From ed764cba1e0a02f22cb520ff59c008719bf889ed Mon Sep 17 00:00:00 2001 From: Shengwen Yu Date: Fri, 10 May 2024 20:09:26 +0800 Subject: [PATCH] feat: fake scanner implements spec v1.2 Signed-off-by: Shengwen Yu --- .gitignore | 3 + README.md | 2 +- api/api.gen.go | 553 ++++++++++++++++++++++------------------- api/openapi.yaml | 261 +++++++++++++++---- go.mod | 62 ++--- go.sum | 176 +++++++------ main.go | 7 +- pkg/config/config.go | 8 + pkg/scanner/scanner.go | 131 ++++++++-- pkg/scanner/util.go | 29 +++ pkg/server/server.go | 19 +- pkg/store/memory.go | 12 +- pkg/store/store.go | 5 +- 13 files changed, 822 insertions(+), 446 deletions(-) diff --git a/.gitignore b/.gitignore index 5b40464..cda953d 100644 --- a/.gitignore +++ b/.gitignore @@ -90,3 +90,6 @@ junit-report.xml coverage.xml profile.cov config.yaml + +### Goland ### +.idea diff --git a/README.md b/README.md index 0f9955e..09f17f4 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,7 @@ When run the scanner, we can privide a yaml file to customize the behavior of th Here is a example yaml file ```yaml --- +--- db: total: 10000 # The total count of the vulnerabilities in db scanner: diff --git a/api/api.gen.go b/api/api.gen.go index 87b551c..7ffc685 100644 --- a/api/api.gen.go +++ b/api/api.gen.go @@ -1,6 +1,6 @@ // Package api provides primitives to interact with the openapi HTTP API. // -// Code generated by github.com/deepmap/oapi-codegen DO NOT EDIT. +// Code generated by github.com/deepmap/oapi-codegen/v2 version v2.1.0 DO NOT EDIT. package api import ( @@ -15,10 +15,9 @@ import ( "strings" "time" - "github.com/deepmap/oapi-codegen/pkg/runtime" "github.com/getkin/kin-openapi/openapi3" "github.com/labstack/echo/v4" - "github.com/pkg/errors" + "github.com/oapi-codegen/runtime" ) const ( @@ -26,50 +25,67 @@ const ( BearerAuthScopes = "BearerAuth.Scopes" ) -// Defines values for Severity. +// Defines values for HarborSbomReportMediaType. const ( - SeverityCritical Severity = "Critical" - - SeverityHigh Severity = "High" + HarborSbomReportMediaTypeApplicationspdxJson HarborSbomReportMediaType = "application/spdx+json" + HarborSbomReportMediaTypeApplicationvndCyclonedxJson HarborSbomReportMediaType = "application/vnd.cyclonedx+json" +) - SeverityLow Severity = "Low" +// Defines values for SbomParametersSbomMediaTypes. +const ( + SbomParametersSbomMediaTypesApplicationspdxJson SbomParametersSbomMediaTypes = "application/spdx+json" + SbomParametersSbomMediaTypesApplicationvndCyclonedxJson SbomParametersSbomMediaTypes = "application/vnd.cyclonedx+json" +) - SeverityMedium Severity = "Medium" +// Defines values for ScanRequestEnabledCapabilitiesType. +const ( + ScanRequestEnabledCapabilitiesTypeSbom ScanRequestEnabledCapabilitiesType = "sbom" + ScanRequestEnabledCapabilitiesTypeVulnerability ScanRequestEnabledCapabilitiesType = "vulnerability" +) - SeverityNegligible Severity = "Negligible" +// Defines values for ScannerCapabilityType. +const ( + ScannerCapabilityTypeSbom ScannerCapabilityType = "sbom" + ScannerCapabilityTypeVulnerability ScannerCapabilityType = "vulnerability" +) - SeverityUnknown Severity = "Unknown" +// Defines values for Severity. +const ( + Critical Severity = "Critical" + High Severity = "High" + Low Severity = "Low" + Medium Severity = "Medium" + Negligible Severity = "Negligible" + Unknown Severity = "Unknown" ) // Artifact defines model for Artifact. type Artifact struct { - - // The artifact's digest, consisting of an algorithm and hex portion. + // Digest The artifact's digest, consisting of an algorithm and hex portion. Digest *string `json:"digest,omitempty"` - // The MIME type of the artifact. + // MimeType The MIME type of the artifact. MimeType *string `json:"mime_type,omitempty"` - // The name of the Docker Registry repository containing the artifact. + // Repository The name of the Docker Registry repository containing the artifact. Repository *string `json:"repository,omitempty"` - // The artifact's tag + // Tag The artifact's tag Tag *string `json:"tag,omitempty"` } // CVSSDetails defines model for CVSSDetails. type CVSSDetails struct { - - // The CVSS 2.0 score for the vulnerability. + // ScoreV2 The CVSS 2.0 score for the vulnerability. ScoreV2 *float32 `json:"score_v2,omitempty"` - // The CVSS 3.0 score for the vulnerability. + // ScoreV3 The CVSS 3.0 score for the vulnerability. ScoreV3 *float32 `json:"score_v3,omitempty"` - // The CVSS 2.0 vector for the vulnerability. The string is of the form AV:L/AC:M/Au:N/C:P/I:N/A:N + // VectorV2 The CVSS 2.0 vector for the vulnerability. The string is of the form AV:L/AC:M/Au:N/C:P/I:N/A:N VectorV2 *string `json:"vector_v2,omitempty"` - // The CVSS 3.0 vector for the vulnerability. + // VectorV3 The CVSS 3.0 vector for the vulnerability. VectorV3 *string `json:"vector_v3,omitempty"` } @@ -83,15 +99,38 @@ type ErrorResponse struct { Error *Error `json:"error,omitempty"` } +// HarborSbomReport defines model for HarborSbomReport. +type HarborSbomReport struct { + Artifact *Artifact `json:"artifact,omitempty"` + + // GeneratedAt The time of the report generated. + GeneratedAt *time.Time `json:"generated_at,omitempty"` + + // MediaType The format of the sbom data. + MediaType *HarborSbomReportMediaType `json:"media_type,omitempty"` + + // Sbom The raw data of the sbom generated by the scanner. + Sbom *map[string]interface{} `json:"sbom,omitempty"` + + // Scanner Basic scanner properties such as name, vendor, and version. + Scanner *Scanner `json:"scanner,omitempty"` + + // VendorAttributes The additional attributes of the vendor. + VendorAttributes *map[string]interface{} `json:"vendor_attributes,omitempty"` +} + +// HarborSbomReportMediaType The format of the sbom data. +type HarborSbomReportMediaType string + // HarborVulnerabilityReport defines model for HarborVulnerabilityReport. type HarborVulnerabilityReport struct { Artifact *Artifact `json:"artifact,omitempty"` GeneratedAt *time.Time `json:"generated_at,omitempty"` - // Basic scanner properties such as name, vendor, and version. + // Scanner Basic scanner properties such as name, vendor, and version. Scanner *Scanner `json:"scanner,omitempty"` - // A standard scale for measuring the severity of a vulnerability. + // Severity A standard scale for measuring the severity of a vulnerability. // // * `Unknown` - either a security problem that has not been assigned to a priority yet or a priority that the // scanner did not recognize. @@ -111,122 +150,169 @@ type HarborVulnerabilityReport struct { // Registry defines model for Registry. type Registry struct { - - // An optional value of the HTTP Authorization header sent with each request to the Docker Registry v2 API. + // Authorization An optional value of the HTTP Authorization header sent with each request to the Docker Registry v2 API. // It's used to exchange Base64 encoded robot account credentials to a short lived JWT access token which // allows the underlying scanner to pull the artifact from the Docker Registry. Authorization *string `json:"authorization,omitempty"` - // A base URL or the Docker Registry v2 API. + // Url A base URL or the Docker Registry v2 API. Url *string `json:"url,omitempty"` } +// SbomParameters defines model for SbomParameters. +type SbomParameters struct { + SbomMediaTypes *[]SbomParametersSbomMediaTypes `json:"sbom_media_types,omitempty"` +} + +// SbomParametersSbomMediaTypes defines model for SbomParameters.SbomMediaTypes. +type SbomParametersSbomMediaTypes string + // ScanRequest defines model for ScanRequest. type ScanRequest struct { Artifact Artifact `json:"artifact"` + + // EnabledCapabilities Enable which capabilities supported by scanner, for backward compatibility, without this field scanner can be considered to enable all capabilities by default. + EnabledCapabilities *[]struct { + // Parameters The additional parameters for the scan request, for the SBOM type, harbor will carry with `sbom_media_types` to specify the expected formats for SBOM content. + Parameters *ScanRequest_EnabledCapabilities_Parameters `json:"parameters"` + + // ProducesMimeTypes The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record, it is a subset or fullset of the + // produces_mime_types of the capability returned by the metadata API, used for client to fine grained control of the expected report type. It's a optional + // field, only applied when client needs to customize it, otherwise the scanner can think it's a fullset as before behavior if without this field. + ProducesMimeTypes *[]string `json:"produces_mime_types,omitempty"` + + // Type The type of the scan capability. + Type ScanRequestEnabledCapabilitiesType `json:"type"` + } `json:"enabled_capabilities,omitempty"` Registry Registry `json:"registry"` } -// A unique identifier returned by the [/scan](#/operation/AcceptScanRequest] operations. The format of the +// ScanRequest_EnabledCapabilities_Parameters The additional parameters for the scan request, for the SBOM type, harbor will carry with `sbom_media_types` to specify the expected formats for SBOM content. +type ScanRequest_EnabledCapabilities_Parameters struct { + union json.RawMessage +} + +// ScanRequestEnabledCapabilitiesType The type of the scan capability. +type ScanRequestEnabledCapabilitiesType string + +// ScanRequestId A unique identifier returned by the [/scan](#/operation/AcceptScanRequest] operations. The format of the // identifier is not imposed but it should be unique enough to prevent collisons when polling for scan reports. -type ScanRequestId string +type ScanRequestId = string // ScanResponse defines model for ScanResponse. type ScanResponse struct { - - // A unique identifier returned by the [/scan](#/operation/AcceptScanRequest] operations. The format of the + // Id A unique identifier returned by the [/scan](#/operation/AcceptScanRequest] operations. The format of the // identifier is not imposed but it should be unique enough to prevent collisons when polling for scan reports. Id ScanRequestId `json:"id"` } -// Basic scanner properties such as name, vendor, and version. +// Scanner Basic scanner properties such as name, vendor, and version. type Scanner struct { - - // The name of the scanner. + // Name The name of the scanner. Name *string `json:"name,omitempty"` - // The name of the scanner's provider. + // Vendor The name of the scanner's provider. Vendor *string `json:"vendor,omitempty"` - // The version of the scanner. + // Version The version of the scanner. Version *string `json:"version,omitempty"` } -// Represents metadata of a Scanner Adapter which allows Harbor to lookup a scanner capable +// ScannerAdapterMetadata Represents metadata of a Scanner Adapter which allows Harbor to lookup a scanner capabilities // of scanning a given Artifact stored in its registry and making sure that it // can interpret a returned result. type ScannerAdapterMetadata struct { Capabilities []ScannerCapability `json:"capabilities"` - // A set of