.18.1 h1:Q8EfidXIfYA13XLkY9yRX9gPI0lnS/+S7K43bZdoQOg= -github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.18.1/go.mod h1:ie2MjsIIl3B504HezWdwXAgvBJGBpz360cckbkhiyRk= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.18.2 h1:41Vb4xqg9XZ9TES2e6PB+PuctUSVJLS84l1/jYIykU4= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.18.2/go.mod h1:ie2MjsIIl3B504HezWdwXAgvBJGBpz360cckbkhiyRk= github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.21.6 h1:Mwb2A5ygEijjkxgM3hVEiWSHwdH82nkyU2wgP4u/Hxk= github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.21.6/go.mod h1:CCrqOzLQ6d1+zauyTah8o50m9dQu0NS/kaC0heWCu0c= github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.15.20 h1:yPyXdrZaB4SW+pn2CmqyAbhuqGM4Pv4fsMhLOt8cOj8= @@ -273,20 +270,20 @@ github.com/aws/aws-sdk-go-v2/service/docdb v1.19.11 h1:+jNOF3BdrSwCHWHU+lXYR78DC github.com/aws/aws-sdk-go-v2/service/docdb v1.19.11/go.mod h1:p2/C5LVvGstUjTb0z0qQNDf356iVEDrAMOvFJAkJQbA= github.com/aws/aws-sdk-go-v2/service/dynamodb v1.17.1 h1:1QpTkQIAaZpR387it1L+erjB5bStGFCJRvmXsodpPEU= github.com/aws/aws-sdk-go-v2/service/dynamodb v1.17.1/go.mod h1:BZhn/C3z13ULTSstVi2Kymc62bgjFh/JwLO9Tm2OFYI= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.61.0 h1:6F++4lCnZHrpEW4kb0Rs56psH9cr/2xpOlMcKy6aSDo= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.61.0/go.mod h1:0+6fPoY0SglgzQUs2yml7X/fup12cMlVumJufh5npRQ= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.63.1 h1:jSS5gynKz4XaGcs6m25idCTN+tvPkRJ2WedSWCcZEjI= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.63.1/go.mod h1:0+6fPoY0SglgzQUs2yml7X/fup12cMlVumJufh5npRQ= github.com/aws/aws-sdk-go-v2/service/ecr v1.17.18 h1:uiF/RI+Up8H2xdgT2GWa20YzxiKEalHieqNjm6HC3Xk= github.com/aws/aws-sdk-go-v2/service/ecr v1.17.18/go.mod h1:DQtDYmexqR+z+B6HBCvY7zK/tuXKv6Zy/IwOXOK3eow= -github.com/aws/aws-sdk-go-v2/service/ecs v1.18.22 h1:jBx029Z9GQIIq5fC5bW1ZMDsjihvmQQIe/QqdFl+7zY= -github.com/aws/aws-sdk-go-v2/service/ecs v1.18.22/go.mod h1:6bV2xEub6Vch19ZZASMbrNMNIpBPTwy64r9WIQ+wsSE= +github.com/aws/aws-sdk-go-v2/service/ecs v1.18.23 h1:gdqm7KhgE1COL5CM2eUYD6XFtqOJC1bhOa5vwLGPP0g= +github.com/aws/aws-sdk-go-v2/service/ecs v1.18.23/go.mod h1:6bV2xEub6Vch19ZZASMbrNMNIpBPTwy64r9WIQ+wsSE= github.com/aws/aws-sdk-go-v2/service/efs v1.17.15 h1:HgRxrC7KIUJW6gFf4AEjFPvrgh73aADaa1XZpiFsfgA= github.com/aws/aws-sdk-go-v2/service/efs v1.17.15/go.mod h1:xwXDmrVGNncQhSXhMbm7pE14Vcyc3QbzblKsvNms0/E= github.com/aws/aws-sdk-go-v2/service/eks v1.22.1 h1:f07Bk+xMm0Q8PCzvrBg8Bd6m67CTvZSxQWB0H7ZEJOU= github.com/aws/aws-sdk-go-v2/service/eks v1.22.1/go.mod h1:YoafRRQM4SnTFwb49e4LCAel6n99q2DMxkeAfbgvq8s= github.com/aws/aws-sdk-go-v2/service/elasticache v1.22.10 h1:QFLruWwQeR6LWtNwVORmbk7dfCoimNtgpUbFNNGXt6w= github.com/aws/aws-sdk-go-v2/service/elasticache v1.22.10/go.mod h1:DUZW0DuaDQHJVgiRl2AFiveurN9HPd+dkcSUtjWc3a4= -github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.18.19 h1:vPyIPoJUCiyUOv2TeRGWdLqf14qUp8tuTQ6bJo6ykbY= -github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.18.19/go.mod h1:tAKN3/tWkL0P+WA44wSkNyk6wWcbHUfTV2F3j3o6Yhs= +github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.18.20 h1:dJngzOIJ6J8lVzsEiPQwB5nTL5UjwuYjiHflORBnobE= +github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.18.20/go.mod h1:tAKN3/tWkL0P+WA44wSkNyk6wWcbHUfTV2F3j3o6Yhs= github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.16.10 h1:R8edMXNKBaic58L371826hNQanJSjirStcIAkXNe/bQ= github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.16.10/go.mod h1:VPuMdyWzqCRgv5qTww9yeauwGsOxVbtP2OyqXVyZB8g= github.com/aws/aws-sdk-go-v2/service/emr v1.20.11 h1:YpP+XtFfsJQoehZgCsbeaROtKFbAY1bWKId/KJu4JmU= @@ -337,9 +334,7 @@ github.com/aws/aws-sdk-go-v2/service/workspaces v1.23.0 h1:lrgZ9pZm9utPOPAXmQhqt github.com/aws/aws-sdk-go-v2/service/workspaces v1.23.0/go.mod h1:vPam8+zGthTXeaFWgl3Uqbzo/0QEoXF22jpuMZ97hSk= github.com/aws/smithy-go v1.13.3 h1:l7LYxGuzK6/K+NzJ2mC+VvLUbae0sL3bXU//04MkmnA= github.com/aws/smithy-go v1.13.3/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= -github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= @@ -350,11 +345,9 @@ github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA= -github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/bmatcuk/doublestar v1.3.4 h1:gPypJ5xD31uhX6Tf54sDPUOBXTqKH4c9aPY66CyQrS0= github.com/bmatcuk/doublestar v1.3.4/go.mod h1:wiQtGV+rzVYxB7WIlirSN++5HPtPlXEo9MEoZQC/PmE= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= @@ -381,15 +374,13 @@ github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInq github.com/cenkalti/backoff/v4 v4.1.3 h1:cFAlzYUlVYDysBEH2T5hyJZMh3+5+WCBvSnK6Q8UtC4= github.com/cenkalti/backoff/v4 v4.1.3/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5 h1:7aWHqerlJ41y6FOsEUvknqgXnGmJyJSbjhAWq5pO4F8= -github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1qXHoty45bqomnu2LM+VVyAEdWN+vtSHGlQgyxbw= +github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= +github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= @@ -416,9 +407,6 @@ github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= -github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= -github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= -github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUoc7Ik9EfrFqcylYqgPZ9ANSbTAntnE= github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= @@ -523,7 +511,6 @@ github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgU github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= @@ -539,7 +526,6 @@ github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfc github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= @@ -556,7 +542,6 @@ github.com/danieljoos/wincred v1.1.0/go.mod h1:XYlo+eRTsVA9aHGp7NGjFkPla4m+DCL7h github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/daviddengcn/go-colortext v0.0.0-20160507010035-511bcaf42ccd/go.mod h1:dv4zxwHi5C/8AeI+4gX4dCWOIvNi7I6JCSX0HvlKPgE= github.com/denisenkom/go-mssqldb v0.9.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= github.com/dgraph-io/badger/v3 v3.2103.2 h1:dpyM5eCJAtQCBcMCZcT4UBZchuTJgCywerHHgmxfxM8= @@ -633,23 +618,19 @@ github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go. github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= +github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= -github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM= github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/felixge/httpsnoop v1.0.2 h1:+nS9g82KMXccJ/wp0zyRW9ZBHFETmMGtkk+2CTTrW4o= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/foxcpp/go-mockdns v0.0.0-20210729171921-fb145fc6f897 h1:E52jfcE64UG42SwLmrW0QByONfGynWuzBvm86BoB9z8= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= @@ -659,10 +640,7 @@ github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4 github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= -github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= -github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= -github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -703,7 +681,6 @@ github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTg github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/zapr v1.2.0/go.mod h1:Qa4Bsj2Vb+FAVeAKsLD8RLQ+YRJB8YDmOAKxaBQf7Ro= github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= github.com/go-openapi/analysis v0.21.4 h1:ZDFLvSNxpDaomuCueM0BlSXxpANBlFYiBvr+GXrvIHc= github.com/go-openapi/analysis v0.21.4/go.mod h1:4zQ35W4neeZTqh3ol0rv/O8JBbka9QyAgQRPp9y3pfo= @@ -720,7 +697,6 @@ github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34 github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns= github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA= github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= @@ -743,7 +719,6 @@ github.com/go-openapi/strfmt v0.21.3/go.mod h1:k+RzNO0Da+k3FrrynSNN8F7n/peCmQQqb github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= @@ -830,7 +805,6 @@ github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2V github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ= -github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -870,14 +844,11 @@ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= -github.com/golangplus/testing v0.0.0-20180327235837-af21d9c3145e/go.mod h1:0AA//k/eakGydO4jKRoRL2j92ZKSzTgj9tclaCrvXHk= github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/cel-go v0.10.1/go.mod h1:U7ayypeSkw23szu4GaQTPJGx66c20mx8JklMSxrmI1w= -github.com/google/cel-spec v0.6.0/go.mod h1:Nwjgxy5CbjlPrtCWjeDjUyKMl8w41YBYGjsyDdqk0xA= github.com/google/flatbuffers v1.12.1 h1:MVlul7pQNoDzWRLTw5imwYsl+usrS1TXG2H4jg6ImGw= github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54= github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= @@ -952,7 +923,6 @@ github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99 github.com/googleapis/gax-go/v2 v2.4.0 h1:dS9eYAjhrE2RjmzYw2XAPvcXfmcQLtFEQWn0CR82awk= github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c= github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= -github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= github.com/googleapis/go-type-adapters v1.0.0 h1:9XdMn+d/G57qq1s8dNc5IesGCXHf6V2HZ2JwRxfA2tA= github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= @@ -973,7 +943,6 @@ github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWet github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= @@ -1016,8 +985,8 @@ github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/hcl/v2 v2.13.0 h1:0Apadu1w6M11dyGFxWnmhhcMjkbAiKCv7G1r/2QgCNc= -github.com/hashicorp/hcl/v2 v2.13.0/go.mod h1:e4z5nxYlWNPdDSNYX+ph14EvWYMFm3eP0zIUqPc2jr0= +github.com/hashicorp/hcl/v2 v2.14.1 h1:x0BpjfZ+CYdbiz+8yZTQ+gdLO7IXvOut7Da+XJayx34= +github.com/hashicorp/hcl/v2 v2.14.1/go.mod h1:e4z5nxYlWNPdDSNYX+ph14EvWYMFm3eP0zIUqPc2jr0= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= @@ -1150,9 +1119,7 @@ github.com/lib/pq v1.10.6/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= -github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/magiconair/properties v1.8.6 h1:5ibWZ6iY0NctNGWo87LalDlEZ6R41TqbbDamhfG/Qzo= github.com/magiconair/properties