├── .gitignore ├── LICENSE ├── Makefile ├── README.md ├── atlantis ├── .gitignore ├── README.md ├── github.yaml ├── kustomization.yaml └── loadbalancer.yaml ├── docker ├── Dockerfile ├── README.md ├── basic_rules.yaml ├── default_rules.yaml ├── docker_image_test.go ├── go.mod ├── go.sum ├── index.html ├── recommended_label_rules.yaml ├── security_rules.yaml └── structure_test.yaml ├── kubernetes ├── README.md ├── go.mod ├── go.sum ├── kubernetes_nginx_deployment_test.go ├── kustomize │ ├── base │ │ ├── common.properties │ │ ├── kustomization.yaml │ │ ├── microservice-deployment.yaml │ │ └── microservice-service.yaml │ └── overlays │ │ ├── dev │ │ ├── hoverfly-deployment.yaml │ │ ├── hoverfly-service.yaml │ │ ├── kustomization.yaml │ │ └── microservice.properties │ │ ├── int │ │ ├── 2-replicas.yaml │ │ ├── kustomization.yaml │ │ └── microservice.properties │ │ └── prod │ │ ├── 4-replicas.yaml │ │ ├── kustomization.yaml │ │ ├── loadbalancer.yaml │ │ ├── microservice.properties │ │ └── probes.yaml └── nginx-deployment.yaml ├── pulumi ├── .gitignore ├── README.md ├── aws-ts-eks │ └── index.ts ├── aws-ts-fargate │ ├── .gitignore │ ├── Pulumi.dev.yaml │ ├── Pulumi.yaml │ ├── app │ │ ├── Dockerfile │ │ └── index.html │ ├── index.ts │ ├── package-lock.json │ ├── package.json │ └── tsconfig.json ├── kubernetes-ts-nginx │ └── index.ts └── testing-unit-ts │ ├── bucket_pair.ts │ ├── bucket_pair_test.ts │ ├── ec2tests.ts │ └── index.ts ├── terraform ├── README.md ├── examples │ ├── aws │ │ ├── .tflint.hcl │ │ ├── go.mod │ │ ├── go.sum │ │ ├── main.tf │ │ └── terraform_aws_test.go │ └── basic │ │ ├── go.mod │ │ ├── go.sum │ │ ├── main.tf │ │ └── terraform_hello_world_test.go └── modules │ ├── aurora_serverless │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ └── variables.tf │ ├── custom_vpc │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ └── variables.tf │ └── fargate_service │ ├── README.md │ ├── alb.tf │ ├── auto_scaling.tf │ ├── ecs.tf │ ├── logs.tf │ ├── main.tf │ ├── outputs.tf │ ├── roles.tf │ ├── security.tf │ ├── templates │ └── ecs_service.json.tpl │ └── variables.tf └── terragrunt ├── dev ├── account.hcl └── eu-central-1 │ ├── dev │ ├── aurora_db │ │ └── terragrunt.hcl │ ├── env.hcl │ ├── microservice │ │ └── terragrunt.hcl │ └── networking │ │ └── terragrunt.hcl │ └── region.hcl ├── prod ├── account.hcl └── eu-central-1 │ ├── prod │ ├── env.hcl │ └── networking │ │ └── terragrunt.hcl │ └── region.hcl └── terragrunt.hcl /.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | .terraform.lock.hcl 5 | 6 | # .tfstate files 7 | *.tfstate 8 | *.tfstate.* 9 | 10 | # Crash log files 11 | crash.log 12 | .dccache 13 | 14 | # Ignore any .tfvars files that are generated automatically for each Terraform run. Most 15 | # .tfvars files are managed as part of configuration and so should be included in 16 | # version control. 17 | # 18 | # example.tfvars 19 | 20 | # Ignore override files as they are usually used to override resources locally and so 21 | # are not checked in 22 | override.tf 23 | override.tf.json 24 | *_override.tf 25 | *_override.tf.json 26 | 27 | # Include override files you do wish to add to version control using negated pattern 28 | # 29 | # !example_override.tf 30 | 31 | # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan 32 | # example: *tfplan* 33 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 M.-Leander Reimer 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | NAME = clean-iac 2 | VERSION = 1.0.0 3 | GCP = gcloud 4 | ZONE = europe-west1-b 5 | K8S = kubectl 6 | 7 | .PHONY: info 8 | 9 | info: 10 | @echo "Clean Infrastructure as Code" 11 | 12 | prepare: 13 | @$(GCP) config set compute/zone $(ZONE) 14 | @$(GCP) config set container/use_client_certificate False 15 | 16 | cluster: 17 | @echo "Create GKE Cluster" 18 | # --[no-]enable-basic-auth --[no-]issue-client-certificate 19 | 20 | @$(GCP) container clusters create $(NAME) --num-nodes=5 --enable-autoscaling --min-nodes=5 --max-nodes=10 21 | @$(K8S) create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$$(gcloud config get-value core/account) 22 | @$(K8S) cluster-info 23 | 24 | gcloud-login: 25 | @$(GCP) auth application-default login 26 | 27 | access-token: 28 | @$(GCP) config config-helper --format=json | jq .credential.access_token 29 | 30 | destroy: 31 | @$(GCP) container clusters delete $(NAME) --async --quiet 32 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Clean Infrastructure as Code 2 | 3 | Demo repository for Clean Infrastructure as Code with showcases for different useful frameworks and testing tools. 4 | 5 | ## Maintainer 6 | 7 | M.