custom properties that can further describe capabilities of a given scanner. + // Properties A set of custom properties that can further describe capabilities of a given scanner. Properties *ScannerProperties `json:"properties,omitempty"` - // Basic scanner properties such as name, vendor, and version. + // Scanner Basic scanner properties such as name, vendor, and version. Scanner Scanner `json:"scanner"` } -// Capability consists of the set of recognized artifact MIME types and the set of scanner report MIME types. +// ScannerCapability Capability consists of the set of recognized artifact MIME types and the set of scanner report MIME types. +// // For example, a scanner capable of analyzing Docker images and producing a vulnerabilities report recognizable // by Harbor web console might be represented with the following capability: // - consumes MIME types: // - `application/vnd.oci.image.manifest.v1+json` // - `application/vnd.docker.distribution.manifest.v2+json` +// // - produces MIME types: // - `application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0` +// +// For example, a scanner capable of analyzing artifacts and producing a sbom report recognizable +// by Harbor might be represented with the following capability: +// - type: sbom +// - consumes MIME types: +// - `application/vnd.oci.image.manifest.v1+json` +// - `application/vnd.docker.distribution.manifest.v2+json` +// +// - produces MIME types: +// - `application/vnd.security.sbom.report+json; version=1.0` type ScannerCapability struct { + AdditionalAttributes *map[string]interface{} `json:"additional_attributes,omitempty"` - // The set of MIME types of the artifacts supported by the scanner to produce the reports specified in the "produces_mime_types". A given + // ConsumesMimeTypes The set of MIME types of the artifacts supported by the scanner to produce the reports specified in the "produces_mime_types". A given // mime type should only be present in one capability item. ConsumesMimeTypes []string `json:"consumes_mime_types"` - // The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record. + // ProducesMimeTypes The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record. ProducesMimeTypes []string `json:"produces_mime_types"` -} -// A set of custom properties that can further describe capabilities of a given scanner. -type ScannerProperties struct { - AdditionalProperties map[string]string `json:"-"` + // Type The type of the capability, for example, 'vulnerability' represents analyzing the artifact then producing the vulnerabilities report, + // 'sbom' represents generating the corresponding sbom for the artifact which be scanned. In order to the backward and forward compatible, + // the field is optional, we think it's a original 'vulnerability' scan if no such field. + Type *ScannerCapabilityType `json:"type,omitempty"` } -// A standard scale for measuring the severity of a vulnerability. +// ScannerCapabilityType The type of the capability, for example, 'vulnerability' represents analyzing the artifact then producing the vulnerabilities report, +// 'sbom' represents generating the corresponding sbom for the artifact which be scanned. In order to the backward and forward compatible, +// the field is optional, we think it's a original 'vulnerability' scan if no such field. +type ScannerCapabilityType string + +// ScannerProperties A set of custom properties that can further describe capabilities of a given scanner. +type ScannerProperties map[string]string + +// Severity A standard scale for measuring the severity of a vulnerability. // -// * `Unknown` - either a security problem that has not been assigned to a priority yet or a priority that the -// scanner did not recognize. -// * `Negligible` - technically a security problem, but is only theoretical in nature, requires a very special -// situation, has almost no install base, or does no real damage. -// * `Low` - a security problem, but is hard to exploit due to environment, requires a user-assisted attack, -// a small install base, or does very little damage. -// * `Medium` - a real security problem, and is exploitable for many people. Includes network daemon denial of -// service attacks, cross-site scripting, and gaining user privileges. -// * `High` - a real problem, exploitable for many people in a default installation. Includes serious remote denial -// of service, local root privilege escalations, or data loss. -// * `Critical` - a world-burning problem, exploitable for nearly all people in a default installation. Includes -// remote root privilege escalations, or massive data loss. +// - `Unknown` - either a security problem that has not been assigned to a priority yet or a priority that the +// scanner did not recognize. +// - `Negligible` - technically a security problem, but is only theoretical in nature, requires a very special +// situation, has almost no install base, or does no real damage. +// - `Low` - a security problem, but is hard to exploit due to environment, requires a user-assisted attack, +// a small install base, or does very little damage. +// - `Medium` - a real security problem, and is exploitable for many people. Includes network daemon denial of +// service attacks, cross-site scripting, and gaining user privileges. +// - `High` - a real problem, exploitable for many people in a default installation. Includes serious remote denial +// of service, local root privilege escalations, or data loss. +// - `Critical` - a world-burning problem, exploitable for nearly all people in a default installation. Includes +// remote root privilege escalations, or massive data loss. type Severity string // VulnerabilityItem defines model for VulnerabilityItem. type VulnerabilityItem struct { - - // The Common Weakness Enumeration Identifiers associated with this vulnerability. + // CweIds The Common Weakness Enumeration Identifiers associated with this vulnerability. CweIds *[]string `json:"cwe_ids,omitempty"` - // The detailed description of the vulnerability. + // Description The detailed description of the vulnerability. Description *string `json:"description,omitempty"` - // The version of the package containing the fix if available. + // FixVersion The version of the package containing the fix if available. FixVersion *string `json:"fix_version,omitempty"` - // The unique identifier of the vulnerability. + // Id The unique identifier of the vulnerability. Id *string `json:"id,omitempty"` - // The list of links to the upstream databases with the full description of the vulnerability. + // Links The list of links to the upstream databases with the full description of the vulnerability. Links *[]string `json:"links,omitempty"` - // An operating system package containing the vulnerability. + // Package An operating system package containing the vulnerability. Package *string `json:"package,omitempty"` PreferredCvss *CVSSDetails `json:"preferred_cvss,omitempty"` - // A standard scale for measuring the severity of a vulnerability. + // Severity A standard scale for measuring the severity of a vulnerability. // // * `Unknown` - either a security problem that has not been assigned to a priority yet or a priority that the // scanner did not recognize. @@ -240,127 +326,60 @@ type VulnerabilityItem struct { // of service, local root privilege escalations, or data loss. // * `Critical` - a world-burning problem, exploitable for nearly all people in a default installation. Includes // remote root privilege escalations, or massive data loss. - Severity *Severity `json:"severity,omitempty"` - VendorAttributes *VulnerabilityItem_VendorAttributes `json:"vendor_attributes,omitempty"` + Severity *Severity `json:"severity,omitempty"` + VendorAttributes *map[string]interface{} `json:"vendor_attributes,omitempty"` - // The version of the package containing the vulnerability. + // Version The version of the package containing the vulnerability. Version *string `json:"version,omitempty"` } -// VulnerabilityItem_VendorAttributes defines model for VulnerabilityItem.VendorAttributes. -type VulnerabilityItem_VendorAttributes struct { - AdditionalProperties map[string]interface{} `json:"-"` -} - // GetScanReportParams defines parameters for GetScanReport. type GetScanReportParams struct { - Accept *string `json:"Accept,omitempty"` -} - -// Getter for additional properties for ScannerProperties. Returns the specified -// element and whether it was found -func (a ScannerProperties) Get(fieldName string) (value string, found bool) { - if a.AdditionalProperties != nil { - value, found = a.AdditionalProperties[fieldName] - } - return -} - -// Setter for additional properties for ScannerProperties -func (a *ScannerProperties) Set(fieldName string, value string) { - if a.AdditionalProperties == nil { - a.AdditionalProperties = make(map[string]string) - } - a.AdditionalProperties[fieldName] = value -} - -// Override default JSON handling for ScannerProperties to handle AdditionalProperties -func (a *ScannerProperties) UnmarshalJSON(b []byte) error { - object := make(map[string]json.RawMessage) - err := json.Unmarshal(b, &object) - if err != nil { - return err - } - - if len(object) != 0 { - a.AdditionalProperties = make(map[string]string) - for fieldName, fieldBuf := range object { - var fieldVal string - err := json.Unmarshal(fieldBuf, &fieldVal) - if err != nil { - return errors.Wrap(err, fmt.Sprintf("error unmarshaling field %s", fieldName)) - } - a.AdditionalProperties[fieldName] = fieldVal - } - } - return nil + // SbomMediaType media_type specifies the format of SBOM to be retrieved from the scanner adapter, it should either SPDX SBOM or CycloneDX + SbomMediaType *string `form:"sbom_media_type,omitempty" json:"sbom_media_type,omitempty"` + Accept *string `json:"Accept,omitempty"` } -// Override default JSON handling for ScannerProperties to handle AdditionalProperties -func (a ScannerProperties) MarshalJSON() ([]byte, error) { - var err error - object := make(map[string]json.RawMessage) +// AcceptScanRequestApplicationVndScannerAdapterScanRequestPlusJSONVersion10RequestBody defines body for AcceptScanRequest for application/vnd.scanner.adapter.scan.request+json; version=1.0 ContentType. +type AcceptScanRequestApplicationVndScannerAdapterScanRequestPlusJSONVersion10RequestBody = ScanRequest - for fieldName, field := range a.AdditionalProperties { - object[fieldName], err = json.Marshal(field) - if err != nil { - return nil, errors.Wrap(err, fmt.Sprintf("error marshaling '%s'", fieldName)) - } - } - return json.Marshal(object) -} +// AcceptScanRequestApplicationVndScannerAdapterScanRequestPlusJSONVersion11RequestBody defines body for AcceptScanRequest for application/vnd.scanner.adapter.scan.request+json; version=1.1 ContentType. +type AcceptScanRequestApplicationVndScannerAdapterScanRequestPlusJSONVersion11RequestBody = ScanRequest -// Getter for additional properties for VulnerabilityItem_VendorAttributes. Returns