v1.8.6/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= @@ -1194,7 +1161,6 @@ github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27k github.com/mattn/go-oci8 v0.1.1/go.mod h1:wjDx6Xm9q7dFtHJvIlrI99JytznLw5wQ4R+9mNXJwGI= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= @@ -1225,7 +1191,6 @@ github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= @@ -1294,7 +1259,6 @@ github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/olekukonko/tablewriter v0.0.4/go.mod h1:zq6QwlOf5SlnkVbMSr5EoBv3636FWnp+qbPhuoO21uA= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -1306,7 +1270,6 @@ github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+ github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo/v2 v2.1.4 h1:GNapqRSid3zijZ9H77KrgVG4/8KqiyRsxcSxe+7ApXY= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= @@ -1315,7 +1278,6 @@ github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1Cpa github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= -github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= github.com/onsi/gomega v1.19.0 h1:4ieX6qQjPP/BfC3mpsAtIGGlxTWPeA3Inl/7DtXw1tw= github.com/open-policy-agent/opa v0.44.1-0.20220927105354-00e835a7cc15 h1:B+LGzLaQBMXiNFO89jTFmr8PnZE383kVqNOJsV9WFII= @@ -1354,7 +1316,6 @@ github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xA github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opencontainers/selinux v1.10.1 h1:09LIPVRP3uuZGQvgR+SgMSNBd1Eb3vlRbGqQpoHsF8w= github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= -github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/owenrumney/go-sarif v1.1.1/go.mod h1:dNDiPlF04ESR/6fHlPyq7gHKmrM0sHUvAGjsoh8ZH0U= @@ -1445,9 +1406,8 @@ github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8= github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= -github.com/rubenv/sql-migrate v1.1.1 h1:haR5Hn8hbW9/SpAICrXoZqXnywS7Q5WijwkQENPeNWY= -github.com/rubenv/sql-migrate v1.1.1/go.mod h1:/7TZymwxN8VWumcIxw1jjHEcR1djpdkMHQPT4FWdnbQ= -github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= +github.com/rubenv/sql-migrate v1.1.2 h1:9M6oj4e//owVVHYrFISmY9LBRw6gzkCNmD9MV36tZeQ= +github.com/rubenv/sql-migrate v1.1.2/go.mod h1:/7TZymwxN8VWumcIxw1jjHEcR1djpdkMHQPT4FWdnbQ= github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww= github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -1493,7 +1453,6 @@ github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1 github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= github.com/sosedoff/gitkit v0.3.0 h1:TfINVRNUM+GcFa+LGhZ3RcWN86Im1M6i8qs0IsgMy90= github.com/sosedoff/gitkit v0.3.0/go.mod h1:V3EpGZ0nvCBhXerPsbDeqtyReNb48cwP9KtkUYTKT5I= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= @@ -1512,9 +1471,7 @@ github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155 github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= -github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= -github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/cobra v1.5.0 h1:X+jTBEBqF0bHN+9cSMgmfuvv2VHJ9ezmFNf9Y/XstYU= github.com/spf13/cobra v1.5.0/go.mod h1:dWXEIy2H428czQCjInthrTRUg7yKbok+2Qi/yBIJoUM= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= @@ -1527,7 +1484,6 @@ github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= -github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= github.com/spf13/viper v1.13.0 h1:BWSJ/M+f+3nmdz9bxB+bWX28kkALN2ok11D0rSo8EJU= github.com/spf13/viper v1.13.0/go.mod h1:Icm2xNL3/8uyh/wFuB1jI7TiTNKp8632Nwegu+zgdYw= @@ -1568,7 +1524,6 @@ github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhV github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/twitchtv/twirp v8.1.2+incompatible h1:0O6TfzZW09ZP5r+ORA90XQEE3PTgA6C7MBbl2KxvVgE= github.com/twitchtv/twirp v8.1.2+incompatible/go.mod h1:RRJoFSAmTEh2weEqWtpPE3vFK5YBhA6bqp2l1kfCC5A= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= @@ -1611,7 +1566,6 @@ github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg= github.com/xlab/treeprint v1.1.0 h1:G/1DjNkPpfZCFt9CSh6b5/nY4VimlbHF3Rh4obvtzDk= github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= @@ -1624,7 +1578,6 @@ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/gopher-lua v0.0.0-20210529063254-f4c35e4016d9 h1:k/gmLsJDWwWqbLCur2yWnJzwQEKRcAHXo6seXGuSwWw= github.com/yuin/gopher-lua v0.0.0-20210529063254-f4c35e4016d9/go.mod h1:E1AXubJBdNmFERAOucpDIxNzeGfLzg0mYh+UfMWdChA= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43 h1:+lm10QQTNSBd8DVTNGHx7o/IKu9HYDvLMffDhbyLccI= @@ -1647,15 +1600,8 @@ go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU= go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= -go.etcd.io/etcd/api/v3 v3.5.1/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= -go.etcd.io/etcd/client/pkg/v3 v3.5.1/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= -go.etcd.io/etcd/client/v3 v3.5.0/go.mod h1:AIKXXVX/DQXtfTEqBryiLTUXwON+GuvO6Z7lLS/oTh0= -go.etcd.io/etcd/client/v3 v3.5.1/go.mod h1:OnjH4M8OnAotwaB2l9bVgZzRFKru7/ZMoS46OtKyd3Q= -go.etcd.io/etcd/pkg/v3 v3.5.0/go.mod h1:UzJGatBQ1lXChBkQF0AuAtkRQMYnHubxAEYIrC3MSsE= -go.etcd.io/etcd/raft/v3 v3.5.0/go.mod h1:UFOHSIvO/nKwd4lhkwabrTD3cqW5yVyYYf/KlD00Szc= -go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4= go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= go.mongodb.org/mongo-driver v1.8.3/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY= @@ -1670,17 +1616,6 @@ go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= -go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4= -go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo= -go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM= -go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU= -go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw= -go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc= -go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE= -go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE= -go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 h1:+FNtrFTmVw0YZGpBGX56XDee331t6JAXeK2bcyhLOOc= go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5/go.mod h1:nmDLcffg48OtT/PSW0Hg7FvpRQsQh5OSqIylirxKC7o= @@ -1689,7 +1624,6 @@ go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= @@ -1697,7 +1631,6 @@ go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8= go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= -go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.23.0 h1:OjGQ5KQDEUawVHxNwQgPpiypGHOxo2mNZsOqTak4fFY= go.uber.org/zap v1.23.0/go.mod h1:D+nX8jyLsMHMYrln8A0rJjFt/T/9/bGgIhAqxv5URuY= golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -1727,7 +1660,6 @@ golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0 h1:a5Yg6ylndHHYJqIPrdq0AhvR6KTvDTAvgBtaidhEevY= @@ -1773,7 +1705,6 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1811,7 +1742,6 @@ golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= @@ -1820,7 +1750,6 @@ golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= @@ -1833,7 +1762,6 @@ golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211108170745-6635138e15ea/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= @@ -1946,7 +1874,6 @@ golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1992,12 +1919,10 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -2042,8 +1967,6 @@ golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220609170525-579cf78fd858 h1:Dpdu/EMxGMFgq0CeYMh4fazTD2vtlZRYE7wyynxJb9U= golang.org/x/time v0.0.0-20220609170525-579cf78fd858/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -2076,7 +1999,6 @@ golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191011211836-4c025a95b26e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -2122,7 +2044,6 @@ golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo= -golang.org/x/tools v0.1.10-0.20220218145154-897bd77cd717/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -2216,7 +2137,6 @@ google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= @@ -2229,7 +2149,6 @@ google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201102152239-715cce707fb0/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -2263,7 +2182,6 @@ google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ6 google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= @@ -2362,7 +2280,6 @@ gopkg.in/go-playground/validator.v9 v9.31.0 h1:bmXmP2RSNtFES+bn4uYuHT7iJFJv7Vj+a gopkg.in/go-playground/validator.v9 v9.31.0/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= @@ -2401,8 +2318,8 @@ gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= gotest.tools/v3 v3.2.0 h1:I0DwBVMGAx26dttAj1BtJLAkVGncrkkUXfJLC4Flt/I= gotest.tools/v3 v3.2.0/go.mod h1:Mcr9QNxkg0uMvy/YElmo4SpXgJKWgQvYrT7Kw5RzJ1A= -helm.sh/helm/v3 v3.9.3 h1:etd4Qc45/bnIkBofZIRwrAzYuG3bNWR1EdMN4fsfzoE= -helm.sh/helm/v3 v3.9.3/go.mod h1:3eaWAIqzvlRSD06gR9MMwmp2KBKwlu9av1/1BZpjeWY= +helm.sh/helm/v3 v3.10.0 h1:y/MYONZ/bsld9kHwqgBX2uPggnUr5hahpjwt9/jrHlI= +helm.sh/helm/v3 v3.10.0/go.mod h1:paPw0hO5KVfrCMbi1M8+P8xdfBri3IiJiVKATZsFR94= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -2413,43 +2330,33 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9 k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/api v0.24.2/go.mod h1:AHqbSkTm6YrQ0ObxjO3Pmp/ubFF/KuM7jU+3khoBsOg= -k8s.io/api v0.24.4/go.mod h1:42pVfA0NRxrtJhZQOvRSyZcJihzAdU59WBtTjYcB0/M= -k8s.io/api v0.25.0-alpha.2 h1:azwXduCht76Ecuv80QzZkCDzcFcLotKPXiE9/+jx5Qk= -k8s.io/api v0.25.0-alpha.2/go.mod h1:wOntqHYj8WveLW2sh6q4tkE2vMZTtxe0MrFyVwO8JCM= -k8s.io/apiextensions-apiserver v0.24.2 h1:/4NEQHKlEz1MlaK/wHT5KMKC9UKYz6NZz6JE6ov4G6k= -k8s.io/apiextensions-apiserver v0.24.2/go.mod h1:e5t2GMFVngUEHUd0wuCJzw8YDwZoqZfJiGOW6mm2hLQ= +k8s.io/api v0.25.0 h1:H+Q4ma2U/ww0iGB78ijZx6DRByPz6/733jIuFpX70e0= +k8s.io/api v0.25.0/go.mod h1:ttceV1GyV1i1rnmvzT3BST08N6nGt+dudGrquzVQWPk= +k8s.io/apiextensions-apiserver v0.25.0 h1:CJ9zlyXAbq0FIW8CD7HHyozCMBpDSiH7EdrSTCZcZFY= +k8s.io/apiextensions-apiserver v0.25.0/go.mod h1:3pAjZiN4zw7R8aZC5gR0y3/vCkGlAjCazcg1me8iB/E= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apimachinery v0.24.2/go.mod