-Leander Reimer (@lreimer), 8 | 9 | ## License 10 | 11 | This software is provided under the MIT open source license, read the `LICENSE` 12 | file for details. -------------------------------------------------------------------------------- /atlantis/.gitignore: -------------------------------------------------------------------------------- 1 | token 2 | webhook-secret 3 | secrets.yaml -------------------------------------------------------------------------------- /atlantis/README.md: -------------------------------------------------------------------------------- 1 | # Terraform Pull Request Automation 2 | 3 | ```bash 4 | $ echo -n "yourtoken" > token 5 | $ echo -n "yoursecret" > webhook-secret 6 | $ kubectl create secret generic atlantis-vcs --from-file=token --from-file=webhook-secret --dry-run=client -o yaml > secrets.yaml 7 | $ kustomize build 8 | $ kubectl apply -k . 9 | ``` -------------------------------------------------------------------------------- /atlantis/github.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: atlantis 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: atlantis 10 | env: 11 | - name: ATLANTIS_GH_USER 12 | value: lreimer 13 | - name: ATLANTIS_GH_TOKEN 14 | valueFrom: 15 | secretKeyRef: 16 | name: atlantis-vcs 17 | key: token 18 | - name: ATLANTIS_GH_WEBHOOK_SECRET 19 | valueFrom: 20 | secretKeyRef: 21 | name: atlantis-vcs 22 | key: webhook-secret -------------------------------------------------------------------------------- /atlantis/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | bases: 5 | - github.com/runatlantis/atlantis/kustomize 6 | 7 | resources: 8 | - secrets.yaml 9 | 10 | patchesStrategicMerge: 11 | - github.yaml 12 | # - loadbalancer.yaml 13 | - ingress.yaml 14 | -------------------------------------------------------------------------------- /atlantis/loadbalancer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: atlantis 5 | spec: 6 | type: LoadBalancer -------------------------------------------------------------------------------- /docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM nginx:latest 2 | 3 | # LABEL Name="IaC Testing" 4 | LABEL Version="1.0" 5 | LABEL Release="Test" 6 | LABEL Vendor="lreimer" 7 | 8 | COPY index.html /usr/share/nginx/html 9 | -------------------------------------------------------------------------------- /docker/README.md: -------------------------------------------------------------------------------- 1 | # Testing Docker Images 2 | 3 | ## dockerfile_lint 4 | 5 | ```bash 6 | # Installation and usage instructions 7 | # https://github.com/projectatomic/dockerfile_lint 8 | 9 | $ dockerfile_lint -f Dockerfile -r basic_rules.yaml 10 | $ dockerfile_lint -f Dockerfile -r recommended_label_rules.yaml 11 | $ dockerfile_lint -f Dockerfile -r security_rules.yaml 12 | ``` 13 | 14 | ## Snyk 15 | 16 | ```bash 17 | # Installation and usage instructions 18 | # https://docs.snyk.io/snyk-cli/install-the-snyk-cli 19 | 20 | $ docker build -t lreimer/snyk-test:1.0 . 21 | $ snyk container test --file=Dockerfile lreimer/snyk-test:1.0 22 | ``` 23 | 24 | ## Trivy 25 | 26 | ```bash 27 | # Installation and usage instructions 28 | # https://github.com/aquasecurity/trivy 29 | 30 | $ docker build -t lreimer/trivy-test:1.0 . 31 | $ trivy images -s HIGH,CRITICAL lreimer/trivy-test:1.0 32 | ``` 33 | 34 | ## Container Structure Tests 35 | 36 | ```bash 37 | # see https://github.com/GoogleContainerTools/container-structure-test 38 | $ docker build -t lreimer/structure-test:1.0 . 39 | $ container-structure-test test --image lreimer/structure-test:1.0 --config structure_test.yaml 40 | ``` 41 | 42 | ## Terratest 43 | 44 | ```bash 45 | # see https://terratest.gruntwork.io/docs/getting-started/quick-start/#example-3-docker 46 | $ go test 47 | ``` 48 | -------------------------------------------------------------------------------- /docker/basic_rules.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | profile: 3 | name: "Default" 4 | description: "Default Profile. Checks basic syntax." 5 | includes: 6 | #- recommended_label_rules.yaml 7 | line_rules: 8 | LABEL: 9 | paramSyntaxRegex: /.+/ 10 | # Use defined_label_rules to defined a set of labels for your dockerfile 11 | # In this example, the labels "Vendor","Authoritative_Registry","BZComponent" 12 | # have been defined. A label value is 'valid' if matches the regular 13 | # expression 'valueRegex', otherwise an warn is logged with the string "message" 14 | # at level 'level'. 'reference_url' provides a web link where the user can 15 | # get more information about the rule. 16 | # 17 | defined_namevals: 18 | Name: 19 | valueRegex: /([\w]+)./ 20 | message: "Label 'Name' is missing or has invalid format" 21 | level: "warn" 22 | required: true 23 | reference_url: 24 | - "http://docs.projectatomic.io/container-best-practices/#" 25 | - "_recommended_labels_for_your_project" 26 | Version: 27 | valueRegex: /[\w.${}()"'\\\/~<>\-?\%:]+/ 28 | message: "Label 'Version' is missing or has invalid format" 29 | level: "warn" 30 | required: true 31 | reference_url: 32 | - "http://docs.projectatomic.io/container-best-practices/#" 33 | - "_recommended_labels_for_your_project" 34 | Release: 35 | valueRegex: /[\w.${}()"'\\\/~<>\-?\%:]+/ 36 | message: "Label 'Release' is missing or has invalid format" 37 | level: "warn" 38 | required: true 39 | reference_url: 40 | - "http://docs.projectatomic.io/container-best-practices/#" 41 | - "_recommended_labels_for_your_project" 42 | Architecture: 43 | valueRegex: /[\w]*[6,8][4,6]|[.]