the specified -// element and whether it was found -func (a VulnerabilityItem_VendorAttributes) Get(fieldName string) (value interface{}, found bool) { - if a.AdditionalProperties != nil { - value, found = a.AdditionalProperties[fieldName] - } - return +// AsSbomParameters returns the union data inside the ScanRequest_EnabledCapabilities_Parameters as a SbomParameters +func (t ScanRequest_EnabledCapabilities_Parameters) AsSbomParameters() (SbomParameters, error) { + var body SbomParameters + err := json.Unmarshal(t.union, &body) + return body, err } -// Setter for additional properties for VulnerabilityItem_VendorAttributes -func (a *VulnerabilityItem_VendorAttributes) Set(fieldName string, value interface{}) { - if a.AdditionalProperties == nil { - a.AdditionalProperties = make(map[string]interface{}) - } - a.AdditionalProperties[fieldName] = value +// FromSbomParameters overwrites any union data inside the ScanRequest_EnabledCapabilities_Parameters as the provided SbomParameters +func (t *ScanRequest_EnabledCapabilities_Parameters) FromSbomParameters(v SbomParameters) error { + b, err := json.Marshal(v) + t.union = b + return err } -// Override default JSON handling for VulnerabilityItem_VendorAttributes to handle AdditionalProperties -func (a *VulnerabilityItem_VendorAttributes) UnmarshalJSON(b []byte) error { - object := make(map[string]json.RawMessage) - err := json.Unmarshal(b, &object) +// MergeSbomParameters performs a merge with any union data inside the ScanRequest_EnabledCapabilities_Parameters, using the provided SbomParameters +func (t *ScanRequest_EnabledCapabilities_Parameters) MergeSbomParameters(v SbomParameters) error { + b, err := json.Marshal(v) if err != nil { return err } - if len(object) != 0 { - a.AdditionalProperties = make(map[string]interface{}) - for fieldName, fieldBuf := range object { - var fieldVal interface{} - err := json.Unmarshal(fieldBuf, &fieldVal) - if err != nil { - return errors.Wrap(err, fmt.Sprintf("error unmarshaling field %s", fieldName)) - } - a.AdditionalProperties[fieldName] = fieldVal - } - } - return nil + merged, err := runtime.JSONMerge(t.union, b) + t.union = merged + return err } -// Override default JSON handling for VulnerabilityItem_VendorAttributes to handle AdditionalProperties -func (a VulnerabilityItem_VendorAttributes) MarshalJSON() ([]byte, error) { - var err error - object := make(map[string]json.RawMessage) +func (t ScanRequest_EnabledCapabilities_Parameters) MarshalJSON() ([]byte, error) { + b, err := t.union.MarshalJSON() + return b, err +} - for fieldName, field := range a.AdditionalProperties { - object[fieldName], err = json.Marshal(field) - if err != nil { - return nil, errors.Wrap(err, fmt.Sprintf("error marshaling '%s'", fieldName)) - } - } - return json.Marshal(object) +func (t *ScanRequest_EnabledCapabilities_Parameters) UnmarshalJSON(b []byte) error { + err := t.union.UnmarshalJSON(b) + return err } // ServerInterface represents all server handlers. @@ -385,11 +404,11 @@ type ServerInterfaceWrapper struct { func (w *ServerInterfaceWrapper) GetMetadata(ctx echo.Context) error { var err error - ctx.Set(BasicAuthScopes, []string{""}) + ctx.Set(BasicAuthScopes, []string{}) - ctx.Set(BearerAuthScopes, []string{""}) + ctx.Set(BearerAuthScopes, []string{}) - // Invoke the callback with all the unmarshalled arguments + // Invoke the callback with all the unmarshaled arguments err = w.Handler.GetMetadata(ctx) return err } @@ -398,11 +417,11 @@ func (w *ServerInterfaceWrapper) GetMetadata(ctx echo.Context) error { func (w *ServerInterfaceWrapper) AcceptScanRequest(ctx echo.Context) error { var err error - ctx.Set(BasicAuthScopes, []string{""}) + ctx.Set(BasicAuthScopes, []string{}) - ctx.Set(BearerAuthScopes, []string{""}) + ctx.Set(BearerAuthScopes, []string{}) - // Invoke the callback with all the unmarshalled arguments + // Invoke the callback with all the unmarshaled arguments err = w.Handler.AcceptScanRequest(ctx) return err } @@ -413,17 +432,23 @@ func (w *ServerInterfaceWrapper) GetScanReport(ctx echo.Context) error { // ------------- Path parameter "scan_request_id" ------------- var scanRequestId ScanRequestId - err = runtime.BindStyledParameterWithLocation("simple", false, "scan_request_id", runtime.ParamLocationPath, ctx.Param("scan_request_id"), &scanRequestId) + err = runtime.BindStyledParameterWithOptions("simple", "scan_request_id", ctx.Param("scan_request_id"), &scanRequestId, runtime.BindStyledParameterOptions{ParamLocation: runtime.ParamLocationPath, Explode: false, Required: true}) if err != nil { return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid format for parameter scan_request_id: %s", err)) } - ctx.Set(BasicAuthScopes, []string{""}) + ctx.Set(BasicAuthScopes, []string{}) - ctx.Set(BearerAuthScopes, []string{""}) + ctx.Set(BearerAuthScopes, []string{}) // Parameter object where we will unmarshal all parameters from the context var params GetScanReportParams + // ------------- Optional query parameter "sbom_media_type" ------------- + + err = runtime.BindQueryParameter("form", true, false, "sbom_media_type", ctx.QueryParams(), ¶ms.SbomMediaType) + if err != nil { + return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid format for parameter sbom_media_type: %s", err)) + } headers := ctx.Request().Header // ------------- Optional header parameter "Accept" ------------- @@ -434,7 +459,7 @@ func (w *ServerInterfaceWrapper) GetScanReport(ctx echo.Context) error { return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Expected one value for Accept, got %d", n)) } - err = runtime.BindStyledParameterWithLocation("simple", false, "Accept", runtime.ParamLocationHeader, valueList[0], &Accept) + err = runtime.BindStyledParameterWithOptions("simple", "Accept", valueList[0], &Accept, runtime.BindStyledParameterOptions{ParamLocation: runtime.ParamLocationHeader, Explode: false, Required: false}) if err != nil { return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid format for parameter Accept: %s", err)) } @@ -442,7 +467,7 @@ func (w *ServerInterfaceWrapper) GetScanReport(ctx echo.Context) error { params.Accept = &Accept } - // Invoke the callback with all the unmarshalled arguments + // Invoke the callback with all the unmarshaled arguments err = w.Handler.GetScanReport(ctx, scanRequestId, params) return err } @@ -484,74 +509,92 @@ func RegisterHandlersWithBaseURL(router EchoRouter, si ServerInterface, baseURL // Base64 encoded, gzipped, json marshaled Swagger object var swaggerSpec = []string{ - "H4sIAAAAAAAC/9x7a28buZL2Xyl0DnDOnFdqyZIvGb1YYBXHO+ODjCewkxlgI8OmmiWJYzbZIdlyNIH/", - "+6JIdqsltXzJ5MPZ/RJYzUs9Vaw7ma9JpvNCK1TOJqOvic0WmDP/59g4MWOZo78Lows0TqAf4WKO1n/n", - "aDMjCie0SkbJhwUCi6v+biFM60CmlRXWCTUHPQOmgMm5NsItcmCKwwK/QKEN7ZEmnQS/sLyQmIwSu2CD", - "o+PRcTbMjgeH06PXfDrN+DDrc/56MD3Mjoaz/uHBj4f8YHB4kh0jTjlj05Ps+KCfzU748fFJ/8fpcJp0", - "Ercq/IbOCDVPHjpJLnK8CV/bmPjl/JczoGEC7BpcbQJkRSFFxmhhb6l4ynV2hyblgghNS89RzpSYoXXp", - "cvD//rBataExWGgrnDardjiK5TWSt54GXOKcqKxgvZbk7JhQJOf9mKWYGmZWvVyruW4D49j8yZOlOc1N", - "h+nBYfcLKsHk7pYP9Rc9/QMzR0ROf7u6eouOCWl31ctm2uDNctAOg5bCIO2DnwYzbTy3y1IqNGwqpHCr", - "dEJynmmTM5eMkpnUzK2BqTKfoiEYkdLwEUrD51CqJTFMB8+hu8TMafM0i2HeHspAU4OQQdhKP4g4jH8b", - "veuNT0e/9Mbl6KJ3OnrfOx9d9Maji024yfg3+nxKs8PEizjxfZtqVLCfktejsLcQ0KLRMO33Kszveu8v", - "R+96HwnH1ehj73T0cwX+ebp1Zow2u1qVo7Vs7g1+Tf1K5wilwi8FZg45oF/7fDKXaAutLO6SwwrF3wzO", - "klHyqrd2tL3oZXsBauv2PzMz1ea3pugukdzkLinWcNSPUasd+kMnmSPt65DfML+u1lnOHHadyLFNAWzG", - "lMIn2bqK02gFLtEIt3pySTWP1KzBdGRROMztU3tsCOvcYZ6sBcuMYat2SVeutEWwpVtoI/5kQcm3dX6s", - "QPu/mYQlk2Xto3/+8OE9jJuLYYGMowGLysG9cAtAli3A4OcSrQOnW337cgDj9+fpRJ2T0y0tcpqJX7IF", - "U3OEN8zi8SGgyjRHDkZPtQOWZbpUDjKDHJUTTFpaxMAutHEgxRI5/Ov3DzQRLY3doYL7hcgWE8Wk1PfW", - "YykVRyNX5FziqdM2RSnlRnCBmdF5G/htO3/DrMjgzfjq7Pjw5uzi9Ne3Z29vTi/P3p5dfDgfv7tqU7fS", - "yBapw5RZhI+X7yD6lz1i2yC/cK6wo16PPHm68LaVcp0zoZ5n7aTSl+G0vo8BmobWPbam1s4Hv+hzKQzy", - "ZPRpvUFnTf/6ceTnvE2cpRKfSwTh1WUm0IBBVxqFHKYrL+BPPVKB63+86hHXId8ZZxkWrrH5NdSDNsSm", - "4FOiUUxUg4CwoLQDkRealHpaOhCONLSUHKZYQUKly/nC653BJZlOpqUUVisL9wtUUNBPNfeRhiD6bMg4", - "u618wxl7fTQ7PuwenRycdA+Pjgfd6XCWdQfZj8fD2fExm7HjNgUM7O1z8YI/xxGuZb99goIn15FIdKqb", - "RxNMprK+NW2wZbYAZn1e2IElKq5Nx+fSSzSWsk7P/yZamvx0ehmpbRrPByOWq/aEgEg/e9e/W+JiKfg2", - "gfHnksEVZqUPAa2EPF/tlOLgoyz008O0/3xTV2jGnBUOzS/oGGeO7ZK+xMIgOXQLeZzk6xuIG0DcIThX", - "iL41xHXSaan1XVmQZ47zM1awqcSJ0rPwjVSbwVwsUUHlO8A6bZCDUCCchcoL+NPP2Z3316VBcAtGRjVR", - "ZBZCOTSFQQdsbdwGbSldm6p4IC+NvpHr02rtajf6btN5xnbv1wu+If/YMrhqeWeTw+v9StDgZuf812NV", - "hVsn4Ra92zOY6bkSfyJfx8u6tLT+yBqzKzUIPqwxMZ2o/9IGojJ3djUmlNVMrv6k44/hUORsHokURvMy", - "C9q0lVxV1CqoQQGnq0pP73HqudMSIRfzhSP3bCrNRx6SmVB4kIITkVq4q9FEdf3yMkfb4Gg0UQBduN0u", - "oHUmUo+7UTYf+LL5ds+K55Tct4QiyOBZKCoHwoL9piSyNMgppg5+2/9fOZ7/OEj7t21mFBm/qbsNtt2B", - "RQVoqMZW24FcfkH01zG5mZQF1vznGADBFphRrPWOggYmSSWBBpxJksI4OJiJos+h6REDsVZyRccdD5t2", - "0gobxwvkGLZi7afk+YdKqcu3tFCuO2uXtNu/2HU522y/4BQqedb10rb8qyK35bBrb0CRsCE1sjXDn5Tb", - "t6jhS0Sz5RzbtLVdeo/4y/ebeTHnItRHm993gG2npPEostI6nTczHx/VKKLNSuMWaCCsnDbkK4Lgq7hZ", - "SXFT2l+TWAPE4W4Ucq/6XTFouwXL7tgcuxtdjKSzb4ONaV1KCqhc6ZYFFda862vsQf/gx27/dfdg+KH/", - "enRwPBoO0+Hh0X8nrelIo4LekZNjijPDiUsZOlQ5MluaqgdYld9BItuNmIn6J9x+VHdK36tb6AIKL1MG", - "NqZiJPqpxDzIfcFC2j5FVMCsFXMVKlIGhRHaL1jRyZnmF7/UFwBQGw0X3O9UB8jUQ7nAuRRzMZVIaBxm", - "CyUyJuWqBVInVA02eCm3QG3Q0WxyU4q50mAHon5b4h3NKnhFJj0U4Upvax3PF5O5tg6UBqGsY1L6KrND", - "vHCNxDcYZBI4857Mw32n7wnnI9gWdDa+ZC+kFg54if6nWgqjVY7KbWAsLSmSpVSCUgbnWHbXIbAMbE6Y", - "2rF51qRwTuIGvl+QizIPED34XZyUHQhb4fO5hFciplZQoC4kpnCuMllykgG6e23ugDPMtQLu+72gZ16c", - "aJYiwwjadiAz2tquFY5cpddZNQ/05rFHTdySmiyFxLnPcv4Jtz+L+aKBuAb6CEI6cAYcZ6yUrhKRP9oG", - "dotG6JLSnVw7jNgJOCVeAXsHpCb9MVq7NS5Asq1Q1gaRU54vtY2AT43wahdA32sjeXdaGs/hXvQKmSGt", - "lvIFPBDaCP8JiDnp0BI3oJL3U2VOnj5afNJJ1gaXdJJ3+j7pJEFpkk5CJ5F0koo/8vrrcirM3fHjux24", - "naI5u8cbwfeE4FOdk2b9juxOobVwpso89hTgvG4fWHI+OhOskX8K+2ib+VNy+vtZ9/Dk+GW5wwbCNsDc", - "32Egh8ZQFfYfbXvz4m7etbo0mT97+gkH6TDtg1sY3/U4SA9ep4MhmafXG6fJYoCB0qr708VHKJjLFqRj", - "c8PyiSLTiq6KgucMgxfWDjOPKsdswZSwudfAqWTqrisUD1k8F7MZLEpFlrvZC4waF+yaZO805Tq8zBxw", - "YXynfwXOMMpCmKwcACwFAwaZYTOHfKLe4lQwBZHjGFM7wCxwcibW1clVaeNFYVNEWsEFujdXb4Mcdw5u", - "Jr7cvKRHEAFsX5nNxBcQM2BLJiQJffvU/Jn02wAI3k53t7nWqh1bVyJn3UH/4KT7evB62EZMCnW3x4Kk", - "sD518lOqvnJZWGeQ5VClI7ZRtpVSvlR7P9Xt1CqidJ1hIXH355xqM+/FT71Ndq4b92OlEUnDHLe+P53Z", - "h0Pc05j3fkPNwa6sw3zfiT9ppG1ACoMzNAb5Tba0T3Yymned33oj4vtsN8yFouix7NqZEluyyO9gHI+K", - "6iA9OEkHJ8/psHkZBLW5Il4DN77ZOS7don6FQGum9HW9KakdcfMGmUGzO9t/3p5OBIWa6ViSu9iox5wJ", - "mYySTGWzbkjmuzkTnmU09j/JkmxKo6nQu0XKq1fw65ISB7ynRPoDRaDx+3PIS+t7JIIEkwfvSoWz4aFY", - "Dw0775wV3q/7QlVqLBR8Cr2X639UVjbXsdgQ+oe645cGso3u/CPN+R985hVm9r7Svzfx7ulG8IdeqCo3", - "tvgJ43oa+aHR2wdmEExoiosqofHNisyVlGTWnUvFY7MxdqyqXlNoTVKICBvEDsVux+mFLNaDPmbalcoW", - "Ritd2hTO69sFVJ9LLEOz5A899egLozO0NjTIItJwMdfggRas3XgK/sR3mrqFlpLinjZBRLy6QKuYrxzv", - "RH2P00hrqQkpgWql77c3FJQz81iBbfwolRMShIuysTDo9ynxPOr3qSZ1pYVMc5/TVwdYtci3SVf99Sbh", - "KFVWMcd4TjriE4+ZmJcG48HUphStJ2ZBwmZ6Sbbk7EZfwMN59Qqu6mZabHrwRteH5ry0NfntjcktPLHd", - "8gw839ikbNspOuN008GHvZrrD25fjMSw+9AZlSLDeIkWLqKSccGyBcLA51P+ptf761Gvd39/nzI/6vOI", - "uNT23p2fnl1cnXUHaT9duFz6nEA4H3+ipmxfvYzfnyeN4EdhilbpAhUrhH+51PcACuYWPg7Viko/5tjy", - "yu1jvIefIeXf66ut+hKIdHBD7fxt6IZ3Emqp78I201JIDv6ShuOXxkWAnajt/r5t3ghV79PWTeLWO6Dm", - "vahvnU0pwhtiIhiR4mgwtiNrkOc8GSUN80w6SfT5IVwP+v0qnqLyQnpKLSrxtDQt63eHz7zY2b6a8yF+", - "85Cunj4WUoSjF7Ph3/X8FR423w21QD9XDo3y7RpDXgzrR0K2zHNmVuFk6owhXx+RY3NL6Xl1AXZNq3wo", - "8IW4bnu0OfYF5VTqzCvOWk3DtWWMl7aKjBQz11HRgshz5FSKy5UPs9V3FkufjXv/sGVUwuo9iw+ZFIbX", - "PfYNna0vo9pUdCcNSEJXG617o/nqhYdLv9O4/K/qaYWn5YRPQ2JtQ4OmasJvvK8JJl5nhyRxy5ZIMbd6", - "7OCTrJg7zYTEqtKhgKlWoN2CAqLUWQyq/r2PiK2E5kX5RIUHKRvmPfg20YU9/rrs9pvH1UZ+5o8fOTFw", - "+G9oy5eYoX9xJdSSScHhX1e/XlTvlu6NptIqunE/4p+Rec90OBj8+3MzEyj5/2Y/GtzHVhVGdmVqb7Lf", - "p+5Nr/emDj/5FxjNcqAqntaXVbVuN4oNygFPpfBvTXymv5maa+80hG2m0BTsFpjdwe3fKqtMQ2p+W6fv", - "Nj5bxM8lkxZuB/3+LSnn7VG/f7snIViXCj5rMixHh4Yk1NZZ2O17tVZGlax9n5xjMpoxaZHK9mTkU7Ok", - "U6WNWyJPmpeYoffxYhd97lXYulX4Xwe+ck8eOl8feen//Jw5iVyEB6BrPoLmJU24252T67+ccz3ryvjZ", - "Frf/STKZxAvLgk2ya0l/nSiASdXxis8Yskkyoo+bb1duwm6TZKIeJu3vOP/CuX0XseyLXmG4kwz7Lf8F", - "4CpU0EJxD726ym14DWFhijSwTpmqx0SV91g/pjTojECeJp2ohF6ZLnFm0C6645lre3t4HohjeAzs348t", - "mQQ2Wz9oe5LajmbTNnP/LuvBx+vDtkdVSmkHMxHZ2e8uGr7l/0ImXylFa8BptEy9o200Sz9dk6dqNkQ/", - "XZPnCCSDXw7VdY8Vorc8SB6uH/4nAAD//03Ne132NQAA", + "H4sIAAAAAAAC/+xce3Pbtpb/KhjmzrS9K1Gy7Dipdu7sKo639Z0k9cRJe2cjjw0ShxJqEmAAULKa+rvv", + "HAB8SdTDabqbu3PzRxKTBM4BcB6/84A/BbHMcilAGB2MPwU6nkNG7X8nyvCExgb/nyuZgzIc7BvGZ6Dt", + "cwY6Vjw3XIpgHLybA6F+1DeauM96JJZCc224mBGZECoITWdScTPPCBWMzOGe5FLhHGHQC+CeZnkKwTjQ", + "czp6ejo+jY/j09FJ9PQ5i6KYHcdDxp6PopP46XEyPDn6/oQdjU6exacAEaM0ehafHg3j5Bk7PX02/D46", + "joJeYFa5ndAoLmbBQy/IeAY37mnXIl5fvD4n+BoZNo1VtRmkeZ7ymOLAwUKwkMn4DlTIOBKKCruijAqe", + "gDbhYvRvv2opurhRkEvNjVSrbnYEzSpOXloa5C3MkMqK1GNxnw3lAvd5O88pjxRVq0EmxUx2MWPobO/J", + "4jfNSY/Do5P+PQhO080pH6onMvoVYoNEzn6+unoJhvJUb4qXjqWCm8Womw0cSkbhkNjPSCKVXe2iSAUo", + "GvGUm1U4xX1OpMqoCcZBkkpqasZEkUWgkA1P6XgHpeNDKFU7cRyODqG7gNhItX+J7rstlAl+6jaZcF3K", + "BxInk5/HrwaTs/HrwaQYvxmcjS8HF+M3g8n4TZvdYPIzPj7Dr92Hb/yHl12iUbK9b792sr3GAQ4aH4fD", + "Qcnzq8Hl2/GrwXvk42r8fnA2/rFk/jDZOldKqk2pykBrOrMKX1O/khmQQsB9DrEBRsCOPZzMW9C5FBo2", + "yUHJxV8UJME4eDKoDe3AW9mBY7Vz+h+piqS6imT2FtA6blKgDfu8i0hlxx96wQzwJAywG7rFfhte2xpl", + "KZNqUNhUKkYN9PHrTvsKjNMdBtbNUtLRkcwIo4ZaUyWKLBh/aBlXnbP70nquG914FadSQPnBdQc3OL/d", + "McY4jqPpZWMnjSqg18GjokvLVIvLai9ItHJPYyoEqDDoOEP/bt8BXfnPrIYJJtUNNc6B+IN+FNv116Se", + "plyDm7+D2e0i+HNTe/9MWTxMsh6/pxoWoLhZ7R1Sfofn0Fi0XyI3kOl9c7Q268JAFtQbS5Wiq+6dLr15", + "x8YWZi4V/426E17XpYkgMvenvaBpUanuj+/eXZJJczCZA2WgiAZhyJKbOQEaz4mCjwVoQ4zshBeLEZlc", + "XoRTcYF+v9DA8Eu4j+dUzIC8oBpOTwiIWDJgRMlIGkLjWBbCkFgBA2E4TTUOokTP0ZykfAGM/P2Xd/gh", + "aHx3B4Is5zyeTwVNU7nUlpdCMFDpCv2bP3WcJi/StIVvSKJk1sX8uqt5QTWPyYvJ1fnpyc35m7OfXp6/", + "vDl7e/7y/M27i8mrqy5xK1TaseskohrI+7eviHdxW7atRX5uTK7HgwGCiXBudStkMqO8hVWQ4EH+B13D", + "JVU0AwOqC0VFMrup7XBbhv8EI7tfylEn3zpx+zIWBASNUmA3Mc1bqto+rXP7lZMv0vyU6CJHc+aMuRex", + "noUtEY3vllQxghxQw51C96zeyMIQM+eaJBxSVolmTAWJwAU7DJRXFEebpmmbcrQiDBJapBadV8fS3pK8", + "dbo7LX39aYW6kK9Su3vV06sXP722kU2POBEkS26ZU2rlrMLtuuDc4kJ0DjFPnMur0JITWkfSTowRCIi1", + "iOPTVBAy3ZDHaTAmH/AVvuyUw2nQ63q/KY/TAL+7nooHq/GiSFPc9tJHSgE/JcH4wx7z39anh+uHHp4H", + "K2LQN1W8uOUoNFgwU8WN1uE6+KS3YobqUFBmiqxFpgIdGPpVooPhXiwV6xFuEPNToovI0lYkKdLUs2Hm", + "MBUdvJeTtuYzhRI1axkYakHP5PKi5+w9chmnHN2GkSThAshMUY6D8LyVTMt5K8HwwBGJhsR6Dlr5qamw", + "etMjUqQrYg8WGFnOQZRUBACzHiMutJEZ/w0INz0izRzUkmto7SFKuZlzcUe4o1PuA9UkggQDtwjmdMGl", + "IjzpUOA1L/FhQ9Y0xAXighAlOHRLs2L372QBSnMp/nYUDtEmVnq8xziWP3fi70bWwapwfVhNdNyKqQIP", + "ca9b2RN80uVJ0CZwBQynsW+vO2z1OsOqgVB2aVGFZNYpVRP0alN/vdtJXLAu11sI/rEAwi20SDioDRn+", + "MMCNu/72yQCtqTvISRxDbhqTX5PqpXahdCsmmYoGAa6JkIbwLJeoEFFhUP/0XBYpQ5vvWQIhi9ncYhQF", + "C5TkWKYp11JoJ985/ihmVqO8ebYWYh2oHCf0+dPk9KT/9NnRs/7J09NRPzpO4v4o/v70ODk9pQk97QIr", + "bnnbIlLODgHN9d6vnyBnwbUn4gF4+2gcvCr1sqZNdBHPUR0FzaDnQ5CeTf15/XHrb3OLH+/PhjWir3r7", + "3im+WHXnL5D0wbN+o3EVC/TmbQKTjwUlV94sdBOy6+qm5F/uXMIwPAmHB+JAN37CaG5Avfb2e5P0W8gV", + "IPjXtZGXCaHET0D8DB4oeRzuYkCU6VTKuyJHl1NZ3hrQTIVM3AuUb0pmfAGClFiNaCMREHFBuNGkNAVW", + "BDJ6ZwF+odCuU9SsqUDd4MKAyhVa8lrDFWjETB3yso4B671EkPGpBBK4fYg8pm0L2oAaHc64AVW6wIiM", + "ecgzOoNGsveojWC6hh2SLXbIhpDrir0Ot76HvVLAqDvfEBfu3ZgPQza9WUUX/3mwxDu2EF3M/+udO8jz", + "b1KqgXkjk4O0PtW0dsDhQyDx4bC4OkZCHuxpTsW11Z+DEhreOJxVIKQLHLQ18YDpGnmsz0jprPmlcniv", + "bQOut9vKxmo2zGT9rqxb1VjcoWuE4DPBfwNWpyAawB+NWuPr0lp6SFx/GE7FVPyXVMRbqt66aU3Blcto", + "uvoNTaTPMVh9cWScRDuLu5axKumVzOJ0UxGtSoO+hMiuT6ZAMj6bG8QxqnQRCMgxFnQFBfQESKRGouOp", + "6FdRS2NNYxSwPrk9XM9vt4w4RMVvkYtSqw/g4nMM4e1jT6kUic0TsvnjPcfymUeByx5bAv+cB3OQnb3t", + "8PqdlnZNqfXOxHiJxdcRTUgunNbbgIxru7s9fIIgxiOSZgrJ2nLSirNtTsSFFf/HKZENS9jhqx+R2Wim", + "X9fSaM3Y3EZCVgoa5STtc0ncAUJ8scU3h2TigORU4GN3Ej7qssmDCIjXEpxJilZmA93b3th+u/x3JEEP", + "Ku8/Kg3wteaX9udEPsOU/hkZkppzl+KsrPQ3LXj/TW1PdcNWt6oIVrNre71euK59am8qvkHNbU3qz6Ac", + "GUulbCDObHCDlr88jIqgi7Oi8rhYSC4EkYo5xcFPqyw0upJEqlZGOoXeVFivYNPQXFcZth5ZQjsnJhWf", + "cTR869tisxA8IUK6KL2ZEduTadqdWOqyL93yvgOnXW6x9e3nG6K0njHyyuOyic3EhI03cQeSQpk5KOJG", + "RtBO1tso2UW0pdy39eNT4Ms5/nXfq8Wg/LlcoO7nNL6jM+iv7+qWCVqf9TFmj6iGfpEz1Pe+rRiNhkff", + "94fP+0fH74bPx0en4+Pj8Pjk6X8HndmCRjF0Y58MFQxFTMc0df0uGVBdqFKqy0qq25H1to6p+Cu5fS/u", + "hFyKW9InwO2eUlK6d9z6KIXM7fucuqxaBCAI1ZrPhKuZUJIrLu2AlUttN57YoTY/RyozxzizM1XAPLSs", + "vIFZymeoKMiNgXgueEzTdNXBUs8l9bTzK2YOUoHBr9GxCGoKBT3i5RsVagFq5fwYTS0r3BTWOvbsumia", + "SW1Qq7jQhqapLRj2cC1MAq6bKKApYdT6HsvuK7lEPnfwNsezsdXXPJXcEFaAqzEtuJIiA2FaPBYaBUlj", + "CIOhijE0vrPogRKdIU/dvNmlpdyYFFr8vQbGi8yxaJnf5BPNFNclfxYbWyGiYkVykHkKaOPitGC4B2CW", + "Ut0RRiGTgjDbPUZkYrcT1ILH4JnWPRIrqXVfc4PW0sqsmDl6M9/xhqtFMVnwFGY2uvoruf2Rz+YNjitG", + "d3CIB07L4ly5RfZoG7xrUFwW6BAyacDzjoxjwOd475FUovwoKU3NFwHULZd1dltODSWp1J7hM8Wt2Dmm", + "l1KlrB8Vyq5wK/cCqEKpTtNHrAG59ezvYTFDGVpAi9WGf/AaH/SCWuGCXvBKLoNe4IQm6AV4EkEvKNfX", + "LlW4bzfs+GYzxUZOO17CDWdbQNOZzFCyfgF6J0Brci6KzKf8yUWV3ddofGTMaSPU4npn09qH4OyX8/7J", + "s9PHQZoWh10MM9sRCYw0XlWdO7ua6Fh+N+trWajYnj3+SI7C43BIzFzZosRRePQ8HB3boiHKjZGoMYQS", + "IUX/hzfvSU5NPEcZmymaTQWqljdV6DwTcFZYGogtVxnEcyq4drgmSqm463PBXMDKeJKQeSFQc9ttHV7i", + "nF7j3huJ6JQVsSGMK9s3uCJGUcSNLlBDA0AWnBJKYkUTA2wqXkLEqSB+xd6n9gjVhKEx0aaCw4X2bcfN", + "LZKCvAHz4uplOO3sx034/c1jUviegfUG3ITfI7aiC8ptPXr91OyZDLsY4Kyb7mbtq1M61hosz/uj4dGz", + "/vPR8+MuYikXd1s0KOXaQif7SYlKi1wbBdR17KHv0I0MRZGmj5XeD1VnTOlR+kZRF2rZcw6lmg38o0F7", + "OdetzhnezGquPd8fi7lD3NJjVYJ7vdIGsm0nvldJuxjJFSSgFLCbeKH3ZlCbndOf29z22CbDDRT5BZRj", + "51YdhUfPwtGzQwpgdg+c2FzhWt1qbC1yUph5dacBx0T4tJ4UxQ5X8wKoArX5tX28/jkS5CKR1vvgklzL", + "EmSUp8E4iEWc9B2Y72eU2yWD0v+JmqRDfBtyuRmkPHlCflogcIAlAul36IEmlxckK7RNB3LcmMxZV96I", + "El0pzRpnAcs6tiyhMRfkg0stXn9batlM+mCDy++qWlzoyDaK5ztq599Z5OW+HHzCv298o9ENZw8DFya3", + "pvgB/Hh8812j9E6oAuJCZc1LQGPD5NgUCDKrmqJgPunmM7BVk4ktGqKLcBP4nNJmnvuRS6xeWp+pVyKe", + "KylkoUNyURX/QXwsoHDprV9lZLnPlYxBa5/0bXRhNdeAA2ozHhJ74hs111ymKfq9djahsfjS8E7FlziN", + "sNo11xPmGi2/zNwkR8zMfARWCMPTZh51NBwi1nw6HGIYagpNYsl8kcSdWVm0XqdWVrybtPxG0nI9lGUo", + "FhZrJHxWKPBnUWmPVxgPfLiO5QLVx+h2UhjZefKEnLVK31PxO2mUjd6tciC/k6sqK+pzIayZvmu+91mR", + "9nuctN/+QzaePPY9Ttq2vIT8/riqQDEcHseRsv/C51UHukh+Xm1mNzNVWaHta9yszZmO9s60gztFl7du", + "YwlxmT7/5yvZ2MNqKygbAWLBGHzzkGvACSY5jedARhao2m5o6wjHg8FyuQypfWsBmh+qB68uzs7fXJ33", + "R+EwnJsstWCLG+vYvT6ut5xMLi+CBqoIjsIRjpI5CJpze8FsaBnIqZlbB1+ZA/xhBh2XWd77XvUEMLCp", + "W3qq5hfU9HbFBw1Ny+xzsZB3bpqo4Ckjti+FwX2jsqunYr0QqJtNMGW6ul0Y3Gh7afaDlb3EOVW4CGeq", + "hG0qdkipYvKCBeOgYQSDXuCdqcNBo+GwBCog7CbtE+1yezry99X10AMr9estSQidPpv80RcgvwG7rvZL", + "Bcrh00fvor399Ue2sH27rIP1C2FACZuGU+iqoLpKposso2rlBKNCglktIYbONIZdZUPFNY6yLt4mWGTX", + "1d6JTRREqYyt3NZa4qoYHgfpEvEgFqrRjiY8s2VOA+nKwqfyOfUhbavdsuzUtzpQXjmxUAjhVV3taqlM", + "VUPv0pANeBe4agVo80Ky1SMPF38O/fA/qiYlP4foxk66R59Ld0Oyzlygpl3CryzqtK7eOMtWRRt40pou", + "AAFdVU+311KFT4SkUEbOiMbEyjVzT0UqY4/Y7FUg7lNTzb7IqXD9xy2rNvq8I3Nz/PEz266WVy28b8UO", + "GC7g5Cu0IW8hBnsZi4sFTTkjf7/66U15pWmpJIbq3nvZN/aGmbWIJ6PR178aW8z8J7PfyOzRV8fsu0ZT", + "gavbNXsGjCRzKlgKG/eO1vyRM8NrWQq0E6qyytt909bwcysC/MH2DjfD5TK5UBdzK11tBOMY0Z3Zqyja", + "RcKt0NU6IlsiaMSbCBrmEN+R27+UViZ0cextFetqf0MTPhY01eR2NBzeorLdPh0Ob7fgujqUtuC3vg/2", + "oSvztpkX7swclHtt60gMgnFCUw29gOM8iLCDXon+17Y8aBb5XW7w0S7nwqqkNit3S8VmtoKH3qcdv1fj", + "8EAu8Ktwd13rdTjJC5rsbmQW13e0bsyqOpZ09SsW3EURd5tOuoY9ozig+amuo5Ya4/W017g04mvjV5cv", + "/+EmkYqcuQaul//4Ipfg7TZ8LMDeuClPs91vtnM7rv9wJHFQT9DBNmr7ZfRDoNNawN4mu9GX5xPk/tTj", + "zfsCHPSNm20arLXYNTLVn3mR7JFb0vgVETuJ7tedL3IW2xCRe90Ljocdv/TkyqX8uGCW9bLdpGG5uSYR", + "4Isa/peN1qUFr+9jOV20v67CGQIrwW8hUaDn/Uliuq4vXTjiXsft7ZMFTQlN6jsxe6ltqBNOM7M96w9f", + "KQZ8QVm1pspy1dc9rQUpD8G2/UydO54G5bCQtPqj7Qg8KWvXyr44WZ6k62YR0pCcuiS5I1E5N/Ltf6zZ", + "qb/d399/1ytx6R2sBq1fdbA+3t/WsxiwaXN95v1kOAwdID/p6v4XODbhXra2+8+Gs/0XxPxfhphVN/CW", + "fEdpbjrhZKNgaGFUo1T44RpRQLMc+OEaHaHbP4e6XAp0QHM+WBwFD9cP/xMAAP//07Ks5UJNAAA=", } // GetSwagger returns the content of the embedded swagger specification file @@ -559,16 +602,16 @@ var swaggerSpec = []string{ func decodeSpec() ([]byte, error) { zipped, err := base64.StdEncoding.DecodeString(strings.Join(swaggerSpec, "")) if err != nil { - return nil, fmt.Errorf("error base64 decoding spec: %s", err) + return nil, fmt.Errorf("error base64 decoding spec: %w", err) } zr, err := gzip.NewReader(bytes.NewReader(zipped)) if err != nil { - return nil, fmt.Errorf("error decompressing spec: %s", err) + return nil, fmt.Errorf("error decompressing spec: %w", err) } var buf bytes.Buffer _, err = buf.ReadFrom(zr) if err != nil { - return nil, fmt.Errorf("error decompressing spec: %s", err) + return nil, fmt.Errorf("error decompressing spec: %w", err) } return buf.Bytes(), nil @@ -586,7 +629,7 @@ func decodeSpecCached() func() ([]byte, error) { // Constructs a synthetic filesystem for resolving external references when loading openapi specifications. func PathToRawSpec(pathToFile string) map[string]func() ([]byte, error) { - var res = make(map[string]func() ([]byte, error)) + res := make(map[string]func() ([]byte, error)) if len(pathToFile) > 0 { res[pathToFile] = rawSpec } @@ -599,13 +642,13 @@ func PathToRawSpec(pathToFile string) map[string]func() ([]byte, error) { // The logic of resolving external references is tightly connected to "import-mapping" feature. // Externally referenced files must be embedded in the corresponding golang packages. // Urls can be supported but this task was out of the scope. -func GetSwagger() (swagger *openapi3.Swagger, err error) { - var resolvePath = PathToRawSpec("") +func GetSwagger() (swagger *openapi3.T, err error) { + resolvePath := PathToRawSpec("") - loader := openapi3.NewSwaggerLoader() + loader := openapi3.NewLoader() loader.IsExternalRefsAllowed = true - loader.ReadFromURIFunc = func(loader *openapi3.SwaggerLoader, url *url.URL) ([]byte, error) { - var pathToFile = url.String() + loader.ReadFromURIFunc = func(loader *openapi3.Loader, url *url.URL) ([]byte, error) { + pathToFile := url.String() pathToFile = path.Clean(pathToFile) getSpec, ok := resolvePath[pathToFile] if !ok { @@ -619,7 +662,7 @@ func GetSwagger() (swagger *openapi3.Swagger, err error) { if err != nil { return } - swagger, err = loader.LoadSwaggerFromData(specData) + swagger, err = loader.LoadFromData(specData) if err != nil { return } diff --git a/api/openapi.yaml b/api/openapi.yaml index 531fd26..5b3cb76 100644 --- a/api/openapi.yaml +++ b/api/openapi.yaml @@ -10,37 +10,34 @@ info: The [/scan](#operation/AcceptScanRequest) operation is asynchronous. It should enqueue the job for processing a scan request and return the identifier. This allows Harbor to poll a corresponding scan report with the [/scan/{scan_request_id}/report](#operation/GetScanReport) operation. Harbor will call the - [/scan/{scan_request_id}/report](#operation/GetScanReport) operation periodically periodically until it returns 200 or 500 status codes. + [/scan/{scan_request_id}/report](#operation/GetScanReport) operation periodically until it returns 200 or 500 status codes. The [/metadata](#operation/GetMetadata) operation allows a Harbor admin to configure and register a scanner and discover its capabilities. - ## Supported consumed MIME types + ## Capabilities - - `application/vnd.oci.image.manifest.v1+json` - - `application/vnd.docker.distribution.manifest.v2+json` + | Capability Type | Supported consumed MIME types | Supported produced MIME types | + | --------------- | ----------------------------- | ----------------------------- | + | vulnerability | `application/vnd.oci.image.manifest.v1+json`