h1:82Bi4sCzVBdpYjyI4jY6aHX+YCUchUIrZrXKedjd2UM= -k8s.io/apimachinery v0.24.4/go.mod h1:82Bi4sCzVBdpYjyI4jY6aHX+YCUchUIrZrXKedjd2UM= -k8s.io/apimachinery v0.25.0-alpha.2 h1:y6uTWaiqsPTPRewnXJ15IFyGmBo2qPt6enm4zszG8Z0= -k8s.io/apimachinery v0.25.0-alpha.2/go.mod h1:h34FtK3eCxige6ZIACdBSYExtDaKAUxoc7hVe2LOxzw= +k8s.io/apimachinery v0.25.0 h1:MlP0r6+3XbkUG2itd6vp3oxbtdQLQI94fD5gCS+gnoU= +k8s.io/apimachinery v0.25.0/go.mod h1:qMx9eAk0sZQGsXGu86fab8tZdffHbwUfsvzqKn4mfB0= k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/apiserver v0.24.2 h1:orxipm5elPJSkkFNlwH9ClqaKEDJJA3yR2cAAlCnyj4= -k8s.io/apiserver v0.24.2/go.mod h1:pSuKzr3zV+L+MWqsEo0kHHYwCo77AT5qXbFXP2jbvFI= -k8s.io/cli-runtime v0.24.4 h1:YCSf0dZp+pYXVR/8aZQ6MEBSiicv8rLyVsGBEbRnwfY= -k8s.io/cli-runtime v0.24.4/go.mod h1:RF+cSLYXkPV3WyvPrX2qeRLEUJY38INWx6jLKVLFCxM= +k8s.io/apiserver v0.25.0 h1:8kl2ifbNffD440MyvHtPaIz1mw4mGKVgWqM0nL+oyu4= +k8s.io/apiserver v0.25.0/go.mod h1:BKwsE+PTC+aZK+6OJQDPr0v6uS91/HWxX7evElAH6xo= +k8s.io/cli-runtime v0.25.0 h1:XBnTc2Fi+w818jcJGzhiJKQuXl8479sZ4FhtV5hVJ1Q= +k8s.io/cli-runtime v0.25.0/go.mod h1:bHOI5ZZInRHhbq12OdUiYZQN8ml8aKZLwQgt9QlLINw= k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/client-go v0.24.2/go.mod h1:zg4Xaoo+umDsfCWr4fCnmLEtQXyCNXCvJuSsglNcV30= -k8s.io/client-go v0.24.4/go.mod h1:+AxlPWw/H6f+EJhRSjIeALaJT4tbeB/8g9BNvXGPd0Y= -k8s.io/client-go v0.25.0-alpha.2 h1:kXlDl2L/CmdubzbRTPOCXj9JDPv9U0MuEjRXSCltQ00= -k8s.io/client-go v0.25.0-alpha.2/go.mod h1:AN5W2BkXTu2lNm2BANn5lC6VnGlv6AM5HNPQLsriBOA= +k8s.io/client-go v0.25.0 h1:CVWIaCETLMBNiTUta3d5nzRbXvY5Hy9Dpl+VvREpu5E= +k8s.io/client-go v0.25.0/go.mod h1:lxykvypVfKilxhTklov0wz1FoaUZ8X4EwbhS6rpRfN8= k8s.io/code-generator v0.19.7/go.mod h1:lwEq3YnLYb/7uVXLorOJfxg+cUu2oihFhHZ0n9NIla0= -k8s.io/code-generator v0.24.2/go.mod h1:dpVhs00hTuTdTY6jvVxvTFCk6gSMrtfRydbhZwHI15w= -k8s.io/code-generator v0.24.4/go.mod h1:dpVhs00hTuTdTY6jvVxvTFCk6gSMrtfRydbhZwHI15w= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= -k8s.io/component-base v0.24.2/go.mod h1:ucHwW76dajvQ9B7+zecZAP3BVqvrHoOxm8olHEg0nmM= -k8s.io/component-base v0.24.4 h1:WEGRp06GBYVwxp5JdiRaJ1zkdOhrqucxRv/8IrABLG0= -k8s.io/component-base v0.24.4/go.mod h1:sWxkgcMfbYHadw0OJ0N+vIscd14/nqSIM2veCdg843o= -k8s.io/component-helpers v0.24.4/go.mod h1:xAHlOKU8rAjLgXWJEsueWLR1LDMThbaPf2YvgKpSyQ8= +k8s.io/component-base v0.25.0 h1:haVKlLkPCFZhkcqB6WCvpVxftrg6+FK5x1ZuaIDaQ5Y= +k8s.io/component-base v0.25.0/go.mod h1:F2Sumv9CnbBlqrpdf7rKZTmmd2meJq0HizeyY/yAFxk= k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= @@ -2457,28 +2364,21 @@ k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.60.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/klog/v2 v2.70.0 h1:GMmmjoFOrNepPN0ZeGCzvD2Gh5IKRwdFx8W5PBxVTQU= -k8s.io/klog/v2 v2.70.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ= +k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= -k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= -k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42/go.mod h1:Z/45zLw8lUo4wdiUkI+v/ImEGAvu3WatcZl3lPMR4Rk= -k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8 h1:yEQKdMCjzAOvGeiTwG4hO/hNVNtDOuUFvMUZ0OlaIzs= -k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8/go.mod h1:mbJ+NSUoAhuR14N0S63bPkh8MGVSo3VYSGZtH/mfMe0= -k8s.io/kubectl v0.24.4 h1:fPEBkAV3/cu3BQVIUCXNngCCY62AlZ+2rkRVHcmJPn0= -k8s.io/kubectl v0.24.4/go.mod h1:AVyJzxUwA5UMGTDyKGL6nd6RRW36FbmAdtIDMhrZtW0= +k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 h1:MQ8BAZPZlWk3S9K4a9NCkIFQtZShWqoha7snGixVgEA= +k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU= +k8s.io/kubectl v0.25.0 h1:/Wn1cFqo8ik3iee1EvpxYre3bkWsGLXzLQI6uCCAkQc= +k8s.io/kubectl v0.25.0/go.mod h1:n16ULWsOl2jmQpzt2o7Dud1t4o0+Y186ICb4O+GwKAU= k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/metrics v0.24.4/go.mod h1:7D8Xm3DGZoJaiCS8+QA2EzdMuDlq0Y8SiOPUB/1BaGU= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 h1:HNSDgDCrr/6Ly3WEGKZftiE7IY19Vz2GdbOCyI4qqhc= -k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4= +k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= lukechampine.com/uint128 v1.1.1 h1:pnxCASz787iMf+02ssImqk6OLt+Z5QHMoZyUXR4z6JU= lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= modernc.org/cc/v3 v3.36.0 h1:0kmRkTmqNidmu3c7BNDSdVHCxXCkWLmWmCIVX4LUboo= @@ -2522,20 +2422,17 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.30/go.mod h1:fEO7lRTdivWO2qYVCVG7dEADOMo/MLDCVr8So2g88Uw= -sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 h1:kDi4JBNAsJWfz1aEXhO8Jg87JJaPNLh5tIzYHgStQ9Y= -sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2/go.mod h1:B+TnT182UBxE84DiCz4CVE26eOSDAeYCpfDnC2kdKMY= -sigs.k8s.io/kustomize/api v0.11.4 h1:/0Mr3kfBBNcNPOW5Qwk/3eb8zkswCwnqQxxKtmrTkRo= -sigs.k8s.io/kustomize/api v0.11.4/go.mod h1:k+8RsqYbgpkIrJ4p9jcdPqe8DprLxFUUO0yNOq8C+xI= -sigs.k8s.io/kustomize/cmd/config v0.10.6/go.mod h1:/S4A4nUANUa4bZJ/Edt7ZQTyKOY9WCER0uBS1SW2Rco= -sigs.k8s.io/kustomize/kustomize/v4 v4.5.4/go.mod h1:Zo/Xc5FKD6sHl0lilbrieeGeZHVYCA4BzxeAaLI05Bg= -sigs.k8s.io/kustomize/kyaml v0.13.6 h1:eF+wsn4J7GOAXlvajv6OknSunxpcOBQQqsnPxObtkGs= -sigs.k8s.io/kustomize/kyaml v0.13.6/go.mod h1:yHP031rn1QX1lr/Xd934Ri/xdVNG8BE2ECa78Ht/kEg= +sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= +sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/kustomize/api v0.12.1 h1:7YM7gW3kYBwtKvoY216ZzY+8hM+lV53LUayghNRJ0vM= +sigs.k8s.io/kustomize/api v0.12.1/go.mod h1:y3JUhimkZkR6sbLNwfJHxvo1TCLwuwm14sCYnkH6S1s= +sigs.k8s.io/kustomize/kyaml v0.13.9 h1:Qz53EAaFFANyNgyOEJbT/yoIHygK40/ZcvU3rgry2Tk= +sigs.k8s.io/kustomize/kyaml v0.13.9/go.mod h1:QsRbD0/KcU+wdk0/L0fIp2KLnohkVzs6fQ85/nOXac4= sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= -sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= +sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= +sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= diff --git a/integration/standalone_tar_test.go b/integration/standalone_tar_test.go index f0ba2eb7ff..53d1bb91f4 100644 --- a/integration/standalone_tar_test.go +++ b/integration/standalone_tar_test.go @@ -52,80 +52,80 @@ func TestTar(t *testing.T) { Format: "json", Input: "testdata/fixtures/images/alpine-39.tar.gz", SkipFiles: []string{ - "/etc", - "/etc/TZ", - "/etc/alpine-release", - "/etc/apk", - "/etc/apk/arch", - "/etc/apk/keys", - "/etc/apk/keys/alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub", - "/etc/apk/keys/alpine-devel@lists.alpinelinux.org-5243ef4b.rsa.pub", - "/etc/apk/keys/alpine-devel@lists.alpinelinux.org-5261cecb.rsa.pub", - "/etc/apk/protected_paths.d", - "/etc/apk/repositories", - "/etc/apk/world", - "/etc/conf.d", - "/etc/crontabs", - "/etc/crontabs/root", - "/etc/fstab", - "/etc/group", - "/etc/hostname", - "/etc/hosts", - "/etc/init.d", - "/etc/inittab", - "/etc/issue", - "/etc/logrotate.d", - "/etc/logrotate.d/acpid", - "/etc/modprobe.d", - "/etc/modprobe.d/aliases.conf", - "/etc/modprobe.d/blacklist.conf", - "/etc/modprobe.d/i386.conf", - "/etc/modprobe.d/kms.conf", - "/etc/modules", - "/etc/modules-load.d", - "/etc/motd", - "/etc/mtab", - "/etc/network", - "/etc/network/if-down.d", - "/etc/network/if-post-down.d", - "/etc/network/if-post-up.d", - "/etc/network/if-pre-down.d", - "/etc/network/if-pre-up.d", - "/etc/network/if-up.d", - "/etc/network/if-up.d/dad", - "/etc/opt", - "/etc/os-release", - "/etc/passwd", - "/etc/periodic", - "/etc/periodic/15min", - "/etc/periodic/daily", - "/etc/periodic/hourly", - "/etc/periodic/monthly", - "/etc/periodic/weekly", - "/etc/profile", - "/etc/profile.d", - "/etc/profile.d/color_prompt", - "/etc/protocols", - "/etc/securetty", - "/etc/services", - "/etc/shadow", - "/etc/shells", - "/etc/ssl", - "/etc/ssl/cert.pem", - "/etc/ssl/certs", - "/etc/ssl/ct_log_list.cnf", - "/etc/ssl/ct_log_list.cnf.dist", - "/etc/ssl/misc", - "/etc/ssl/misc/CA.pl", - "/etc/ssl/misc/tsget", - "/etc/ssl/misc/tsget.pl", - "/etc/ssl/openssl.cnf", - "/etc/ssl/openssl.cnf.dist", - "/etc/ssl/private", - "/etc/sysctl.conf", - "/etc/sysctl.d", - "/etc/sysctl.d/00-alpine.conf", - "/etc/udhcpd.conf", + "/etc", + "/etc/TZ", + "/etc/alpine-release", + "/etc/apk", + "/etc/apk/arch", + "/etc/apk/keys", + "/etc/apk/keys/alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub", + "/etc/apk/keys/alpine-devel@lists.alpinelinux.org-5243ef4b.rsa.pub", + "/etc/apk/keys/alpine-devel@lists.alpinelinux.org-5261cecb.rsa.pub", + "/etc/apk/protected_paths.d", + "/etc/apk/repositories", + "/etc/apk/world", + "/etc/conf.d", + "/etc/crontabs", + "/etc/crontabs/root", + "/etc/fstab", + "/etc/group", + "/etc/hostname", + "/etc/hosts", + "/etc/init.d", + "/etc/inittab", + "/etc/issue", + "/etc/logrotate.d", + "/etc/logrotate.d/acpid", + "/etc/modprobe.d", + "/etc/modprobe.d/aliases.conf", + "/etc/modprobe.d/blacklist.conf", + "/etc/modprobe.d/i386.conf", + "/etc/modprobe.d/kms.conf", + "/etc/modules", + "/etc/modules-load.d", + "/etc/motd", + "/etc/mtab", + "/etc/network", + "/etc/network/if-down.d", + "/etc/network/if-post-down.d", + "/etc/network/if-post-up.d", + "/etc/network/if-pre-down.d", + "/etc/network/if-pre-up.d", + "/etc/network/if-up.d", + "/etc/network/if-up.d/dad", + "/etc/opt", + "/etc/os-release", + "/etc/passwd", + "/etc/periodic", + "/etc/periodic/15min", + "/etc/periodic/daily", + "/etc/periodic/hourly", + "/etc/periodic/monthly", + "/etc/periodic/weekly", + "/etc/profile", + "/etc/profile.d", + "/etc/profile.d/color_prompt", + "/etc/protocols", + "/etc/securetty", + "/etc/services", + "/etc/shadow", + "/etc/shells", + "/etc/ssl", + "/etc/ssl/cert.pem", + "/etc/ssl/certs", + "/etc/ssl/ct_log_list.cnf", + "/etc/ssl/ct_log_list.cnf.dist", + "/etc/ssl/misc", + "/etc/ssl/misc/CA.pl", + "/etc/ssl/misc/tsget", + "/etc/ssl/misc/tsget.pl", + "/etc/ssl/openssl.cnf", + "/etc/ssl/openssl.cnf.dist", + "/etc/ssl/private", + "/etc/sysctl.conf", + "/etc/sysctl.d", + "/etc/sysctl.d/00-alpine.conf", + "/etc/udhcpd.conf", }, }, golden: "testdata/alpine-39-skip.json.golden", diff --git a/pkg/fanal/artifact/local/fs_test.go b/pkg/fanal/artifact/local/fs_test.go index 0c38b510e8..17e387ced6 100644 --- a/pkg/fanal/artifact/local/fs_test.go +++ b/pkg/fanal/artifact/local/fs_test.go @@ -298,44 +298,64 @@ func TestTerraformMisconfigurationScan(t *testing.T) { Args: cache.ArtifactCachePutBlobArgs{ BlobIDAnything: true, BlobInfo: types.BlobInfo{ - SchemaVersion: types.BlobJSONSchemaVersion, + SchemaVersion: 2, Digest: "", DiffID: "", CreatedBy: "", OpaqueDirs: []string(nil), + WhiteoutFiles: []string(nil), OS: (*types.OS)(nil), Repository: (*types.Repository)(nil), + PackageInfos: []types.PackageInfo(nil), Applications: []types.Application(nil), Misconfigurations: []types.Misconfiguration{ - { - FileType: "terraform", - FilePath: "main.tf", - Successes: nil, - Warnings: nil, - Failures: []types.MisconfResult{ - { - Namespace: "user.something", - Query: "data.user.something.deny", - Message: "No buckets allowed!", + types.Misconfiguration{ + FileType: "terraform", FilePath: ".", Successes: types.MisconfResults{ + types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0176", + Query: "data.builtin.aws.rds.aws0176.deny", Message: "", PolicyMetadata: types.PolicyMetadata{ - ID: "TEST001", - AVDID: "AVD-TEST-0001", - Type: "Terraform Security Check", - Title: "Test policy", - Description: "This is a test policy.", - Severity: "LOW", - RecommendedActions: "Have a cup of tea.", - References: []string{ - "https://trivy.dev/", - }, - }, - CauseMetadata: types.CauseMetadata{ - Resource: "aws_s3_bucket.asd", - Provider: "Generic", - Service: "general", - StartLine: 1, - EndLine: 3, - }, - Traces: nil, + ID: "N/A", AVDID: "AVD-AWS-0176", Type: "Terraform Security Check", + Title: "RDS IAM Database Authentication Disabled", + Description: "Ensure IAM Database Authentication is enabled for RDS database instances to manage database access", + Severity: "MEDIUM", + RecommendedActions: "Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.", + References: []string{"https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0177", + Query: "data.builtin.aws.rds.aws0177.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0177", Type: "Terraform Security Check", + Title: "RDS Deletion Protection Disabled", + Description: "Ensure deletion protection is enabled for RDS database instances.", + Severity: "MEDIUM", + RecommendedActions: "Modify the RDS instances to enable deletion protection.", + References: []string{"https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), }, - }, - Exceptions: nil, - Layer: types.Layer{}, + }, Warnings: types.MisconfResults(nil), Failures: types.MisconfResults(nil), + Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, + }, types.Misconfiguration{ + FileType: "terraform", FilePath: "main.tf", Successes: types.MisconfResults(nil), + Warnings: types.MisconfResults(nil), Failures: types.MisconfResults{ + types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No buckets allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", Type: "Terraform Security Check", + Title: "Test policy", Description: "This is a test policy.", + Severity: "LOW", RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "aws_s3_bucket.asd", Provider: "Generic", Service: "general", + StartLine: 1, EndLine: 3, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, }, - }, + }, Secrets: []types.Secret(nil), Licenses: []types.LicenseFile(nil), + BuildInfo: (*types.BuildInfo)(nil), CustomResources: []types.CustomResource(nil), }, }, Returns: cache.ArtifactCachePutBlobReturns{}, @@ -343,9 +363,9 @@ func TestTerraformMisconfigurationScan(t *testing.T) { want: types.ArtifactReference{ Name: "testdata/misconfig/terraform/single-failure/src", Type: types.ArtifactFilesystem, - ID: "sha256:1defea0dd3834fe20d307d25aae0c9edc0054a99403b55e4ac9a380866f5eac7", + ID: "sha256:054ca717161e9042642323fce30d558ea4188280770f3a97f08878732182e2f5", BlobIDs: []string{ - "sha256:1defea0dd3834fe20d307d25aae0c9edc0054a99403b55e4ac9a380866f5eac7", + "sha256:054ca717161e9042642323fce30d558ea4188280770f3a97f08878732182e2f5", }, }, }, @@ -373,104 +393,92 @@ func TestTerraformMisconfigurationScan(t *testing.T) { Args: cache.ArtifactCachePutBlobArgs{ BlobIDAnything: true, BlobInfo: types.BlobInfo{ - SchemaVersion: types.BlobJSONSchemaVersion, + SchemaVersion: 2, Digest: "", DiffID: "", CreatedBy: "", OpaqueDirs: []string(nil), + WhiteoutFiles: []string(nil), OS: (*types.OS)(nil), Repository: (*types.Repository)(nil), + PackageInfos: []types.PackageInfo(nil), Applications: []types.Application(nil), Misconfigurations: []types.Misconfiguration{ - { - FileType: "terraform", - FilePath: "main.tf", - Successes: nil, - Warnings: nil, - Failures: []types.MisconfResult{ - { - Namespace: "user.something", - Query: "data.user.something.deny", - Message: "No buckets allowed!", + types.Misconfiguration{ + FileType: "terraform", FilePath: ".", Successes: types.MisconfResults{ + types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0176", + Query: "data.builtin.aws.rds.aws0176.deny", Message: "", PolicyMetadata: types.PolicyMetadata{ - ID: "TEST001", - AVDID: "AVD-TEST-0001", - Type: "Terraform Security Check", - Title: "Test policy", - Description: "This is a test policy.", - Severity: "LOW", - RecommendedActions: "Have a cup of tea.", - References: []string{ - "https://trivy.dev/", - }, - }, - CauseMetadata: types.CauseMetadata{ - Resource: "aws_s3_bucket.two", - Provider: "Generic", - Service: "general", - StartLine: 5, - EndLine: 7, - }, - Traces: nil, - }, - { - Namespace: "user.something", - Query: "data.user.something.deny", - Message: "No buckets allowed!", + ID: "N/A", AVDID: "AVD-AWS-0176", Type: "Terraform Security Check", + Title: "RDS IAM Database Authentication Disabled", + Description: "Ensure IAM Database Authentication is enabled for RDS database instances to manage database access", + Severity: "MEDIUM", + RecommendedActions: "Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.", + References: []string{"https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0177", + Query: "data.builtin.aws.rds.aws0177.deny", Message: "", PolicyMetadata: types.PolicyMetadata{ - ID: "TEST001", - AVDID: "AVD-TEST-0001", - Type: "Terraform Security Check", - Title: "Test policy", - Description: "This is a test policy.", - Severity: "LOW", - RecommendedActions: "Have a cup of tea.", - References: []string{ - "https://trivy.dev/", - }, - }, - CauseMetadata: types.CauseMetadata{ - Resource: "aws_s3_bucket.one", - Provider: "Generic", - Service: "general", - StartLine: 1, - EndLine: 3, - }, - Traces: nil, + ID: "N/A", AVDID: "AVD-AWS-0177", Type: "Terraform Security Check", + Title: "RDS Deletion Protection Disabled", + Description: "Ensure deletion protection is enabled for RDS database instances.", + Severity: "MEDIUM", + RecommendedActions: "Modify the RDS instances to enable deletion protection.", + References: []string{"https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), }, - }, - Exceptions: nil, - Layer: types.Layer{}, + }, Warnings: types.MisconfResults(nil), Failures: types.MisconfResults(nil), + Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, + }, types.Misconfiguration{ + FileType: "terraform", FilePath: "main.tf", Successes: types.MisconfResults(nil), + Warnings: types.MisconfResults(nil), Failures: types.MisconfResults{ + types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No buckets allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", Type: "Terraform Security Check", + Title: "Test policy", Description: "This is a test policy.", + Severity: "LOW", RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "aws_s3_bucket.one", Provider: "Generic", Service: "general", + StartLine: 1, EndLine: 3, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No buckets allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", Type: "Terraform Security Check", + Title: "Test policy", Description: "This is a test policy.", + Severity: "LOW", RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "aws_s3_bucket.two", Provider: "Generic", Service: "general", + StartLine: 5, EndLine: 7, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, + }, types.Misconfiguration{ + FileType: "terraform", FilePath: "more.tf", Successes: types.MisconfResults(nil), + Warnings: types.MisconfResults(nil), Failures: types.MisconfResults{ + types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No buckets allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", Type: "Terraform Security Check", + Title: "Test policy", Description: "This is a test policy.", + Severity: "LOW", RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "aws_s3_bucket.three", Provider: "Generic", Service: "general", + StartLine: 2, EndLine: 4, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, }, - { - FileType: "terraform", - FilePath: "more.tf", - Successes: nil, - Warnings: nil, - Failures: []types.MisconfResult{ - { - Namespace: "user.something", - Query: "data.user.something.deny", - Message: "No buckets allowed!", - PolicyMetadata: types.PolicyMetadata{ - ID: "TEST001", - AVDID: "AVD-TEST-0001", - Type: "Terraform Security Check", - Title: "Test policy", - Description: "This is a test policy.", - Severity: "LOW", - RecommendedActions: "Have a cup of tea.", - References: []string{ - "https://trivy.dev/", - }, - }, - CauseMetadata: types.CauseMetadata{ - Resource: "aws_s3_bucket.three", - Provider: "Generic", - Service: "general", - StartLine: 2, - EndLine: 4, - }, - Traces: nil, - }, - }, - Exceptions: nil, - Layer: types.Layer{}, - }, - }, + }, Secrets: []types.Secret(nil), Licenses: []types.LicenseFile(nil), + BuildInfo: (*types.BuildInfo)(nil), CustomResources: []types.CustomResource(nil), }, }, Returns: cache.ArtifactCachePutBlobReturns{}, @@ -478,9 +486,9 @@ func TestTerraformMisconfigurationScan(t *testing.T) { want: types.ArtifactReference{ Name: "testdata/misconfig/terraform/multiple-failures/src", Type: types.ArtifactFilesystem, - ID: "sha256:2c8264334e81fbf9bb33f470f1d1c636fa3ccd1bf50f078836e4aa2d816a7d7f", + ID: "sha256:539a82c7c394c9b4d64580feec160c9422f7d1aa2c7328d43c919e737bffdd70", BlobIDs: []string{ - "sha256:2c8264334e81fbf9bb33f470f1d1c636fa3ccd1bf50f078836e4aa2d816a7d7f", + "sha256:539a82c7c394c9b4d64580feec160c9422f7d1aa2c7328d43c919e737bffdd70", }, }, }, @@ -546,40 +554,58 @@ func TestTerraformMisconfigurationScan(t *testing.T) { Args: cache.ArtifactCachePutBlobArgs{ BlobIDAnything: true, BlobInfo: types.BlobInfo{ - SchemaVersion: types.BlobJSONSchemaVersion, + SchemaVersion: 2, Digest: "", DiffID: "", CreatedBy: "", OpaqueDirs: []string(nil), + WhiteoutFiles: []string(nil), OS: (*types.OS)(nil), Repository: (*types.Repository)(nil), + PackageInfos: []types.PackageInfo(nil), Applications: []types.Application(nil), Misconfigurations: []types.Misconfiguration{ - { - FileType: "terraform", - FilePath: ".", - Successes: []types.MisconfResult{ - { - Namespace: "user.something", - Query: "data.user.something.deny", - Message: "", + types.Misconfiguration{ + FileType: "terraform", FilePath: ".", Successes: types.MisconfResults{ + types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0176", + Query: "data.builtin.aws.rds.aws0176.deny", Message: "", PolicyMetadata: types.PolicyMetadata{ - ID: "TEST001", - AVDID: "AVD-TEST-0001", - Type: "Terraform Security Check", - Title: "Test policy", - Description: "This is a test policy.", - Severity: "LOW", - RecommendedActions: "Have a cup of tea.", - References: []string{ - "https://trivy.dev/", - }, - }, - CauseMetadata: types.CauseMetadata{ - Provider: "Generic", - Service: "general", - StartLine: 0, - EndLine: 0, - }, - Traces: nil, + ID: "N/A", AVDID: "AVD-AWS-0176", Type: "Terraform Security Check", + Title: "RDS IAM Database Authentication Disabled", + Description: "Ensure IAM Database Authentication is enabled for RDS database instances to manage database access", + Severity: "MEDIUM", + RecommendedActions: "Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.", + References: []string{"https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0177", + Query: "data.builtin.aws.rds.aws0177.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0177", Type: "Terraform Security Check", + Title: "RDS Deletion Protection Disabled", + Description: "Ensure deletion protection is enabled for RDS database instances.", + Severity: "MEDIUM", + RecommendedActions: "Modify the RDS instances to enable deletion protection.", + References: []string{"https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", Type: "Terraform Security Check", + Title: "Test policy", Description: "This is a test policy.", + Severity: "LOW", RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "Generic", Service: "general", StartLine: 0, + EndLine: 0, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), }, - }, - Layer: types.Layer{}, + }, Warnings: types.MisconfResults(nil), Failures: types.MisconfResults(nil), + Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, }, - }, + }, Secrets: []types.Secret(nil), Licenses: []types.LicenseFile(nil), + BuildInfo: (*types.BuildInfo)(nil), CustomResources: []types.CustomResource(nil), }, }, Returns: cache.ArtifactCachePutBlobReturns{}, @@ -587,9 +613,9 @@ func TestTerraformMisconfigurationScan(t *testing.T) { want: types.ArtifactReference{ Name: "testdata/misconfig/terraform/passed/src", Type: types.ArtifactFilesystem, - ID: "sha256:e03b7145ba62e9fd03692132e49ce27420eed532a5de4cf896e3c6a6239c9157", + ID: "sha256:e21f36991ba1f6b15de2a109d2515faaf97452df74955f143766a6c4f4c9ad98", BlobIDs: []string{ - "sha256:e03b7145ba62e9fd03692132e49ce27420eed532a5de4cf896e3c6a6239c9157", + "sha256:e21f36991ba1f6b15de2a109d2515faaf97452df74955f143766a6c4f4c9ad98", }, }, }, @@ -647,44 +673,60 @@ func TestCloudFormationMisconfigurationScan(t *testing.T) { Args: cache.ArtifactCachePutBlobArgs{ BlobIDAnything: true, BlobInfo: types.BlobInfo{ - SchemaVersion: types.BlobJSONSchemaVersion, + SchemaVersion: 2, Digest: "", DiffID: "", CreatedBy: "", OpaqueDirs: []string(nil), + WhiteoutFiles: []string(nil), OS: (*types.OS)(nil), Repository: (*types.Repository)(nil), + PackageInfos: []types.PackageInfo(nil), Applications: []types.Application(nil), Misconfigurations: []types.Misconfiguration{ - { - FileType: "cloudformation", - FilePath: "main.yaml", - Successes: nil, - Warnings: nil, - Failures: []types.MisconfResult{ - { - Namespace: "user.something", - Query: "data.user.something.deny", - Message: "No buckets allowed!", + types.Misconfiguration{ + FileType: "cloudformation", FilePath: "main.yaml", Successes: types.MisconfResults{ + types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0176", + Query: "data.builtin.aws.rds.aws0176.deny", Message: "", PolicyMetadata: types.PolicyMetadata{ - ID: "TEST001", - AVDID: "AVD-TEST-0001", - Type: "CloudFormation Security Check", - Title: "Test policy", - Description: "This is a test policy.", - Severity: "LOW", - RecommendedActions: "Have a cup of tea.", - References: []string{ - "https://trivy.dev/", - }, - }, - CauseMetadata: types.CauseMetadata{ - Resource: "main.yaml:3-6", - Provider: "Generic", - Service: "general", - StartLine: 3, - EndLine: 6, - }, - Traces: nil, + ID: "N/A", AVDID: "AVD-AWS-0176", Type: "CloudFormation Security Check", + Title: "RDS IAM Database Authentication Disabled", + Description: "Ensure IAM Database Authentication is enabled for RDS database instances to manage database access", + Severity: "MEDIUM", + RecommendedActions: "Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.", + References: []string{"https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0177", + Query: "data.builtin.aws.rds.aws0177.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0177", Type: "CloudFormation Security Check", + Title: "RDS Deletion Protection Disabled", + Description: "Ensure deletion protection is enabled for RDS database instances.", + Severity: "MEDIUM", + RecommendedActions: "Modify the RDS instances to enable deletion protection.", + References: []string{"https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), }, - }, - Exceptions: nil, - Layer: types.Layer{}, + }, Warnings: types.MisconfResults(nil), Failures: types.MisconfResults{ + types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No buckets allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", + Type: "CloudFormation Security Check", Title: "Test policy", + Description: "This is a test policy.", Severity: "LOW", + RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "main.yaml:3-6", Provider: "Generic", Service: "general", + StartLine: 3, EndLine: 6, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, }, - }, + }, Secrets: []types.Secret(nil), Licenses: []types.LicenseFile(nil), + BuildInfo: (*types.BuildInfo)(nil), CustomResources: []types.CustomResource(nil), }, }, Returns: cache.ArtifactCachePutBlobReturns{}, @@ -692,9 +734,9 @@ func TestCloudFormationMisconfigurationScan(t *testing.T) { want: types.ArtifactReference{ Name: "testdata/misconfig/cloudformation/single-failure/src", Type: types.ArtifactFilesystem, - ID: "sha256:23b2611b7fbd0cb171930ccb6890210ded0120124bfeccbee97e04b03a63c457", + ID: "sha256:4ae00d7180bbf9dcc3d2b4e9f48d7ee39830f1e86cd6069a0dc5c9cf9d2b003f", BlobIDs: []string{ - "sha256:23b2611b7fbd0cb171930ccb6890210ded0120124bfeccbee97e04b03a63c457", + "sha256:4ae00d7180bbf9dcc3d2b4e9f48d7ee39830f1e86cd6069a0dc5c9cf9d2b003f", }, }, }, @@ -722,69 +764,72 @@ func TestCloudFormationMisconfigurationScan(t *testing.T) { Args: cache.ArtifactCachePutBlobArgs{ BlobIDAnything: true, BlobInfo: types.BlobInfo{ - SchemaVersion: types.BlobJSONSchemaVersion, + SchemaVersion: 2, Digest: "", DiffID: "", CreatedBy: "", OpaqueDirs: []string(nil), + WhiteoutFiles: []string(nil), OS: (*types.OS)(nil), Repository: (*types.Repository)(nil), + PackageInfos: []types.PackageInfo(nil), Applications: []types.Application(nil), Misconfigurations: []types.Misconfiguration{ { - FileType: "cloudformation", - FilePath: "main.yaml", - Successes: nil, - Warnings: nil, - Failures: []types.MisconfResult{ - { - Namespace: "user.something", - Query: "data.user.something.deny", - Message: "No buckets allowed!", + FileType: "cloudformation", FilePath: "main.yaml", Successes: types.MisconfResults{ + types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0176", + Query: "data.builtin.aws.rds.aws0176.deny", Message: "", PolicyMetadata: types.PolicyMetadata{ - ID: "TEST001", - AVDID: "AVD-TEST-0001", - Type: "CloudFormation Security Check", - Title: "Test policy", - Description: "This is a test policy.", - Severity: "LOW", - RecommendedActions: "Have a cup of tea.", - References: []string{ - "https://trivy.dev/", - }, - }, - CauseMetadata: types.CauseMetadata{ - Resource: "main.yaml:2-5", - Provider: "Generic", - Service: "general", - StartLine: 2, - EndLine: 5, - }, - Traces: nil, - }, - { - Namespace: "user.something", - Query: "data.user.something.deny", - Message: "No buckets allowed!", + ID: "N/A", AVDID: "AVD-AWS-0176", Type: "CloudFormation Security Check", + Title: "RDS IAM Database Authentication Disabled", + Description: "Ensure IAM Database Authentication is enabled for RDS database instances to manage database access", + Severity: "MEDIUM", + RecommendedActions: "Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.", + References: []string{"https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0177", + Query: "data.builtin.aws.rds.aws0177.deny", Message: "", PolicyMetadata: types.PolicyMetadata{ - ID: "TEST001", - AVDID: "AVD-TEST-0001", - Type: "CloudFormation Security Check", - Title: "Test policy", - Description: "This is a test policy.", - Severity: "LOW", - RecommendedActions: "Have a cup of tea.", - References: []string{ - "https://trivy.dev/", - }, - }, - CauseMetadata: types.CauseMetadata{ - Resource: "main.yaml:6-9", - Provider: "Generic", - Service: "general", - StartLine: 6, - EndLine: 9, - }, - Traces: nil, + ID: "N/A", AVDID: "AVD-AWS-0177", Type: "CloudFormation Security Check", + Title: "RDS Deletion Protection Disabled", + Description: "Ensure deletion protection is enabled for RDS database instances.", + Severity: "MEDIUM", + RecommendedActions: "Modify the RDS instances to enable deletion protection.", + References: []string{"https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), }, - }, - Exceptions: nil, - Layer: types.Layer{}, + }, Warnings: types.MisconfResults(nil), Failures: types.MisconfResults{ + types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No buckets allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", + Type: "CloudFormation Security Check", Title: "Test policy", + Description: "This is a test policy.", Severity: "LOW", + RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "main.yaml:2-5", Provider: "Generic", Service: "general", + StartLine: 2, EndLine: 5, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No buckets allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", + Type: "CloudFormation Security Check", Title: "Test policy", + Description: "This is a test policy.", Severity: "LOW", + RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "main.yaml:6-9", Provider: "Generic", Service: "general", + StartLine: 6, EndLine: 9, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, }, - }, + }, Secrets: []types.Secret(nil), Licenses: []types.LicenseFile(nil), + BuildInfo: (*types.BuildInfo)(nil), CustomResources: []types.CustomResource(nil), }, }, Returns: cache.ArtifactCachePutBlobReturns{}, @@ -792,9 +837,9 @@ func TestCloudFormationMisconfigurationScan(t *testing.T) { want: types.ArtifactReference{ Name: "testdata/misconfig/cloudformation/multiple-failures/src", Type: types.ArtifactFilesystem, - ID: "sha256:1c0e4b1be84008155bcb261ce13dcb33dd2fcb15464e436f5e386c21c88de002", + ID: "sha256:4a3a9c97808bc837c4c0ba4fef933b0b637f5d3c48cecc996b347e1a80f05ec4", BlobIDs: []string{ - "sha256:1c0e4b1be84008155bcb261ce13dcb33dd2fcb15464e436f5e386c21c88de002", + "sha256:4a3a9c97808bc837c4c0ba4fef933b0b637f5d3c48cecc996b347e1a80f05ec4", }, }, }, @@ -860,41 +905,59 @@ func TestCloudFormationMisconfigurationScan(t *testing.T) { Args: cache.ArtifactCachePutBlobArgs{ BlobIDAnything: true, BlobInfo: types.BlobInfo{ - SchemaVersion: types.BlobJSONSchemaVersion, + SchemaVersion: 2, Digest: "", DiffID: "", CreatedBy: "", OpaqueDirs: []string(nil), + WhiteoutFiles: []string(nil), OS: (*types.OS)(nil), Repository: (*types.Repository)(nil), + PackageInfos: []types.PackageInfo(nil), Applications: []types.Application(nil), Misconfigurations: []types.Misconfiguration{ - { - FileType: "cloudformation", - FilePath: "main.yaml", - Successes: []types.MisconfResult{ - { - Namespace: "user.something", - Query: "data.user.something.deny", - Message: "", + types.Misconfiguration{ + FileType: "cloudformation", FilePath: "main.yaml", Successes: types.MisconfResults{ + types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0176", + Query: "data.builtin.aws.rds.aws0176.deny", Message: "", PolicyMetadata: types.PolicyMetadata{ - ID: "TEST001", - AVDID: "AVD-TEST-0001", - Type: "CloudFormation Security Check", - Title: "Test policy", - Description: "This is a test policy.", - Severity: "LOW", + ID: "N/A", AVDID: "AVD-AWS-0176", Type: "CloudFormation Security Check", + Title: "RDS IAM Database Authentication Disabled", + Description: "Ensure IAM Database Authentication is enabled for RDS database instances to manage database access", + Severity: "MEDIUM", + RecommendedActions: "Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.", + References: []string{"https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0177", + Query: "data.builtin.aws.rds.aws0177.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0177", Type: "CloudFormation Security Check", + Title: "RDS Deletion Protection Disabled", + Description: "Ensure deletion protection is enabled for RDS database instances.", + Severity: "MEDIUM", + RecommendedActions: "Modify the RDS instances to enable deletion protection.", + References: []string{"https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", + Type: "CloudFormation Security Check", Title: "Test policy", + Description: "This is a test policy.", Severity: "LOW", RecommendedActions: "Have a cup of tea.", - References: []string{ - "https://trivy.dev/", - }, - }, - CauseMetadata: types.CauseMetadata{ - Resource: "", - Provider: "Generic", - Service: "general", - StartLine: 0, - EndLine: 0, - }, - Traces: nil, + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "Generic", Service: "general", StartLine: 0, + EndLine: 0, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), }, - }, - Layer: types.Layer{}, + }, Warnings: types.MisconfResults(nil), Failures: types.MisconfResults(nil), + Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, }, - }, + }, Secrets: []types.Secret(nil), Licenses: []types.LicenseFile(nil), + BuildInfo: (*types.BuildInfo)(nil), CustomResources: []types.CustomResource(nil), }, }, Returns: cache.ArtifactCachePutBlobReturns{}, @@ -902,9 +965,9 @@ func TestCloudFormationMisconfigurationScan(t *testing.T) { want: types.ArtifactReference{ Name: "testdata/misconfig/cloudformation/passed/src", Type: types.ArtifactFilesystem, - ID: "sha256:e0843d89e0c2d1b75aac46619f6b205e723f53a8d78535cc4da9e5e675118d65", + ID: "sha256:734733115e3bcda02dd2079cdf30280244260c28744e4a3f2eb5a98e37353573", BlobIDs: []string{ - "sha256:e0843d89e0c2d1b75aac46619f6b205e723f53a8d78535cc4da9e5e675118d65", + "sha256:734733115e3bcda02dd2079cdf30280244260c28744e4a3f2eb5a98e37353573", }, }, }, @@ -1559,3 +1622,351 @@ func TestKubernetesMisconfigurationScan(t *testing.T) { }) } } + +func TestAzureARMMisconfigurationScan(t *testing.T) { + type fields struct { + dir string + } + tests := []struct { + name string + fields fields + putBlobExpectation cache.ArtifactCachePutBlobExpectation + artifactOpt artifact.Option + want types.ArtifactReference + }{ + { + name: "single failure", + fields: fields{ + dir: "./testdata/misconfig/azurearm/single-failure/src", + }, + artifactOpt: artifact.Option{ + AnalyzerGroup: "", + DisabledAnalyzers: nil, + DisabledHandlers: nil, + SkipFiles: nil, + SkipDirs: nil, + NoProgress: false, + Offline: false, + InsecureSkipTLS: false, + MisconfScannerOption: config.ScannerOption{ + RegoOnly: true, + Namespaces: []string{"user"}, + PolicyPaths: []string{"./testdata/misconfig/azurearm/single-failure/rego"}, + }, + }, + putBlobExpectation: cache.ArtifactCachePutBlobExpectation{ + Args: cache.ArtifactCachePutBlobArgs{ + BlobIDAnything: true, + BlobInfo: types.BlobInfo{ + SchemaVersion: 2, Digest: "", DiffID: "", CreatedBy: "", OpaqueDirs: []string(nil), + WhiteoutFiles: []string(nil), OS: (*types.OS)(nil), Repository: (*types.Repository)(nil), + PackageInfos: []types.PackageInfo(nil), Applications: []types.Application(nil), + Misconfigurations: []types.Misconfiguration{ + types.Misconfiguration{ + FileType: "azure-arm", FilePath: "deploy.json", Successes: types.MisconfResults{ + types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0176", + Query: "data.builtin.aws.rds.aws0176.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0176", Type: "Azure ARM Security Check", + Title: "RDS IAM Database Authentication Disabled", + Description: "Ensure IAM Database Authentication is enabled for RDS database instances to manage database access", + Severity: "MEDIUM", + RecommendedActions: "Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.", + References: []string{"https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0177", + Query: "data.builtin.aws.rds.aws0177.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0177", Type: "Azure ARM Security Check", + Title: "RDS Deletion Protection Disabled", + Description: "Ensure deletion protection is enabled for RDS database instances.", + Severity: "MEDIUM", + RecommendedActions: "Modify the RDS instances to enable deletion protection.", + References: []string{"https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Warnings: types.MisconfResults(nil), Failures: types.MisconfResults{ + types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No account allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", Type: "Azure ARM Security Check", + Title: "Test policy", Description: "This is a test policy.", + Severity: "LOW", RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "resources[0]", Provider: "Generic", Service: "general", + StartLine: 29, EndLine: 39, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, + }, + }, Secrets: []types.Secret(nil), Licenses: []types.LicenseFile(nil), + BuildInfo: (*types.BuildInfo)(nil), CustomResources: []types.CustomResource(nil), + }, + }, + Returns: cache.ArtifactCachePutBlobReturns{}, + }, + want: types.ArtifactReference{ + Name: "testdata/misconfig/azurearm/single-failure/src", + Type: types.ArtifactFilesystem, + ID: "sha256:4a2b0992144ad47985149073e8807ea38a248da82a36342f78db16cf97254b68", + BlobIDs: []string{ + "sha256:4a2b0992144ad47985149073e8807ea38a248da82a36342f78db16cf97254b68", + }, + }, + }, + { + name: "multiple failures", + fields: fields{ + dir: "./testdata/misconfig/azurearm/multiple-failures/src", + }, + artifactOpt: artifact.Option{ + AnalyzerGroup: "", + DisabledAnalyzers: nil, + DisabledHandlers: nil, + SkipFiles: nil, + SkipDirs: nil, + NoProgress: false, + Offline: false, + InsecureSkipTLS: false, + MisconfScannerOption: config.ScannerOption{ + RegoOnly: true, + Namespaces: []string{"user"}, + PolicyPaths: []string{"./testdata/misconfig/azurearm/multiple-failures/rego"}, + }, + }, + putBlobExpectation: cache.ArtifactCachePutBlobExpectation{ + Args: cache.ArtifactCachePutBlobArgs{ + BlobIDAnything: true, + BlobInfo: types.BlobInfo{ + SchemaVersion: 2, Digest: "", DiffID: "", CreatedBy: "", OpaqueDirs: []string(nil), + WhiteoutFiles: []string(nil), OS: (*types.OS)(nil), Repository: (*types.Repository)(nil), + PackageInfos: []types.PackageInfo(nil), Applications: []types.Application(nil), + Misconfigurations: []types.Misconfiguration{ + types.Misconfiguration{ + FileType: "azure-arm", FilePath: "deploy.json", Successes: types.MisconfResults{ + types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0176", + Query: "data.builtin.aws.rds.aws0176.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0176", Type: "Azure ARM Security Check", + Title: "RDS IAM Database Authentication Disabled", + Description: "Ensure IAM Database Authentication is enabled for RDS database instances to manage database access", + Severity: "MEDIUM", + RecommendedActions: "Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.", + References: []string{"https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0177", + Query: "data.builtin.aws.rds.aws0177.