*86[.]*64/ 44 | message: "Label 'Architecture' is missing or has invalid format: x86, i386, x86_64" 45 | level: "info" 46 | required: false 47 | reference_url: 48 | - "http://docs.projectatomic.io/container-best-practices/#" 49 | - "_recommended_labels_for_your_project" 50 | Vendor: 51 | valueRegex: /([\w]+).+/ 52 | message: "Label 'Vendor' is missing or has invalid format" 53 | level: "warn" 54 | required: false 55 | reference_url: 56 | - "http://docs.projectatomic.io/container-best-practices/#" 57 | - "_recommended_labels_for_your_project" 58 | Url: 59 | valueRegex: /([\w]+).+/ 60 | message: "Label 'Url' is missing or has invalid format" 61 | level: "warn" 62 | required: true 63 | reference_url: 64 | - "http://docs.projectatomic.io/container-best-practices/#" 65 | - "_recommended_labels_for_your_project" 66 | Help: 67 | valueRegex: /([\w]+).+/ 68 | message: "Label 'Help' is missing or has invalid format" 69 | level: "warn" 70 | required: true 71 | reference_url: 72 | - "http://docs.projectatomic.io/container-best-practices/#" 73 | - "_recommended_labels_for_your_project" 74 | 75 | FROM: 76 | paramSyntaxRegex: /^[\w./\-:]+(:[\w.]+)?(-[\w]+)?$/ 77 | rules: 78 | - 79 | label: "is_latest_tag" 80 | regex: /latest/ 81 | level: "error" 82 | message: "base image uses 'latest' tag" 83 | description: "using the 'latest' tag may cause unpredictable builds. It is recommended that a specific tag is used in the FROM line or *-released which is the latest supported release." 84 | reference_url: 85 | - "https://docs.docker.com/engine/reference/builder/" 86 | - "#from" 87 | - 88 | label: "no_tag" 89 | regex: /^[:]/ 90 | level: "error" 91 | message: "No tag is used" 92 | description: "No tag is used. It is recommended that a specific tag is used in the FROM line or *-released which is the latest supported release." 93 | reference_url: 94 | - "https://docs.docker.com/engine/reference/builder/" 95 | - "#from" 96 | - 97 | label: "specified_registry" 98 | regex: /[a-zA-Z0-9]+?\.[a-zA-Z0-9-]+(\:|\.)([a-zA-Z0-9.]+|(\d+)?)([/?:].*)?/ 99 | level: "warn" 100 | message: "using a specified registry in the FROM line" 101 | description: "using a specified registry may supply invalid or unexpected base images" 102 | reference_url: 103 | - "https://docs.docker.com/engine/reference/builder/" 104 | - "#entrypoint" 105 | MAINTAINER: 106 | paramSyntaxRegex: /.+/ 107 | rules: 108 | - 109 | label: "maintainer_deprecated" 110 | regex: /.+/ 111 | level: "info" 112 | message: "the MAINTAINER command is deprecated" 113 | description: "MAINTAINER is deprecated in favor of using LABEL since Docker v1.13.0" 114 | reference_url: 115 | - "https://github.com/docker/cli/blob/master/docs/deprecated.md" 116 | - "#maintainer-in-dockerfile" 117 | RUN: 118 | paramSyntaxRegex: /.+/ 119 | rules: 120 | - 121 | label: "no_yum_clean_all" 122 | regex: /yum(?!.+clean all|.+\.repo|-config|\.conf)/g 123 | level: "warn" 124 | message: "yum clean all is not used" 125 | description: "the yum cache will remain in this layer making the layer unnecessarily large" 126 | reference_url: 127 | - "http://docs.projectatomic.io/container-best-practices/#" 128 | - "_clear_packaging_caches_and_temporary_package_downloads" 129 | - 130 | label: "yum_update_all" 131 | regex: /yum(.+update all|.+upgrade|.+update)/ 132 | level: "info" 133 | message: "updating the entire base image may add unnecessary size to the container" 134 | description: "update the entire base image may add unnecessary size to the container" 135 | reference_url: 136 | - "http://docs.projectatomic.io/container-best-practices/#" 137 | - "_clear_packaging_caches_and_temporary_package_downloads" 138 | - 139 | label: "no_dnf_clean_all" 140 | regex: /dnf(?!.+clean all|.+\.repo)/g 141 | level: "warn" 142 | message: "dnf clean all is not used" 143 | description: "the dnf cache will remain in this layer making the layer unnecessarily large" 144 | reference_url: 145 | - "http://docs.projectatomic.io/container-best-practices/#" 146 | - "_clear_packaging_caches_and_temporary_package_downloads" 147 | - 148 | label: "no_rvm_cleanup_all" 149 | regex: /rvm install(?!.+cleanup all)/g 150 | level: "warn" 151 | message: "rvm cleanup is not used" 152 | description: "the rvm cache will remain in this layer making the layer unnecessarily large" 153 | reference_url: 154 | - "http://docs.projectatomic.io/container-best-practices/#" 155 | - "_clear_packaging_caches_and_temporary_package_downloads" 156 | - 157 | label: "no_gem_clean_all" 158 | regex: /gem install(?!.+cleanup|.+\rvm cleanup all)/g 159 | level: "warn" 160 | message: "gem cleanup all is not used" 161 | description: "the gem cache will remain in this layer making the layer unnecessarily large" 162 | reference_url: 163 | - "http://docs.projectatomic.io/container-best-practices/#" 164 | - "_clear_packaging_caches_and_temporary_package_downloads" 165 | - 166 | label: "no_apt-get_clean" 167 | regex: /apt-get install(?!.