`application/vnd.docker.distribution.manifest.v2+json` | `application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0`
`application/vnd.security.vulnerability.report; version=1.1`
`application/vnd.scanner.adapter.vuln.report.raw`| + | sbom | `application/vnd.oci.image.manifest.v1+json`
`application/vnd.docker.distribution.manifest.v2+json` | `application/vnd.security.sbom.report+json; version=1.0` | - ## Supported produced MIME types - - - `application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0` - - `application/vnd.security.vulnerability.report; version=1.1` - - `application/vnd.scanner.adapter.vuln.report.raw` contact: email: cncf-harbor-maintainers@lists.cncf.io license: name: Apache 2.0 url: http://www.apache.org/licenses/LICENSE-2.0.html - version: "1.1" + version: "1.2" servers: - - url: /api/v1 +- url: /api/v1 security: - - BasicAuth: [] - - BearerAuth: [] +- BasicAuth: [] +- BearerAuth: [] paths: /metadata: get: tags: - - Scanner + - Scanner summary: Get scanner metadata description: | Used to fetch scanner's metadata and capabilities. The operation is invoked to build an index of scanners @@ -50,6 +47,9 @@ paths: 200: description: Scanner's metadata and capabilities content: + "application/vnd.scanner.adapter.metadata+json; version=1.1": + schema: + $ref: '#/components/schemas/ScannerAdapterMetadata' "application/vnd.scanner.adapter.metadata+json; version=1.0": schema: $ref: '#/components/schemas/ScannerAdapterMetadata' @@ -62,7 +62,7 @@ paths: /scan: post: tags: - - Scanner + - Scanner summary: Accept artifact scanning request description: | A non-blocking operation which enqueues a scan job and returns immediately. It returns a unique @@ -73,6 +73,9 @@ paths: Contains data required to pull the given artifact and save it for scanning in the file system or any other location accessible to the scanner. content: + "application/vnd.scanner.adapter.scan.request+json; version=1.1": + schema: + $ref: '#/components/schemas/ScanRequest' "application/vnd.scanner.adapter.scan.request+json; version=1.0": schema: $ref: '#/components/schemas/ScanRequest' @@ -101,10 +104,16 @@ paths: "application/vnd.scanner.adapter.error+json; version=1.0": schema: $ref: '#/components/schemas/ErrorResponse' + 501: + description: The scanner has no capability to handle the scan request + content: + "application/vnd.scanner.adapter.error+json; version=1.0": + schema: + $ref: '#/components/schemas/ErrorResponse' /scan/{scan_request_id}/report: get: tags: - - Scanner + - Scanner summary: Get scan report description: | Get a scan report for the given scan request identifier. @@ -112,19 +121,28 @@ paths: Clients will periodically poll this operation and check `$response.status` until its value equals `200` or `500`. operationId: GetScanReport parameters: - - name: scan_request_id - in: path - description: The identifier of the corresponding scan request - required: true - style: simple - explode: false - schema: - $ref: '#/components/schemas/ScanRequestId' - - name: Accept - in: header - schema: - type: string - example: "application/vnd.security.vulnerability.report; version=1.1" + - name: scan_request_id + in: path + description: The identifier of the corresponding scan request + required: true + style: simple + explode: false + schema: + $ref: '#/components/schemas/ScanRequestId' + - name: Accept + in: header + schema: + type: string + example: "application/vnd.security.vulnerability.report; version=1.1" + - name: sbom_media_type + in: query + description: media_type specifies the format of SBOM to be retrieved from the scanner adapter, it should either SPDX SBOM or CycloneDX + required: false + schema: + type: string + enum: + - application/spdx+json + - application/vnd.cyclonedx+json responses: 200: description: Scan report @@ -142,6 +160,9 @@ paths: { "vendor_specific": "vulnerabilities_report" } + "application/vnd.security.sbom.report+json; version=1.0": + schema: + $ref: '#/components/schemas/HarborSbomReport' 302: description: Status indicating the scan report is being generated and the request should be retried. headers: @@ -149,6 +170,13 @@ paths: description: Indicates the interval after which the request should be retried. schema: type: integer + 400: + description: Bad request from the client to query report of a "/scan" request. For example, querying SBOM generation report, but not passing + query parameter (?sbom_media_type=xxx), or the key/value of the query parameter is not valid, it should return 400. + content: + "application/vnd.scanner.adapter.error+json; version=1.0": + schema: + $ref: '#/components/schemas/ErrorResponse' 404: description: Cannot find the corresponding scan request identifier 500: @@ -157,6 +185,12 @@ paths: "application/vnd.scanner.adapter.error+json; version=1.0": schema: $ref: '#/components/schemas/ErrorResponse' + 501: + description: The scanner has no capability to handle the mime type + content: + "application/vnd.scanner.adapter.error+json; version=1.0": + schema: + $ref: '#/components/schemas/ErrorResponse' components: schemas: Scanner: @@ -178,8 +212,8 @@ components: Basic scanner properties such as name, vendor, and version. ScannerAdapterMetadata: required: - - scanner - - capabilities + - scanner + - capabilities type: object properties: scanner: @@ -188,10 +222,39 @@ components: type: array items: $ref: '#/components/schemas/ScannerCapability' + example: | + [ + { + "type": "vulnerability", + "consumes_mime_types": [ + "application/vnd.oci.image.manifest.v1+json", + "application/vnd.docker.distribution.manifest.v2+json" + ], + "produces_mime_types": [ + "application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0" + ] + }, + { + "type": "sbom", + "consumes_mime_types": [ + "application/vnd.oci.image.manifest.v1+json", + "application/vnd.docker.distribution.manifest.v2+json" + ], + "produces_mime_types": [ + "application/vnd.security.sbom.report+json; version=1.0" + ], + "additional_attributes": { + "sbom_media_types": [ + "application/spdx+json", + "application/vnd.cyclonedx+json" + ] + } + } + ] properties: $ref: "#/components/schemas/ScannerProperties" description: | - Represents metadata of a Scanner Adapter which allows Harbor to lookup a scanner capable + Represents metadata of a Scanner Adapter which allows Harbor to lookup a scanner capabilities of scanning a given Artifact stored in its registry and making sure that it can interpret a returned result. ScannerProperties: @@ -206,6 +269,7 @@ components: ScannerCapability: description: | Capability consists of the set of recognized artifact MIME types and the set of scanner report MIME types. + For example, a scanner capable of analyzing Docker images and producing a vulnerabilities report recognizable by Harbor web console might be represented with the following capability: - consumes MIME types: @@ -213,11 +277,29 @@ components: - `application/vnd.docker.distribution.manifest.v2+json` - produces MIME types: - `application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0` + + For example, a scanner capable of analyzing artifacts and producing a sbom report recognizable + by Harbor might be represented with the following capability: + - type: sbom + - consumes MIME types: + - `application/vnd.oci.image.manifest.v1+json` + - `application/vnd.docker.distribution.manifest.v2+json` + - produces MIME types: + - `application/vnd.security.sbom.report+json; version=1.0` required: - - consumes_mime_types - - produces_mime_types + - consumes_mime_types + - produces_mime_types type: object properties: + type: + type: string + enum: + - vulnerability + - sbom + description: | + The type of the capability, for example, 'vulnerability' represents analyzing the artifact then producing the vulnerabilities report, + 'sbom' represents generating the corresponding sbom for the artifact which be scanned. In order to the backward and forward compatible, + the field is optional, we think it's a original 'vulnerability' scan if no such field. consumes_mime_types: type: array items: @@ -226,8 +308,8 @@ components: The set of MIME types of the artifacts supported by the scanner to produce the reports specified in the "produces_mime_types". A given mime type should only be present in one capability item. example: - - "application/vnd.oci.image.manifest.v1+json" - - "application/vnd.docker.distribution.manifest.v2+json" + - "application/vnd.oci.image.manifest.v1+json" + - "application/vnd.docker.distribution.manifest.v2+json" produces_mime_types: type: array items: @@ -235,20 +317,67 @@ components: description: | The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record. example: - - "application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0" + - "application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0" + additional_attributes: + type: object + descriptions: The additional attributes for scanner capabilities. If the type is sbom, then it returns supported media types of the SBOM format. + example: | + { + "sbom_media_types": [ + "application/spdx+json", + "application/vnd.cyclonedx+json" + ] + } ScanRequest: required: - - registry - - artifact + - registry + - artifact type: object properties: registry: $ref: '#/components/schemas/Registry' artifact: $ref: '#/components/schemas/Artifact' + enabled_capabilities: + type: array + description: Enable which capabilities supported by scanner, for backward compatibility, without this field scanner can be considered