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0177", Type: "Azure ARM Security Check", + Title: "RDS Deletion Protection Disabled", + Description: "Ensure deletion protection is enabled for RDS database instances.", + Severity: "MEDIUM", + RecommendedActions: "Modify the RDS instances to enable deletion protection.", + References: []string{"https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Warnings: types.MisconfResults(nil), Failures: types.MisconfResults{ + types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No account allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", Type: "Azure ARM Security Check", + Title: "Test policy", Description: "This is a test policy.", + Severity: "LOW", RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "resources[0]", Provider: "Generic", Service: "general", + StartLine: 29, EndLine: 39, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", + Message: "No account allowed!", PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", Type: "Azure ARM Security Check", + Title: "Test policy", Description: "This is a test policy.", + Severity: "LOW", RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "resources[1]", Provider: "Generic", Service: "general", + StartLine: 40, EndLine: 50, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, + }, + }, Secrets: []types.Secret(nil), Licenses: []types.LicenseFile(nil), + BuildInfo: (*types.BuildInfo)(nil), CustomResources: []types.CustomResource(nil), + }, + }, + Returns: cache.ArtifactCachePutBlobReturns{}, + }, + want: types.ArtifactReference{ + Name: "testdata/misconfig/azurearm/multiple-failures/src", + Type: types.ArtifactFilesystem, + ID: "sha256:8859b0de1cb155a38e27ecf9f26dd662f2e809fdce48f201f4c1e94d299c0f96", + BlobIDs: []string{ + "sha256:8859b0de1cb155a38e27ecf9f26dd662f2e809fdce48f201f4c1e94d299c0f96", + }, + }, + }, + { + name: "no results", + fields: fields{ + dir: "./testdata/misconfig/azurearm/no-results/src", + }, + artifactOpt: artifact.Option{ + AnalyzerGroup: "", + DisabledAnalyzers: nil, + DisabledHandlers: nil, + SkipFiles: nil, + SkipDirs: nil, + NoProgress: false, + Offline: false, + InsecureSkipTLS: false, + MisconfScannerOption: config.ScannerOption{ + RegoOnly: true, + Namespaces: []string{"user"}, + PolicyPaths: []string{"./testdata/misconfig/azurearm/no-results/rego"}, + }, + }, + putBlobExpectation: cache.ArtifactCachePutBlobExpectation{ + Args: cache.ArtifactCachePutBlobArgs{ + BlobIDAnything: true, + BlobInfo: types.BlobInfo{ + SchemaVersion: types.BlobJSONSchemaVersion, + }, + }, + Returns: cache.ArtifactCachePutBlobReturns{}, + }, + want: types.ArtifactReference{ + Name: "testdata/misconfig/azurearm/no-results/src", + Type: types.ArtifactFilesystem, + ID: "sha256:58371119b88104d4a643bda59a6957e5777174d62a09e179bbad7744e9632128", + BlobIDs: []string{ + "sha256:58371119b88104d4a643bda59a6957e5777174d62a09e179bbad7744e9632128", + }, + }, + }, + { + name: "passed", + fields: fields{ + dir: "./testdata/misconfig/azurearm/passed/src", + }, + artifactOpt: artifact.Option{ + AnalyzerGroup: "", + DisabledAnalyzers: nil, + DisabledHandlers: nil, + SkipFiles: nil, + SkipDirs: nil, + NoProgress: false, + Offline: false, + InsecureSkipTLS: false, + MisconfScannerOption: config.ScannerOption{ + RegoOnly: true, + Namespaces: []string{"user"}, + PolicyPaths: []string{"./testdata/misconfig/azurearm/passed/rego"}, + }, + }, + putBlobExpectation: cache.ArtifactCachePutBlobExpectation{ + Args: cache.ArtifactCachePutBlobArgs{ + BlobIDAnything: true, + BlobInfo: types.BlobInfo{ + SchemaVersion: 2, Digest: "", DiffID: "", CreatedBy: "", OpaqueDirs: []string(nil), + WhiteoutFiles: []string(nil), OS: (*types.OS)(nil), Repository: (*types.Repository)(nil), + PackageInfos: []types.PackageInfo(nil), Applications: []types.Application(nil), + Misconfigurations: []types.Misconfiguration{ + types.Misconfiguration{ + FileType: "azure-arm", FilePath: "deploy.json", Successes: types.MisconfResults{ + types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0176", + Query: "data.builtin.aws.rds.aws0176.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0176", Type: "Azure ARM Security Check", + Title: "RDS IAM Database Authentication Disabled", + Description: "Ensure IAM Database Authentication is enabled for RDS database instances to manage database access", + Severity: "MEDIUM", + RecommendedActions: "Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.", + References: []string{"https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "builtin.aws.rds.aws0177", + Query: "data.builtin.aws.rds.aws0177.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "N/A", AVDID: "AVD-AWS-0177", Type: "Azure ARM Security Check", + Title: "RDS Deletion Protection Disabled", + Description: "Ensure deletion protection is enabled for RDS database instances.", + Severity: "MEDIUM", + RecommendedActions: "Modify the RDS instances to enable deletion protection.", + References: []string{"https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "AWS", Service: "rds", StartLine: 0, EndLine: 0, + Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, types.MisconfResult{ + Namespace: "user.something", Query: "data.user.something.deny", Message: "", + PolicyMetadata: types.PolicyMetadata{ + ID: "TEST001", AVDID: "AVD-TEST-0001", Type: "Azure ARM Security Check", + Title: "Test policy", Description: "This is a test policy.", + Severity: "LOW", RecommendedActions: "Have a cup of tea.", + References: []string{"https://trivy.dev/"}, + }, CauseMetadata: types.CauseMetadata{ + Resource: "", Provider: "Generic", Service: "general", StartLine: 0, + EndLine: 0, Code: types.Code{Lines: []types.Line(nil)}, + }, Traces: []string(nil), + }, + }, Warnings: types.MisconfResults(nil), Failures: types.MisconfResults(nil), + Exceptions: types.MisconfResults(nil), + Layer: types.Layer{Digest: "", DiffID: "", CreatedBy: ""}, + }, + }, Secrets: []types.Secret(nil), Licenses: []types.LicenseFile(nil), + BuildInfo: (*types.BuildInfo)(nil), CustomResources: []types.CustomResource(nil), + }, + }, + Returns: cache.ArtifactCachePutBlobReturns{}, + }, + want: types.ArtifactReference{ + Name: "testdata/misconfig/azurearm/passed/src", + Type: types.ArtifactFilesystem, + ID: "sha256:11bfbe426d39efcefa0bd0ac16a1386967720e1efd00e92012d637b80330821c", + BlobIDs: []string{ + "sha256:11bfbe426d39efcefa0bd0ac16a1386967720e1efd00e92012d637b80330821c", + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + c := new(cache.MockArtifactCache) + c.ApplyPutBlobExpectation(tt.putBlobExpectation) + tt.artifactOpt.DisabledHandlers = []types.HandlerType{ + types.SystemFileFilteringPostHandler, + types.GoModMergePostHandler, + } + a, err := NewArtifact(tt.fields.dir, c, tt.artifactOpt) + require.NoError(t, err) + + got, err := a.Inspect(context.Background()) + require.NoError(t, err) + assert.Equal(t, tt.want, got) + }) + } +} diff --git a/pkg/fanal/artifact/local/testdata/misconfig/azurearm/multiple-failures/rego/policy.rego b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/multiple-failures/rego/policy.rego new file mode 100644 index 0000000000..fca807d18e --- /dev/null +++ b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/multiple-failures/rego/policy.rego @@ -0,0 +1,32 @@ +package user.something + +__rego_metadata__ := { + "id": "TEST001", + "avd_id": "AVD-TEST-0001", + "title": "Test policy", + "short_code": "no-buckets", + "severity": "LOW", + "description": "This is a test policy.", + "recommended_actions": "Have a cup of tea.", + "url": "https://trivy.dev/", +} + +# taken from defsec rego lib to mimic behaviour +result(msg, cause) = result { + metadata := object.get(cause, "__defsec_metadata", cause) + result := { + "msg": msg, + "startline": object.get(metadata, "startline", 0), + "endline": object.get(metadata, "endline", 0), + "filepath": object.get(metadata, "filepath", ""), + "explicit": object.get(metadata, "explicit", false), + "managed": object.get(metadata, "managed", true), + "fskey": object.get(metadata, "fskey", ""), + "resource": object.get(metadata, "resource", ""), + } +} + +deny[res] { + account := input.azure.storage.accounts[_] + res := result("No account allowed!", account) +} \ No newline at end of file diff --git a/pkg/fanal/artifact/local/testdata/misconfig/azurearm/multiple-failures/src/deploy.json b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/multiple-failures/src/deploy.json new file mode 100644 index 0000000000..f9341d5d83 --- /dev/null +++ b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/multiple-failures/src/deploy.json @@ -0,0 +1,57 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "storageAccountType": { + "type": "string", + "defaultValue": "Standard_LRS", + "allowedValues": [ + "Standard_LRS", + "Standard_GRS", + "Standard_ZRS", + "Premium_LRS" + ], + "metadata": { + "description": "Storage Account type" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Location for all resources." + } + } + }, + "variables": { + "storageAccountName": "[concat('store', uniquestring(resourceGroup().id))]" + }, + "resources": [{ + "type": "Microsoft.Storage/storageAccounts", + "name": "[variables('storageAccountName')]", + "location": "[parameters('location')]", + "apiVersion": "2018-07-01", + "sku": { + "name": "[parameters('storageAccountType')]" + }, + "kind": "StorageV2", + "properties": {} + }, + { + "type": "Microsoft.Storage/storageAccounts", + "name": "bucket2", + "location": "[parameters('location')]", + "apiVersion": "2018-07-01", + "sku": { + "name": "[parameters('storageAccountType')]" + }, + "kind": "StorageV2", + "properties": {} + }], + "outputs": { + "storageAccountName": { + "type": "string", + "value": "[variables('storageAccountName')]" + } + } +} \ No newline at end of file diff --git a/pkg/fanal/artifact/local/testdata/misconfig/azurearm/no-results/rego/policy.rego