+clean)/g 168 | level: "warn" 169 | message: "apt-get clean is not used" 170 | description: "the apt-get cache will remain in this layer making the layer unnecessarily large" 171 | reference_url: 172 | - "http://docs.projectatomic.io/container-best-practices/#" 173 | - "_clear_packaging_caches_and_temporary_package_downloads" 174 | - 175 | label: "privileged_run_container" 176 | regex: /privileged/ 177 | level: "warn" 178 | message: "a privileged run container is allowed access to host devices" 179 | description: "Does this run need to be privileged?" 180 | reference_url: 181 | - "http://docs.docker.com/engine/reference/run/#" 182 | - "runtime-privilege-and-linux-capabilities" 183 | - 184 | label: "installing_ssh" 185 | regex: /openssh-server/ 186 | level: "warn" 187 | message: "installing SSH in a container is not recommended" 188 | description: "Do you really need SSH in this image?" 189 | reference_url: "https://github.com/jpetazzo/nsenter" 190 | - 191 | label: "no_ampersand_usage" 192 | regex: / ; / 193 | level: "warn" 194 | message: "using ; instead of &&" 195 | description: "RUN do_1 && do_2: The ampersands change the resulting evaluation into do_1 and then do_2 only if do_1 was successful." 196 | reference_url: 197 | - "http://docs.projectatomic.io/container-best-practices/#" 198 | - "#_using_semi_colons_vs_double_ampersands" 199 | EXPOSE: 200 | paramSyntaxRegex: /^[\d-\s\w/\\]+$/ 201 | rules: [] 202 | ENV: 203 | paramSyntaxRegex: /^[\w-$/\\=\"[\]{}@:,'`\t. ]+$/ 204 | rules: [] 205 | ADD: 206 | paramSyntaxRegex: /^~?([\w-.~:/?#\[\]\\\/*@!$&'()*+,;=.{}"]+[\s]*)+$/ 207 | COPY: 208 | paramSyntaxRegex: /.+/ 209 | rules: [] 210 | ENTRYPOINT: 211 | paramSyntaxRegex: /.+/ 212 | rules: [] 213 | VOLUME: 214 | paramSyntaxRegex: /.+/ 215 | rules: [] 216 | USER: 217 | paramSyntaxRegex: /^[a-z0-9_][a-z0-9_]{0,40}$/ 218 | rules: [] 219 | WORKDIR: 220 | paramSyntaxRegex: /^~?[\w-\/.{}$\/:]+[\s]*$/ 221 | rules: [] 222 | ONBUILD: 223 | paramSyntaxRegex: /.+/ 224 | rules: [] 225 | required_instructions: 226 | - 227 | instruction: "MAINTAINER" 228 | count: 1 229 | level: "error" 230 | message: "Maintainer is not defined" 231 | description: "The MAINTAINER line is useful for identifying the author in the form of MAINTAINER Joe Smith " 232 | reference_url: 233 | - "https://docs.docker.com/engine/reference/builder/" 234 | - "#maintainer" 235 | - 236 | instruction: "EXPOSE" 237 | count: 1 238 | level: "info" 239 | message: "There is no 'EXPOSE' instruction" 240 | description: "Without exposed ports how will the service of the container be accessed?" 241 | reference_url: 242 | - "https://docs.docker.com/engine/reference/builder/" 243 | - "#expose" 244 | - 245 | instruction: "ENTRYPOINT" 246 | count: 1 247 | level: "info" 248 | message: "There is no 'ENTRYPOINT' instruction" 249 | description: "None" 250 | reference_url: 251 | - "https://docs.docker.com/engine/reference/builder/" 252 | - "#entrypoint" 253 | - 254 | instruction: "CMD" 255 | count: 1 256 | level: "info" 257 | message: "There is no 'CMD' instruction" 258 | description: "None" 259 | reference_url: 260 | - "https://docs.docker.com/engine/reference/builder/" 261 | - "#cmd" 262 | - 263 | instruction: "USER" 264 | count: 1 265 | level: "warn" 266 | message: "No 'USER' instruction" 267 | description: "The process(es) within the container may run as root and RUN instructions my be run as root" 268 | reference_url: 269 | - "https://docs.docker.com/engine/reference/builder/" 270 | - "#user" 271 | -------------------------------------------------------------------------------- /docker/default_rules.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | profile: 3 | name: "Default" 4 | description: "Default Profile. Checks basic syntax." 5 | includes: 6 | #- recommended_label_rules.yaml 7 | line_rules: 8 | LABEL: 9 | paramSyntaxRegex: /.+/ 10 | # Use defined_label_rules to defined a set of labels for your dockerfile 11 | # In this example, the labels "Vendor","Authoritative_Registry","BZComponent" 12 | # have been defined. A label value is 'valid' if matches the regular 13 | # expression 'valueRegex', otherwise an warn is logged with the string "message" 14 | # at level 'level'. 'reference_url' provides a web link where the user can 15 | # get more information about the rule. 16 | # 17 | defined_namevals: 18 | Name: 19 | valueRegex: /[\w]+/ 20 | message: "Label 'Name' is missing or has invalid format" 21 | level: "warn" 22 | required: true 23 | reference_url: 24 | - "http://docs.projectatomic.io/container-best-practices/#" 25 | - "_recommended_labels_for_your_project" 26 | Version: 27 | valueRegex: /[\w.${}()"'\\\/~<>\-?\%:]+/ 28 | message: "Label 'Version' is missing or has invalid format" 29 | level: "warn" 30 | required: true 31 | reference_url: 32 | - "http://docs.projectatomic.io/container-best-practices/#" 33 | - "_recommended_labels_for_your_project" 34 | Release: 35 | valueRegex: /[\w.${}()"'\\\/~<>\-?