to enable all capabilities by default. + items: + type: object + required: + - type + properties: + type: + type: string + enum: + - vulnerability + - sbom + description: The type of the scan capability. + example: sbom + produces_mime_types: + type: array + items: + type: string + description: | + The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record, it is a subset or fullset of the + produces_mime_types of the capability returned by the metadata API, used for client to fine grained control of the expected report type. It's a optional + field, only applied when client needs to customize it, otherwise the scanner can think it's a fullset as before behavior if without this field. + example: + - "application/vnd.security.sbom.report+json; version=1.0" + parameters: + oneOf: + - $ref: '#/components/schemas/SbomParameters' + nullable: true + description: The additional parameters for the scan request, for the SBOM type, harbor will carry with `sbom_media_types` to specify the expected formats for SBOM content. + example: | + { + "sbom_media_types": [ + "application/spdx+json", + "application/vnd.cyclonedx+json" + ] + } ScanResponse: required: - - id + - id properties: id: $ref: '#/components/schemas/ScanRequestId' @@ -258,12 +387,23 @@ components: identifier is not imposed but it should be unique enough to prevent collisons when polling for scan reports. type: string example: "3fa85f64-5717-4562-b3fc-2c963f66afa6" + SbomParameters: + type: object + properties: + sbom_media_types: + type: array + items: + type: string + enum: + - application/spdx+json + - application/vnd.cyclonedx+json Registry: type: object properties: url: type: string description: A base URL or the Docker Registry v2 API. + format: url example: https://core.harbor.domain authorization: type: string @@ -349,7 +489,7 @@ components: The list of links to the upstream databases with the full description of the vulnerability. format: uri example: - - https://security-tracker.debian.org/tracker/CVE-2017-8283 + - https://security-tracker.debian.org/tracker/CVE-2017-8283 preferred_cvss: $ref: "#/components/schemas/CVSSDetails" cwe_ids: @@ -357,7 +497,7 @@ components: items: type: string example: - - CWE-476 + - CWE-476 description: | The Common Weakness Enumeration Identifiers associated with this vulnerability. vendor_attributes: @@ -382,12 +522,37 @@ components: remote root privilege escalations, or massive data loss. example: Low enum: - - Unknown - - Negligible - - Low - - Medium - - High - - Critical + - Unknown + - Negligible + - Low + - Medium + - High + - Critical + HarborSbomReport: + type: object + properties: + generated_at: + type: string + format: 'date-time' + description: 'The time of the report generated.' + artifact: + $ref: '#/components/schemas/Artifact' + scanner: + $ref: '#/components/schemas/Scanner' + vendor_attributes: + type: object + additionalProperties: true + description: 'The additional attributes of the vendor.' + media_type: + type: string + enum: + - application/spdx+json + - application/vnd.cyclonedx+json + description: 'The format of the sbom data.' + sbom: + type: object + additionalProperties: true + description: 'The raw data of the sbom generated by the scanner.' ErrorResponse: type: object properties: diff --git a/go.mod b/go.mod index 5447123..8621776 100644 --- a/go.mod +++ b/go.mod @@ -5,65 +5,71 @@ go 1.20 require ( github.com/brianvoe/gofakeit/v6 v6.4.1 github.com/containerd/containerd v1.3.2 - github.com/deepmap/oapi-codegen v1.6.1 github.com/deislabs/oras v0.8.1 - github.com/getkin/kin-openapi v0.53.0 - github.com/google/uuid v1.2.0 + github.com/getkin/kin-openapi v0.122.0 + github.com/google/uuid v1.5.0 github.com/heetch/confita v0.10.0 - github.com/labstack/echo/v4 v4.2.1 + github.com/labstack/echo/v4 v4.11.4 github.com/mborders/artifex v0.4.0 github.com/mroth/weightedrand v0.4.1 - github.com/pkg/errors v0.9.1 - github.com/sirupsen/logrus v1.6.0 + github.com/oapi-codegen/echo-middleware v1.0.1 + github.com/oapi-codegen/runtime v1.1.1 + github.com/sirupsen/logrus v1.8.1 ) require ( - github.com/BurntSushi/toml v0.3.1 // indirect + github.com/BurntSushi/toml v1.3.2 // indirect github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 // indirect github.com/Microsoft/hcsshim v0.8.7 // indirect + github.com/apapsch/go-jsonmerge/v2 v2.0.0 // indirect github.com/bugsnag/bugsnag-go v1.5.2 // indirect github.com/bugsnag/panicwrap v1.2.0 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f // indirect - github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect + github.com/deepmap/oapi-codegen/v2 v2.1.0 // indirect github.com/docker/distribution v2.7.1+incompatible // indirect github.com/docker/go-metrics v0.0.0-20181218153428-b84716841b82 // indirect github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 // indirect - github.com/ghodss/yaml v1.0.0 // indirect - github.com/go-openapi/jsonpointer v0.19.5 // indirect - github.com/go-openapi/swag v0.19.13 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/swag v0.22.4 // indirect github.com/gofrs/uuid v3.2.0+incompatible // indirect github.com/gogo/protobuf v1.3.1 // indirect + github.com/golang-jwt/jwt v3.2.2+incompatible // indirect github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect - github.com/golang/protobuf v1.4.2 // indirect - github.com/google/go-cmp v0.5.2 // indirect + github.com/golang/protobuf v1.5.2 // indirect github.com/gorilla/handlers v1.4.2 // indirect + github.com/gorilla/mux v1.8.0 // indirect + github.com/invopop/yaml v0.2.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 // indirect - github.com/konsorten/go-windows-terminal-sequences v1.0.3 // indirect - github.com/labstack/gommon v0.3.0 // indirect - github.com/mailru/easyjson v0.7.6 // indirect - github.com/mattn/go-colorable v0.1.8 // indirect - github.com/mattn/go-isatty v0.0.12 // indirect + github.com/labstack/gommon v0.4.2 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.0.1 // indirect github.com/opencontainers/runc v0.1.1 // indirect + github.com/perimeterx/marshmallow v1.1.5 // indirect + github.com/pkg/errors v0.9.1 // indirect github.com/prometheus/client_golang v1.7.1 // indirect github.com/robfig/cron/v3 v3.0.1 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect - github.com/valyala/fasttemplate v1.2.1 // indirect + github.com/valyala/fasttemplate v1.2.2 // indirect go.opencensus.io v0.22.3 // indirect - golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad // indirect - golang.org/x/net v0.0.0-20210119194325-5f4716e94777 // indirect - golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e // indirect - golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c // indirect - golang.org/x/text v0.3.6 // indirect - golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect - golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect + golang.org/x/crypto v0.17.0 // indirect + golang.org/x/mod v0.12.0 // indirect + golang.org/x/net v0.19.0 // indirect + golang.org/x/sync v0.3.0 // indirect + golang.org/x/sys v0.15.0 // indirect + golang.org/x/text v0.14.0 // indirect + golang.org/x/time v0.5.0 // indirect + golang.org/x/tools v0.12.0 // indirect google.golang.org/genproto v0.0.0-20200903010400-9bfcb5116336 // indirect google.golang.org/grpc v1.31.1 // indirect - google.golang.org/protobuf v1.24.0 // indirect - gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect rsc.io/letsencrypt v0.0.3 // indirect ) diff --git a/go.sum b/go.sum index c217538..a12fde1 100644 --- a/go.sum +++ b/go.sum @@ -4,19 +4,23 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= +github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/DataDog/datadog-go v2.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 h1:ygIc8M6trr62pF5DucadTWGdEB4mEyvzi0e2nbcmcyA= github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= github.com/Microsoft/hcsshim v0.8.7 h1:ptnOoufxGSzauVTsdE+wMYnCWA301PdoN4xg5oRdZpg= github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= +github.com/RaveNoX/go-jsoncommentstrip v1.0.0/go.mod h1:78ihd09MekBnJnxpICcwzCMzGrKSKYe4AqU6PDYYpjk= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/OJnIp5u0s1SbQ8dVfLCZJsnvazdBP5hS4iRs= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/apapsch/go-jsonmerge/v2 v2.0.0 h1:axGnT1gRIfimI7gJifB699GoE/oq+F2MU7Dml6nw9rQ= +github.com/apapsch/go-jsonmerge/v2 v2.0.0/go.mod h1:lvDnEdqiQrp0O42VQGgmlKpxL1AP2+08jFMw88y4klk= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= @@ -32,6 +36,7 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= +github.com/bmatcuk/doublestar v1.1.1/go.mod h1:UD6OnuiIn0yFxxA2le/rnRU1G4RaI4UvFv1sNto9p6w= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= github.com/brianvoe/gofakeit/v6 v6.4.1 h1:u4lPnxVNr648hEyoIz31A8zrQl5woUQbCgqjAj/n/Y4= github.com/brianvoe/gofakeit/v6 v6.4.1/go.mod h1:palrJUk4Fyw38zIFB/uBZqsgzW5VsNllhHKKwAebzew= @@ -45,8 +50,9 @@ github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3k github.com/bugsnag/panicwrap v1.2.0 h1:OzrKrRvXis8qEvOkfcxNcYbOd2O7xXS2nnKMEMABFQA= github.com/bugsnag/panicwrap v1.2.0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= @@ -74,17 +80,15 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7 github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/deepmap/oapi-codegen v1.6.1 h1:2BvsmRb6pogGNtr8Ann+esAbSKFXx2CZN18VpAMecnw= -github.com/deepmap/oapi-codegen v1.6.1/go.mod h1:ryDa9AgbELGeB+YEXE1dR53yAjHwFvE9iAUlWl9Al3M= +github.com/deepmap/oapi-codegen/v2 v2.1.0 h1:I/NMVhJCtuvL9x+S2QzZKpSjGi33oDZwPRdemvOZWyQ= +github.com/deepmap/oapi-codegen/v2 v2.1.0/go.mod h1:R1wL226vc5VmCNJUvMyYr3hJMm5reyv25j952zAVXZ8= github.com/deislabs/oras v0.8.1 h1:If674KraJVpujYR00rzdi0QAmW4BxzMJPVAZJKuhQ0c= github.com/deislabs/oras v0.8.1/go.mod h1:Mx0rMSbBNaNfY9hjpccEnxkOqJL6KGjtxNHPLC4G4As= github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= github.com/docker/cli v0.0.0-20200130152716-5d0cf8839492/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= @@ -112,24 +116,28 @@ github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7 h1:LofdAjjjqCSXMwLGgOgnE+rdPuvX9DxCqaHwKy7i/ko= github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= -github.com/getkin/kin-openapi v0.53.0 h1:7WzP+MZRRe7YQz2Kc74Ley3dukJmXDvifVbElGmQfoA= -github.com/getkin/kin-openapi v0.53.0/go.mod h1:7Yn5whZr5kJi6t+kShccXS8ae1APpYTW6yheSwk8Yi4= -github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= +github.com/getkin/kin-openapi v0.118.0 h1:z43njxPmJ7TaPpMSCQb7PN0dEYno4tyBPQcrFdHoLuM= +github.com/getkin/kin-openapi v0.118.0/go.mod h1:l5e9PaFUo9fyLJCPGQeXI2ML8c3P8BHOEV2VaAVf/pc= +github.com/getkin/kin-openapi v0.122.0 h1:WB9Jbl0Hp/T79/JF9xlSW5Kl9uYdk/AWD0yAd9HOM10= +github.com/getkin/kin-openapi v0.122.0/go.mod h1:PCWw/lfBrJY4HcdqE3jj+QFkaFK8ABoqo7PvqVhXXqw= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-chi/chi/v5 v5.0.0/go.mod h1:BBug9lr0cqtdAhsu6R4AAdvufI0/XBzAQSsUqJpoZOs= github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-ldap/ldap