b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/no-results/rego/policy.rego new file mode 100644 index 0000000000..ecf4506727 --- /dev/null +++ b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/no-results/rego/policy.rego @@ -0,0 +1,32 @@ +package user.something + +__rego_metadata__ := { + "id": "TEST001", + "avd_id": "AVD-TEST-0001", + "title": "Test policy", + "short_code": "no-buckets", + "severity": "LOW", + "description": "This is a test policy.", + "recommended_actions": "Have a cup of tea.", + "url": "https://trivy.dev/", +} + +# taken from defsec rego lib to mimic behaviour +result(msg, cause) = result { + metadata := object.get(cause, "__defsec_metadata", cause) + result := { + "msg": msg, + "startline": object.get(metadata, "startline", 0), + "endline": object.get(metadata, "endline", 0), + "filepath": object.get(metadata, "filepath", ""), + "explicit": object.get(metadata, "explicit", false), + "managed": object.get(metadata, "managed", true), + "fskey": object.get(metadata, "fskey", ""), + "resource": object.get(metadata, "resource", ""), + } +} + +deny[res] { + bucket := input.aws.s3.buckets[_] + res := result("No buckets allowed!", bucket) +} \ No newline at end of file diff --git a/pkg/fanal/artifact/local/testdata/misconfig/azurearm/no-results/src/.gitkeep b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/no-results/src/.gitkeep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/pkg/fanal/artifact/local/testdata/misconfig/azurearm/passed/rego/policy.rego b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/passed/rego/policy.rego new file mode 100644 index 0000000000..efae52a8f6 --- /dev/null +++ b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/passed/rego/policy.rego @@ -0,0 +1,33 @@ +package user.something + +__rego_metadata__ := { + "id": "TEST001", + "avd_id": "AVD-TEST-0001", + "title": "Test policy", + "short_code": "no-buckets", + "severity": "LOW", + "description": "This is a test policy.", + "recommended_actions": "Have a cup of tea.", + "url": "https://trivy.dev/", +} + +# taken from defsec rego lib to mimic behaviour +result(msg, cause) = result { + metadata := object.get(cause, "__defsec_metadata", cause) + result := { + "msg": msg, + "startline": object.get(metadata, "startline", 0), + "endline": object.get(metadata, "endline", 0), + "filepath": object.get(metadata, "filepath", ""), + "explicit": object.get(metadata, "explicit", false), + "managed": object.get(metadata, "managed", true), + "fskey": object.get(metadata, "fskey", ""), + "resource": object.get(metadata, "resource", ""), + } +} + +deny[res] { + account := input.azure.storage.accounts[_] + true == false + res := result("No accounts allowed!", account) +} \ No newline at end of file diff --git a/pkg/fanal/artifact/local/testdata/misconfig/azurearm/passed/src/deploy.json b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/passed/src/deploy.json new file mode 100644 index 0000000000..0dfd672bc5 --- /dev/null +++ b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/passed/src/deploy.json @@ -0,0 +1,46 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "storageAccountType": { + "type": "string", + "defaultValue": "Standard_LRS", + "allowedValues": [ + "Standard_LRS", + "Standard_GRS", + "Standard_ZRS", + "Premium_LRS" + ], + "metadata": { + "description": "Storage Account type" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Location for all resources." + } + } + }, + "variables": { + "storageAccountName": "[concat('store', uniquestring(resourceGroup().id))]" + }, + "resources": [{ + "type": "Microsoft.Storage/storageAccounts", + "name": "[variables('storageAccountName')]", + "location": "[parameters('location')]", + "apiVersion": "2018-07-01", + "sku": { + "name": "[parameters('storageAccountType')]" + }, + "kind": "StorageV2", + "properties": {} + }], + "outputs": { + "storageAccountName": { + "type": "string", + "value": "[variables('storageAccountName')]" + } + } +} \ No newline at end of file diff --git a/pkg/fanal/artifact/local/testdata/misconfig/azurearm/single-failure/rego/policy.rego b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/single-failure/rego/policy.rego new file mode 100644 index 0000000000..fca807d18e --- /dev/null +++ b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/single-failure/rego/policy.rego @@ -0,0 +1,32 @@ +package user.something + +__rego_metadata__ := { + "id": "TEST001", + "avd_id": "AVD-TEST-0001", + "title": "Test policy", + "short_code": "no-buckets", + "severity": "LOW", + "description": "This is a test policy.", + "recommended_actions": "Have a cup of tea.", + "url": "https://trivy.dev/", +} + +# taken from defsec rego lib to mimic behaviour +result(msg, cause) = result { + metadata := object.get(cause, "__defsec_metadata", cause) + result := { + "msg": msg, + "startline": object.get(metadata, "startline", 0), + "endline": object.get(metadata, "endline", 0), + "filepath": object.get(metadata, "filepath", ""), + "explicit": object.get(metadata, "explicit", false), + "managed": object.get(metadata, "managed", true), + "fskey": object.get(metadata, "fskey", ""), + "resource": object.get(metadata, "resource", ""), + } +} + +deny[res] { + account := input.azure.storage.accounts[_] + res := result("No account allowed!", account) +} \ No newline at end of file diff --git a/pkg/fanal/artifact/local/testdata/misconfig/azurearm/single-failure/src/deploy.json b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/single-failure/src/deploy.json new file mode 100644 index 0000000000..0dfd672bc5 --- /dev/null +++ b/pkg/fanal/artifact/local/testdata/misconfig/azurearm/single-failure/src/deploy.json @@ -0,0 +1,46 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "storageAccountType": { + "type": "string", + "defaultValue": "Standard_LRS", + "allowedValues": [ + "Standard_LRS", + "Standard_GRS", + "Standard_ZRS", + "Premium_LRS" + ], + "metadata": { + "description": "Storage Account type" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Location for all resources." + } + } + }, + "variables": { + "storageAccountName": "[concat('store', uniquestring(resourceGroup().id))]" + }, + "resources": [{ + "type": "Microsoft.Storage/storageAccounts", + "name": "[variables('storageAccountName')]", + "location": "[parameters('location')]", + "apiVersion": "2018-07-01", + "sku": { + "name": "[parameters('storageAccountType')]" + }, + "kind": "StorageV2", + "properties": {} + }], + "outputs": { + "storageAccountName": { + "type": "string", + "value": "[variables('storageAccountName')]" + } + } +} \ No newline at end of file diff --git a/pkg/fanal/cache/mock_artifact_cache.go b/pkg/fanal/cache/mock_artifact_cache.go index 4a70c8bd4a..39fb5525c7 100644 --- a/pkg/fanal/cache/mock_artifact_cache.go +++ b/pkg/fanal/cache/mock_artifact_cache.go @@ -218,6 +218,7 @@ func (_m *MockArtifactCache) ApplyPutBlobExpectations(expectations []ArtifactCac func (_m *MockArtifactCache) PutBlob(blobID string, blobInfo types.BlobInfo) error { for i := range blobInfo.Misconfigurations { + // suppress misconfiguration code block for j := range blobInfo.Misconfigurations[i].Failures { blobInfo.Misconfigurations[i].Failures[j].Code = types.Code{} } diff --git a/pkg/fanal/handler/misconf/misconf.go b/pkg/fanal/handler/misconf/misconf.go index 18cb7940e3..cdd383cc8a 100644 --- a/pkg/fanal/handler/misconf/misconf.go +++ b/pkg/fanal/handler/misconf/misconf.go @@ -8,12 +8,15 @@ import ( "io/fs" "os" "path/filepath" + "sort" "strings" "github.com/liamg/memoryfs" "github.com/samber/lo" "golang.org/x/xerrors" + "github.com/aquasecurity/defsec/pkg/scanners/azure/arm" + "github.com/aquasecurity/defsec/pkg/detection" "github.com/aquasecurity/defsec/pkg/scan" "github.com/aquasecurity/defsec/pkg/scanners" @@ -163,8 +166,7 @@ func newMisconfPostHandler(artifactOpt artifact.Option) (handler.PostHandler, er } if opt.RegoOnly { - opts = append(opts, tfscanner.ScannerWithRegoOnly(true)) - opts = append(opts, cfscanner.ScannerWithRegoOnly(true)) + opts = append(opts, options.ScannerWithRegoOnly(true)) } if len(policyPaths) > 0 { @@ -185,6 +187,7 @@ func newMisconfPostHandler(artifactOpt artifact.Option) (handler.PostHandler, er return misconfPostHandler{ filePatterns: artifactOpt.FilePatterns, scanners: map[string]scanners.FSScanner{ + types.AzureARM: arm.New(opts...), types.Terraform: tfscanner.New(tfOpts...), types.CloudFormation: cfscanner.New(opts...), types.Dockerfile: dfscanner.NewScanner(opts...), @@ -224,6 +227,7 @@ func addHelmOpts(opts []options.ScannerOption, scannerOption config.ScannerOptio } var enabledDefsecTypes = map[detection.FileType]string{ + detection.FileTypeAzureARM: types.AzureARM, detection.FileTypeCloudFormation: types.CloudFormation, detection.FileTypeTerraform: types.Terraform, detection.FileTypeDockerfile: types.Dockerfile, @@ -292,6 +296,27 @@ func (h misconfPostHandler) Handle(ctx context.Context, result *analyzer.Analysi } // Add misconfigurations + for _, misconf := range misconfs { + sort.Slice(misconf.Successes, func(i, j int) bool { + if misconf.Successes[i].AVDID == misconf.Successes[j].AVDID { + return misconf.Successes[i].StartLine < misconf.Successes[j].StartLine + } + return misconf.Successes[i].AVDID < misconf.Successes[j].AVDID + }) + sort.Slice(misconf.Warnings, func(i, j int) bool { + if misconf.Warnings[i].AVDID == misconf.Warnings[j].AVDID { + return misconf.Warnings[i].StartLine < misconf.Warnings[j].StartLine + } + return misconf.Warnings[i].AVDID < misconf.Warnings[j].AVDID + }) + sort.Slice(misconf.Failures, func(i, j int) bool { + if misconf.Failures[i].AVDID == misconf.Failures[j].AVDID { + return misconf.Failures[i].StartLine < misconf.Failures[j].StartLine + } + return misconf.Failures[i].AVDID < misconf.Failures[j].AVDID + }) + } + blob.Misconfigurations = misconfs return nil diff --git a/pkg/fanal/types/const.go b/pkg/fanal/types/const.go index a2d2e73e01..df49ae438c 100644 --- a/pkg/fanal/types/const.go +++ b/pkg/fanal/types/const.go @@ -41,6 +41,7 @@ const ( Helm = "helm" Rbac = "rbac" Cloud = "cloud" + AzureARM = "azure-arm" // Licensing License = "license"