\%:]+/ 36 | message: "Label 'Release' is missing or has invalid format" 37 | level: "warn" 38 | required: false 39 | reference_url: 40 | - "http://docs.projectatomic.io/container-best-practices/#" 41 | - "_recommended_labels_for_your_project" 42 | Architecture: 43 | valueRegex: /[\w]*[6,8][4,6]|[.]*86[.]*64/ 44 | message: "Label 'Architecture' is missing or has invalid format: x86, i386, x86_64" 45 | level: "info" 46 | required: false 47 | reference_url: 48 | - "http://docs.projectatomic.io/container-best-practices/#" 49 | - "_recommended_labels_for_your_project" 50 | Vendor: 51 | valueRegex: /([\w]+).+/ 52 | message: "Label 'Vendor' is missing or has invalid format" 53 | level: "warn" 54 | required: false 55 | reference_url: 56 | - "http://docs.projectatomic.io/container-best-practices/#" 57 | - "_recommended_labels_for_your_project" 58 | Url: 59 | valueRegex: /([\w]+).+/ 60 | message: "Label 'Url' is missing or has invalid format" 61 | level: "warn" 62 | required: false 63 | reference_url: 64 | - "http://docs.projectatomic.io/container-best-practices/#" 65 | - "_recommended_labels_for_your_project" 66 | Help: 67 | valueRegex: /([\w]+).+/ 68 | message: "Label 'Help' is missing or has invalid format" 69 | level: "warn" 70 | required: false 71 | reference_url: 72 | - "http://docs.projectatomic.io/container-best-practices/#" 73 | - "_recommended_labels_for_your_project" 74 | 75 | FROM: 76 | paramSyntaxRegex: /^[\w./\-:]+(:[${}\w.]+)?(-[${}\w.]+)?( as \w+)?$/i 77 | rules: 78 | - 79 | label: "is_latest_tag" 80 | regex: /latest/ 81 | level: "error" 82 | message: "base image uses 'latest' tag" 83 | description: "using the 'latest' tag may cause unpredictable builds. It is recommended that a specific tag is used in the FROM line or *-released which is the latest supported release." 84 | reference_url: 85 | - "https://docs.docker.com/engine/reference/builder/" 86 | - "#from" 87 | - 88 | label: "no_tag" 89 | regex: /^[:]/ 90 | level: "error" 91 | message: "No tag is used" 92 | description: "lorem ipsum tar" 93 | reference_url: 94 | - "https://docs.docker.com/engine/reference/builder/" 95 | - "#from" 96 | MAINTAINER: 97 | paramSyntaxRegex: /.+/ 98 | rules: [] 99 | RUN: 100 | paramSyntaxRegex: /.+/ 101 | rules: 102 | - 103 | label: "no_yum_clean_all" 104 | regex: /yum(?!.+clean all|.+\.repo|-config|\.conf)/ 105 | level: "warn" 106 | message: "yum clean all is not used" 107 | description: "the yum cache will remain in this layer making the layer unnecessarily large" 108 | reference_url: 109 | - "http://docs.projectatomic.io/container-best-practices/#" 110 | - "_clear_packaging_caches_and_temporary_package_downloads" 111 | - 112 | label: "yum_update_all" 113 | regex: /yum(.+update all|.+upgrade|.+update)/ 114 | level: "info" 115 | message: "updating the entire base image may add unnecessary size to the container" 116 | description: "update the entire base image may add unnecessary size to the container" 117 | reference_url: 118 | - "http://docs.projectatomic.io/container-best-practices/#" 119 | - "_clear_packaging_caches_and_temporary_package_downloads" 120 | - 121 | label: "no_dnf_clean_all" 122 | regex: /dnf(?!.+clean all|.+\.repo)/g 123 | level: "warn" 124 | message: "dnf clean all is not used" 125 | description: "the dnf cache will remain in this layer making the layer unnecessarily large" 126 | reference_url: 127 | - "http://docs.projectatomic.io/container-best-practices/#" 128 | - "_clear_packaging_caches_and_temporary_package_downloads" 129 | - 130 | label: "no_rvm_cleanup_all" 131 | regex: /rvm install(?!.+cleanup all)/g 132 | level: "warn" 133 | message: "rvm cleanup is not used" 134 | description: "the rvm cache will remain in this layer making the layer unnecessarily large" 135 | reference_url: 136 | - "http://docs.projectatomic.io/container-best-practices/#" 137 | - "_clear_packaging_caches_and_temporary_package_downloads" 138 | - 139 | label: "no_gem_clean_all" 140 | regex: /gem install(?!.+cleanup|.+\rvm cleanup all)/g 141 | level: "warn" 142 | message: "gem cleanup all is not used" 143 | description: "the gem cache will remain in this layer making the layer unnecessarily large" 144 | reference_url: 145 | - "http://docs.projectatomic.io/container-best-practices/#" 146 | - "_clear_packaging_caches_and_temporary_package_downloads" 147 | - 148 | label: "no_apt-get_clean" 149 | regex: /apt-get install(?!.+clean)/g 150 | level: "info" 151 | message: "apt-get clean is not used" 152 | description: "the apt-get cache will remain in this layer making the layer unnecessarily large" 153 | reference_url: 154 | - "http://docs.projectatomic.io/container-best-practices/#" 155 | - "_clear_packaging_caches_and_temporary_package_downloads" 156 | - 157 | label: "privileged_run_container" 158 | regex: /privileged/ 159 | level: "warn" 160 | message: "a privileged run container is allowed access to host devices" 161 | description: "Does this run need to be privileged?" 