v3.0.2+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.13 h1:233UVgMy1DlmCYYfOiFpta6e2urloh+sEs5id6lyzog= -github.com/go-openapi/swag v0.19.13/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM= +github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= github.com/gofrs/uuid v3.2.0+incompatible h1:y12jRkkFxsd7GpqdSZ+/KCs/fJbqpEXSGd4+jfEaewE= github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= @@ -138,6 +146,8 @@ github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7a github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= +github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -154,21 +164,22 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golangci/lint-1 v0.0.0-20181222135242-d2cdd8c08219/go.mod h1:/X8TswGSh1pIozq4ZwCfxS0WA5JGXguxk94ar/4c87Y= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.2 h1:X2ev0eStA3AbceY54o37/0PQ/UWqKEiiO2dKL5OPaFM= -github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs= -github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU= +github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/handlers v1.4.2 h1:0QniY0USkHQ1RGCLfKxeNHK9bkDHGRYGNDFBCS+YARg= @@ -220,6 +231,9 @@ github.com/heetch/confita v0.10.0/go.mod h1:W6GDCVPvi2LpvdEriwZTu2fyxuK+Grx1vY30 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/invopop/yaml v0.1.0/go.mod h1:2XuRLgs/ouIrW3XNzuNj7J3Nvu/Dig5MXvbCEdiBN3Q= +github.com/invopop/yaml v0.2.0 h1:7zky/qH+O0DwAyoobXUqvVBwgBFRxKoQ/3FjcVpjTMY= +github.com/invopop/yaml v0.2.0/go.mod h1:2XuRLgs/ouIrW3XNzuNj7J3Nvu/Dig5MXvbCEdiBN3Q= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= @@ -229,6 +243,7 @@ github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFF github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= +github.com/juju/gnuflag v0.0.0-20171113085948-2ce1bb71843d/go.mod h1:2PavIy+JPciBPrBUjwbNvtwB6RQlve+hkpll6QSNmOE= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 h1:iQTw/8FWTuc7uiaSepXwyf3o52HaUYcV+Tu66S3F5GA= github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0/go.mod h1:1NbS8ALrpOvjt0rHPNLyCIeMtbizbir8U//inJ+zuB8= @@ -236,8 +251,6 @@ github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvW github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= @@ -246,27 +259,23 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/labstack/echo/v4 v4.2.1 h1:LF5Iq7t/jrtUuSutNuiEWtB5eiHfZ5gSe2pcu5exjQw= -github.com/labstack/echo/v4 v4.2.1/go.mod h1:AA49e0DZ8kk5jTOOCKNuPR6oTnBS0dYiM4FW1e6jwpg= -github.com/labstack/gommon v0.3.0 h1:JEeO0bvc78PKdyHxloTKiF8BD5iGrH8T6MSeGvSgob0= -github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k= +github.com/labstack/echo/v4 v4.11.4 h1:vDZmA+qNeh1pd/cCkEicDMrjtrnMGQ1QFI9gWN1zGq8= +github.com/labstack/echo/v4 v4.11.4/go.mod h1:noh7EvLwqDsmh/X/HWKPUl1AjzJrhyptRyEbQJfxen8= +github.com/labstack/gommon v0.4.2 h1:F8qTUNXgG1+6WQmqoUWnz8WiEU60mXVVw0P4ht1WRA0= +github.com/labstack/gommon v0.4.2/go.mod h1:QlUFxVM+SNXhDL/Z7YhocGIBYOiwB0mXm1+1bAPHPyU= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA= -github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= -github.com/matryer/moq v0.0.0-20190312154309-6cfb0558e1bd/go.mod h1:9ELz6aaclSIGnZBoaSLZ3NAl1VTufbOrXBPvtcy6WiQ= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8= -github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= -github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/mborders/artifex v0.4.0 h1:hhdWwq23dVzQe/2r9aeHdE2SdJKCWmXqBIQDP0NOqg8= @@ -289,12 +298,17 @@ github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= +github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/mroth/weightedrand v0.4.1 h1:rHcbUBopmi/3x4nnrvwGJBhX9d0vk+KgoLUZeDP6YyI= github.com/mroth/weightedrand v0.4.1/go.mod h1:3p2SIcC8al1YMzGhAIoXD+r9olo/g/cdJgAD905gyNE= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/oapi-codegen/echo-middleware v1.0.1 h1:edYGScq1phCcuDoz9AqA9eHX+tEI1LNL5PL1lkkQh1k= +github.com/oapi-codegen/echo-middleware v1.0.1/go.mod h1:DBQKRn+D/vfXOFbaX5GRwFttoJY64JH6yu+pdt7wU3o= +github.com/oapi-codegen/runtime v1.1.1 h1:EXLHh0DXIJnWhdRPN2w4MXAzFyE4CskzhNLUmtpMYro= +github.com/oapi-codegen/runtime v1.1.1/go.mod h1:SK9X900oXmPWilYR5/WKPzt3Kqxn/uS/+lbpREv+eCg= github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -315,6 +329,10 @@ github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mo github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/perimeterx/marshmallow v1.1.4 h1:pZLDH9RjlLGGorbXhcaQLhfuV0pFMNfPO55FuFkxqLw= +github.com/perimeterx/marshmallow v1.1.4/go.mod h1:dsXbUu8CRzfYP5a87xpp0xq9S3u0Vchtcl8we9tYaXw= +github.com/perimeterx/marshmallow v1.1.5 h1:a2LALqQ1BlHM8PZblsDdidgv1mWi1DgC2UmX50IvK2s= +github.com/perimeterx/marshmallow v1.1.5/go.mod h1:dsXbUu8CRzfYP5a87xpp0xq9S3u0Vchtcl8we9tYaXw= github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 h1:JhzVVoYvbOACxoUmOs6V/G4D5nPVUW73rKvXxP4XUJc= github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE= github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= @@ -367,8 +385,8 @@ github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvH github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0 h1:UBcNElsrwanuuMsnGSlYmtmgbb23qDR5dG+6X6Oo89I= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= +github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= +github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= @@ -384,25 +402,32 @@ github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= +github.com/spkg/bom v0.0.0-20160624110644-59b7046e48ad/go.mod h1:qLr4V1qq6nMqFKkMo8ZTx3f+BZEkzsRUY10Xsm2mwU0= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= +github.com/ugorji/go v1.2.7 h1:qYhyWUUd6WbiM+C6JZAUkIJt/1WrjzNHY9+KCIjVqTo= +github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= +github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY= +github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU= github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= -github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= -github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4= -github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= +github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo= +github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= @@ -425,14 +450,14 @@ golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190506204251-e1dfcc566284/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad h1:DN0cp81fZ3njFcrLCytUHRSUkqBjfTo4Tx9RJTWs0EY= -golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= +golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -449,9 +474,8 @@ golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20210119194325-5f4716e94777 h1:003p0dJM77cxMSyCPFphvZf/Y5/NXf5fzg6ufd1/Oew= -golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= +golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -459,8 +483,9 @@ golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= +golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -471,7 +496,6 @@ golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190129075346-302c3dd5f1cc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -479,31 +503,22 @@ golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190508220229-2d0786266e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200826173525-f9321e4c35a6/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c h1:VwygUrnw9jn88c4u8GD3rZQbqrP/tgas88tPUbBxQrk= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba h1:O8mE0/t419eoIwhTFpKVkHiTs/Igowgfkj25AcZrtiE= -golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -512,11 +527,10 @@ golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= +golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f h1:GGU+dLjvlC3qDwqYgL6UgRmHXhOOgns0bZu2Ty5mm6U= google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -546,8 +560,11 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw= @@ -555,7 +572,6 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= @@ -568,12 +584,12 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/main.go b/main.go index 23d3ca9..ea68d0f 100644 --- a/main.go +++ b/main.go @@ -3,16 +3,16 @@ package main import ( "flag" - oapi "github.com/deepmap/oapi-codegen/pkg/middleware" "github.com/goharbor/harbor-scanner-fake/api" "github.com/goharbor/harbor-scanner-fake/pkg/config" "github.com/goharbor/harbor-scanner-fake/pkg/server" "github.com/labstack/echo/v4" "github.com/labstack/echo/v4/middleware" + mw "github.com/oapi-codegen/echo-middleware" log "github.com/sirupsen/logrus" ) -//go:generate go run github.com/deepmap/oapi-codegen/cmd/oapi-codegen -generate types,server,spec -package api -o ./api/api.gen.go ./api/openapi.yaml +//go:generate go run github.com/deepmap/oapi-codegen/v2/cmd/oapi-codegen -generate types,server,spec -package api -o ./api/api.gen.go ./api/openapi.yaml var ( configPath string @@ -56,7 +56,8 @@ func main() { e.Use(middleware.TimeoutWithConfig(middleware.TimeoutConfig{Timeout: cfg.Server.Timeout})) } - e.Use(oapi.OapiRequestValidator(swagger)) + // Validate requests against the OpenAPI spec + e.Use(mw.OapiRequestValidator(swagger)) api.RegisterHandlersWithBaseURL(e, s, "/api/v1") diff --git a/pkg/config/config.go b/pkg/config/config.go index bb7ae32..2691886 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -69,6 +69,9 @@ type Config struct { // The vulnerabilities count in the artifact VulnerabilitiesPerReport int64 `config:"scanner-vulnerabilities-per-report" yaml:"vulnerabilitiesPerReport"` + // The package count in the SBOM of an artifact + SbomPackagesPerReport int64 `config:"sbom-packages-per-report" yaml:"sbomPackagesPerReport"` + // The duration to generate the scan report after artifact pulled ReportGeneratingDuration time.Duration `config:"scanner-report-generating-duration" yaml:"reportGeneratingDuration"` } @@ -107,6 +110,10 @@ func (cfg *Config) Validate() error { return fmt.Errorf("scanner.vulnerabilitiesPerReport %d must less or equal with db.Total %d", cfg.Scanner.VulnerabilitiesPerReport, cfg.DB.Total) } + if cfg.Scanner.SbomPackagesPerReport <= 0 { + return fmt.Errorf("scanner.SbomPackagesPerReport %d must be larger than 0", cfg.Scanner.SbomPackagesPerReport) + } + return nil } @@ -119,6 +126,7 @@ func Load(paths ...string) (*Config, error) { cfg.Scanner.SkipPulling = true cfg.Scanner.VulnerableRate = 1 cfg.Scanner.VulnerabilitiesPerReport = 100 + cfg.Scanner.SbomPackagesPerReport = 10 cfg.Server.Address = "0.0.0.0:8080" cfg.Server.AsscessLog = true diff --git a/pkg/scanner/scanner.go b/pkg/scanner/scanner.go index 85261cb..37586c6 100644 --- a/pkg/scanner/scanner.go +++ b/pkg/scanner/scanner.go @@ -14,16 +14,17 @@ import ( "github.com/containerd/containerd/content/local" clog "github.com/containerd/containerd/log" "github.com/deislabs/oras/pkg/oras" + "github.com/google/uuid" + "github.com/mborders/artifex" + wr "github.com/mroth/weightedrand" + "github.com/sirupsen/logrus" + "github.com/goharbor/harbor-scanner-fake/api" "github.com/goharbor/harbor-scanner-fake/pkg/config" "github.com/goharbor/harbor-scanner-fake/pkg/db" "github.com/goharbor/harbor-scanner-fake/pkg/log" "github.com/goharbor/harbor-scanner-fake/pkg/store" "github.com/goharbor/harbor-scanner-fake/pkg/util" - "github.com/google/uuid" - "github.com/mborders/artifex" - wr "github.com/mroth/weightedrand" - "github.com/sirupsen/logrus" ) var ( @@ -35,6 +36,9 @@ func init() { } const ( + CapabilityTypeSBOM = "sbom" + CapabilityTypeVulnerability = "vulnerability" + VulnerabilityDatabaseUpdatedAt = "harbor.scanner-adapter/vulnerability-database-updated-at" MimeTypeOCIArtifact = "application/vnd.oci.image.manifest.v1+json" @@ -42,12 +46,20 @@ const ( MimeTypeNativeReport = "application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0" MimeTypeGenericVulnerabilityReport = "application/vnd.security.vulnerability.report; version=1.1" + MimeTypeSbomReport = "application/vnd.security.sbom.report+json; version=1.0" ) var ( ErrReportNotFound = errors.New("report not found") ) +type SbomPkg struct { + Name string `json:"name"` + VersionInfo string `json:"versionInfo"` + LicenseConcluded string `json:"licenseConcluded"` + LicenseDeclared string `json:"licenseDeclared"` +} + type Scanner struct { cfg *config.Config db *db.DB @@ -79,17 +91,17 @@ func (s *Scanner) Scan(scanRequest *api.ScanRequest) (api.ScanRequestId, error) return scanRequestId, nil } -func (s *Scanner) GetReport(scanRequestId api.ScanRequestId) (*api.HarborVulnerabilityReport, error) { +func (s *Scanner) GetReport(scanRequestId api.ScanRequestId) (*api.HarborVulnerabilityReport, *api.HarborSbomReport, error) { reportOrError, err := s.store.GetReportOrError(scanRequestId) if err != nil { if errors.Is(err, store.ErrNotFound) { - return nil, ErrReportNotFound + return nil, nil, ErrReportNotFound } - return nil, err + return nil, nil, err } - return reportOrError.Report, reportOrError.Error + return reportOrError.VulnReport, reportOrError.SbomReport, reportOrError.Error } func (s *Scanner) do(ctx context.Context, scanRequestId api.ScanRequestId) { @@ -107,12 +119,12 @@ func (s *Scanner) do(ctx context.Context, scanRequestId api.ScanRequestId) { } } - report, err := s.generateReport(req) + vulnReport, sbomReport, err := s.generateReport(req) if err != nil { log.G(ctx).WithField("artifact", mustGetArtifact(req)).Error("generate report failed") } - s.store.SetReportOrError(scanRequestId, &store.ReportOrError{Report: report, Error: err}) + s.store.SetReportOrError(scanRequestId, &store.ReportOrError{VulnReport: vulnReport, SbomReport: sbomReport, Error: err}) } func (s *Scanner) pull(ctx context.Context, req *api.ScanRequest) error { @@ -165,7 +177,76 @@ func (s *Scanner) pull(ctx context.Context, req *api.ScanRequest) error { return err } -func (s *Scanner) generateReport(req *api.ScanRequest) (*api.HarborVulnerabilityReport, error) { +func (s *Scanner) generateReport(req *api.ScanRequest) (*api.HarborVulnerabilityReport, *api.HarborSbomReport, error) { + // backward compatibility with pluggable-scanner-spec prior to v1.2 + if len(*req.EnabledCapabilities) == 0 { + vulnReport, err := s.generateVulnerabilityReport(req) + return vulnReport, nil, err + } + + // for pluggable-scanner-spec v1.2 and onwards + var vulnReport *api.HarborVulnerabilityReport + var sbomReport *api.HarborSbomReport + var err error + for _, capbility := range *req.EnabledCapabilities { + switch capbility.Type { + case CapabilityTypeVulnerability: + vulnReport, err = s.generateVulnerabilityReport(req) + if err != nil { + return nil, nil, err + } + case CapabilityTypeSBOM: + sbomReport, err = s.generateSbomReport(req) + if err != nil { + return nil, nil, err + } + default: + return nil, nil, fmt.Errorf("the capability type is not supported, type=%s", capbility.Type) + } + } + return vulnReport, sbomReport, err +} + +func (s *Scanner) generateSbomReport(req *api.ScanRequest) (*api.HarborSbomReport, error) { + time.Sleep(s.cfg.Scanner.ReportGeneratingDuration) + + now := time.Now() + var mediaType api.SbomParametersSbomMediaTypes + //Harbor currently only asks SPDX format of SBOM + mediaType = api.SbomParametersSbomMediaTypesApplicationspdxJson + artifactName := (*req.Artifact.Repository) + ":" + (*req.Artifact.Digest) + if req.Artifact.Tag != nil { + artifactName = (*req.Artifact.Repository) + ":" + (*req.Artifact.Tag) + } + var pkgs []*SbomPkg + sbomPkgNumPerReport := s.cfg.Scanner.SbomPackagesPerReport + for int64(len(pkgs)) < sbomPkgNumPerReport { + pkgs = append(pkgs, generateSbomPkgRecord()) + } + sbomData := map[string]interface{}{ + "SPDXID": "SPDXRef-DOCUMENT", + "createionInfo": struct { + Created string `json:"created"` + Creators []string `json:"creators"` + }{ + Created: time.Now().Format("2006-01-02T15:04:05.999999999Z"), + Creators: []string{"Tool: " + *s.metadata.Scanner.Name, "Organization: " + *s.metadata.Scanner.Vendor}, + }, + "name": artifactName, + "packages": pkgs, + } + + return &api.HarborSbomReport{ + Artifact: &req.Artifact, + GeneratedAt: &now, + MediaType: (*api.HarborSbomReportMediaType)(&mediaType), + Sbom: &sbomData, + Scanner: &s.metadata.Scanner, + VendorAttributes: nil, + }, nil +} + +func (s *Scanner) generateVulnerabilityReport(req *api.ScanRequest) (*api.HarborVulnerabilityReport, error) { time.Sleep(s.cfg.Scanner.ReportGeneratingDuration) if s.errorChooser.Pick().(bool) { @@ -224,20 +305,28 @@ func New(cfg *config.Config, db *db.DB) *Scanner { wr.Choice{Item: false, Weight: uint(100 - cfg.Scanner.VulnerableRate*100)}, ) + vulnType := api.ScannerCapabilityType(CapabilityTypeVulnerability) + sbomType := api.ScannerCapabilityType(CapabilityTypeSBOM) metadata := api.ScannerAdapterMetadata{ - Capabilities: []api.ScannerCapability{{ - ConsumesMimeTypes: []string{MimeTypeOCIArtifact, MimeTypeDockerArtifact}, - ProducesMimeTypes: []string{MimeTypeNativeReport, MimeTypeGenericVulnerabilityReport}, - }}, - Properties: &api.ScannerProperties{ - AdditionalProperties: map[string]string{ - VulnerabilityDatabaseUpdatedAt: time.Now().Format(time.RFC3339), + Capabilities: []api.ScannerCapability{ + { + ConsumesMimeTypes: []string{MimeTypeOCIArtifact, MimeTypeDockerArtifact}, + ProducesMimeTypes: []string{MimeTypeNativeReport, MimeTypeGenericVulnerabilityReport}, + Type: &vulnType, + }, + { + ConsumesMimeTypes: []string{MimeTypeOCIArtifact, MimeTypeDockerArtifact}, + ProducesMimeTypes: []string{MimeTypeSbomReport}, + Type: &sbomType, }, }, + Properties: &api.ScannerProperties{ + VulnerabilityDatabaseUpdatedAt: time.Now().Format(time.RFC3339), + }, Scanner: api.Scanner{ - Name: util.String("Fake"), - Vendor: util.String("Fake Scanner"), - Version: util.String("v1.0.0"), + Name: util.String("Fake-Scanner"), + Vendor: util.String("Fake-Scanner-Vendor"), + Version: util.String("v1.1.0"), }, } diff --git a/pkg/scanner/util.go b/pkg/scanner/util.go index 95cf631..411d7fc 100644 --- a/pkg/scanner/util.go +++ b/pkg/scanner/util.go @@ -10,6 +10,8 @@ import ( "github.com/containerd/containerd/remotes" "github.com/containerd/containerd/remotes/docker" + "github.com/google/uuid" + "github.com/goharbor/harbor-scanner-fake/api" "github.com/goharbor/harbor-scanner-fake/pkg/util" ) @@ -78,3 +80,30 @@ func mustGetArtifact(req *api.ScanRequest) string { return fmt.Sprintf("%s/%s@%s", u.Host, *req.Artifact.Repository, *req.Artifact.Digest) } + +func generateSbomPkgRecord() *SbomPkg { + pkgName := "pkg-name-" + uuid.NewString() + pkgVersionInfo := getVersionInfo() + licenseConcluded := getLicense() + licenseDeclared := getLicense() + + return &SbomPkg{ + Name: pkgName, + VersionInfo: pkgVersionInfo, + LicenseConcluded: licenseConcluded, + LicenseDeclared: licenseDeclared, + } +} + +func getVersionInfo() string { + major := randSeed.Intn(5) + minor := randSeed.Intn(10) + patch := randSeed.Intn(20) + rNum := randSeed.Intn(20) + return fmt.Sprintf("%d.%d.%d-r%d", major, minor, patch, rNum) +} + +func getLicense() string { + licenseList := []string{"GPL-2.0-only", "MIT", "MPL-2.0 AND MIT", "BSD-2-Clause AND BSD-3-Clause", "BSD-3-Clause AND MIT", "MIT AND BSD-3-Clause AND GPL-2.0-only"} + return licenseList[randSeed.Intn(len(licenseList))] +} diff --git a/pkg/server/server.go b/pkg/server/server.go index 4117fd8..733d511 100644 --- a/pkg/server/server.go +++ b/pkg/server/server.go @@ -52,7 +52,7 @@ func (s *Server) AcceptScanRequest(ctx echo.Context) error { func (s *Server) GetScanReport(ctx echo.Context, scanRequestId api.ScanRequestId, params api.GetScanReportParams) error { time.Sleep(s.cfg.Server.Delay.GetScanReport) - report, err := s.scanner.GetReport(scanRequestId) + vulnReport, sbomReport, err := s.scanner.GetReport(scanRequestId) if err != nil { if errors.Is(err, scanner.ErrReportNotFound) { return ctx.NoContent(http.StatusNotFound) @@ -61,11 +61,20 @@ func (s *Server) GetScanReport(ctx echo.Context, scanRequestId api.ScanRequestId return s.sendError(ctx, err) } - if report == nil { - return ctx.Redirect(http.StatusFound, ctx.Request().RequestURI) + switch *params.Accept { + case scanner.MimeTypeSbomReport: + if sbomReport == nil { + return ctx.Redirect(http.StatusFound, ctx.Request().RequestURI) + } + return ctx.JSON(http.StatusOK, sbomReport) + case scanner.MimeTypeNativeReport, scanner.MimeTypeGenericVulnerabilityReport: + if vulnReport == nil { + return ctx.Redirect(http.StatusFound, ctx.Request().RequestURI) + } + return ctx.JSON(http.StatusOK, vulnReport) + default: + return ctx.JSON(http.StatusBadRequest, `{"errorMessage": "the Accept Header in the Request to get scan report is not supported"}`) } - - return ctx.JSON(http.StatusOK, report) } func New(cfg *config.Config) api.ServerInterface { diff --git a/pkg/store/memory.go b/pkg/store/memory.go index abefd98..c77f882 100644 --- a/pkg/store/memory.go +++ b/pkg/store/memory.go @@ -10,7 +10,8 @@ import ( type memoryItem struct { CreatedAt time.Time ScanRequest *api.ScanRequest - ScanReport *api.HarborVulnerabilityReport + VulnReport *api.HarborVulnerabilityReport + SbomReport *api.HarborSbomReport Error error } @@ -50,7 +51,8 @@ func (s *memoryStore) SetReportOrError(scanRequestId api.ScanRequestId, reportOr return } - item.ScanReport = reportOrError.Report + item.VulnReport = reportOrError.VulnReport + item.SbomReport = reportOrError.SbomReport item.Error = reportOrError.Error s.m.Store(scanRequestId, item) @@ -62,5 +64,9 @@ func (s *memoryStore) GetReportOrError(scanRequestId api.ScanRequestId) (*Report return nil, err } - return &ReportOrError{Report: item.ScanReport, Error: item.Error}, nil + return &ReportOrError{ + Error: err, + VulnReport: item.VulnReport, + SbomReport: item.SbomReport, + }, nil } diff --git a/pkg/store/store.go b/pkg/store/store.go index 62adfcc..88f6974 100644 --- a/pkg/store/store.go +++ b/pkg/store/store.go @@ -12,8 +12,9 @@ var ( ) type ReportOrError struct { - Error error - Report *api.HarborVulnerabilityReport + Error error + VulnReport *api.HarborVulnerabilityReport + SbomReport *api.HarborSbomReport } type Store interface {