162 | reference_url: 163 | - "http://docs.docker.com/engine/reference/run/#" 164 | - "runtime-privilege-and-linux-capabilities" 165 | - 166 | label: "installing_ssh" 167 | regex: /openssh-server/ 168 | level: "warn" 169 | message: "installing SSH in a container is not recommended" 170 | description: "Do you really need SSH in this image?" 171 | reference_url: "https://github.com/jpetazzo/nsenter" 172 | - 173 | label: "no_ampersand_usage" 174 | regex: / ; / 175 | level: "info" 176 | message: "using ; instead of &&" 177 | description: "RUN do_1 && do_2: The ampersands change the resulting evaluation into do_1 and then do_2 only if do_1 was successful." 178 | reference_url: 179 | - "http://docs.projectatomic.io/container-best-practices/#" 180 | - "#_using_semi_colons_vs_double_ampersands" 181 | EXPOSE: 182 | paramSyntaxRegex: /^[\d-\s\w/\\]+$/ 183 | rules: [] 184 | ENV: 185 | paramSyntaxRegex: /^[\w-$/\\=\"[\]{}@:,'`\t. ]+$/ 186 | rules: [] 187 | ADD: 188 | paramSyntaxRegex: /^~?([\w-.~:/?#\[\]\\\/*@!$&'()*+,;=.{}"]+[\s]*)+$/ 189 | COPY: 190 | paramSyntaxRegex: /.+/ 191 | rules: [] 192 | ENTRYPOINT: 193 | paramSyntaxRegex: /.+/ 194 | rules: [] 195 | VOLUME: 196 | paramSyntaxRegex: /.+/ 197 | rules: [] 198 | USER: 199 | paramSyntaxRegex: /^[a-z0-9_][a-z0-9_-]{0,40}$/ 200 | rules: [] 201 | WORKDIR: 202 | paramSyntaxRegex: /^~?[\w\d-\/.{}$\/:]+[\s]*$/ 203 | rules: [] 204 | ONBUILD: 205 | paramSyntaxRegex: /.+/ 206 | rules: [] 207 | required_instructions: 208 | - 209 | instruction: "EXPOSE" 210 | count: 1 211 | level: "info" 212 | message: "There is no 'EXPOSE' instruction" 213 | description: "Without exposed ports how will the service of the container be accessed?" 214 | reference_url: 215 | - "https://docs.docker.com/engine/reference/builder/" 216 | - "#expose" 217 | - 218 | instruction: "CMD" 219 | count: 1 220 | level: "info" 221 | message: "There is no 'CMD' instruction" 222 | description: "None" 223 | reference_url: 224 | - "https://docs.docker.com/engine/reference/builder/" 225 | - "#cmd" 226 | -------------------------------------------------------------------------------- /docker/docker_image_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/gruntwork-io/terratest/modules/docker" 7 | "github.com/stretchr/testify/assert" 8 | ) 9 | 10 | func TestDockerImage(t *testing.T) { 11 | // Configure the tag to use on the Docker image. 12 | tag := "lreimer/terratest-docker" 13 | buildOptions := &docker.BuildOptions{ 14 | Tags: []string{tag}, 15 | } 16 | 17 | // Build the Docker image. 18 | docker.Build(t, ".", buildOptions) 19 | 20 | // Run the Docker image, read the text file from it, and make sure it contains the expected output. 21 | opts := &docker.RunOptions{Command: []string{"cat", "/usr/share/nginx/html/index.html"}} 22 | output := docker.Run(t, tag, opts) 23 | assert.Equal(t, "Hello, World!", output) 24 | } 25 | -------------------------------------------------------------------------------- /docker/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/lreimer/iac-testing/docker 2 | 3 | go 1.16 4 | 5 | require ( 6 | github.com/gruntwork-io/terratest v0.37.8 7 | github.com/stretchr/testify v1.7.0 8 | ) 9 | -------------------------------------------------------------------------------- /docker/go.sum: -------------------------------------------------------------------------------- 1 | cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 2 | cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 3 | cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= 4 | cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= 5 | cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= 6 | cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= 7 | cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= 8 | cloud.google.com/go v0.51.0/go.mod h1:hWtGJ6gnXH+KgDv+V0zFGDvpi07n3z8ZNj3T1RW0Gcw= 9 | cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= 10 | cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= 11 | cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= 12 | cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= 13 | dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= 14 | github.com/Azure/azure-sdk-for-go v35.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= 15 | github.com/Azure/azure-sdk-for-go v38.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= 16 | github.com/Azure/azure-sdk-for-go v46.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= 17 | github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= 18 | github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= 19 | github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= 20 | github.com/Azure/go-autorest/autorest v0.9.3/go.mod h1:GsRuLYvwzLjjjRoWEIyMUaYq8GNUx2nRB378IPt/1p0= 21 | github.com/Azure/go-autorest/autorest v0.9.6/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630= 22 | github.com/Azure/go-autorest/autorest v0.11.0/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= 23 | github.com/Azure/go-autorest/autorest v0.11.5/go.mod h1:foo3aIXRQ90zFve3r0QiDsrjGDUwWhKl0ZOQy1CT14k= 24 | github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= 25 | github.com/Azure/go-autorest/autorest/adal v0.8.0/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc= 26 | github.com/Azure/go-autorest/autorest/adal v0.8.1/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= 27 | github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= 28 | github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= 29 | github.com/Azure/go-autorest/autorest/adal v0.9.2/go.mod h1:/3SMAM86bP6wC9Ev35peQDUeqFZBMH07vvUOmg4z/fE= 30 | github.com/Azure/go-autorest/autorest/azure/auth v0.5.1/go.mod h1:ea90/jvmnAwDrSooLH4sRIehEPtG/EPUXavDh31MnA4= 31 | github.com/Azure/go-autorest/autorest/azure/cli v0.4.0/go.mod h1:JljT387FplPzBA31vUcvsetLKF3pec5bdAxjVU4kI2s= 32 | github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= 33 | github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g= 34 | github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= 35 | github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= 36 | github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= 37 | github.com/Azure/go-autorest/autorest/mocks v0.3.0/go.mod h1:a8FDP3DYzQ4RYfVAxAN3SVSiiO77gL2j2ronKKP0syM= 38 | github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= 39 | github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= 40 | github.com/Azure/go-autorest/autorest/to v0.2.0/go.mod h1:GunWKJp1AEqgMaGLV+iocmRAJWqST1wQYhyyjXJ3SJc= 41 | github.com/Azure/go-autorest/autorest/to v0.3.0/go.mod h1:MgwOyqaIuKdG4TL/2ywSsIWKAfJfgHDo8ObuUk3t5sA= 42 | github.com/Azure/go-autorest/autorest/validation v0.1.0/go.mod h1:Ha3z/SqBeaalWQvokg3NZAlQTalVMtOIAs1aGK7G6u8= 43 | github.com/Azure/go-autorest/autorest/validation v0.3.0/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= 44 | github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= 45 | github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= 46 | github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= 47 | github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= 48 | github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= 49 | github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= 50 | github.com/GoogleCloudPlatform/k8s-cloud-provider v0.0.0-20190822182118-27a4ced34534/go.mod h1:iroGtC8B3tQiqtds1l+mgk/BBOrxbqjH+eUfFQYRc14= 51 | github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= 52 | github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= 53 | github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= 54 | github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= 55 | github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= 56 | github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= 57 | github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= 58 | github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= 59 | github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= 60 | github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= 61 | github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= 62 | github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= 63 | github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= 64 | github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= 65 | github.com/aws/aws-sdk-go v1.16.26/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= 66 | github.com/aws/aws-sdk-go v1.27.1/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= 67 | github.com/aws/aws-sdk-go v1.38.28/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= 68 | github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= 69 | github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= 70 | github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= 71 | github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= 72 | github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= 73 | github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= 74 | github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= 75 | github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= 76 | github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= 77 | github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= 78 | github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= 79 | github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= 80 | github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= 81 | github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= 82 | github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= 83 | github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= 84 | github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= 85 | github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= 86 | github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= 87 | github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= 88 | github.com/coreos/pkg v0.0.0-20180108230652-97fdf19511ea/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= 89 | github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= 90 | github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= 91 | github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= 92 | github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= 93 | github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 94 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 95 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 96 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 97 | github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= 98 | github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= 99 | github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= 100 | github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= 101 | github.com/docker/cli v0.0.0-20200109221225-a4f60165b7a3/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= 102 | github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= 103 | github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= 104 | github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= 105 | github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= 106 | github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= 107 | github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= 108 | github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= 109 | github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= 110 | github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= 111 | github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= 112 | github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= 113 | github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= 114 | github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= 115 | github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= 116 | github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= 117 | github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= 118 | github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= 119 | github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= 120 | github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= 121 | github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= 122 | github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= 123 | github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= 124 | github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= 125 | github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= 126 | github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= 127 | github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= 128 | github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= 129 | github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= 130 | github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= 131 | github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= 132 | github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= 133 | github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= 134 | github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= 135 | github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= 136 | github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= 137 | github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= 138 | github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= 139 | github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= 140 | github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= 141 | github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= 142 | github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= 143 | github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= 144 | github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= 145 | github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= 146 | github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= 147 | github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= 148 | github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= 149 | github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= 150 | github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= 151 | github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= 152 | github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= 153 | github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= 154 | github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= 155 | github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= 156 | github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= 157 | github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= 158 | github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= 159 | github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= 160 | github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= 161 | github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 162 | github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 163 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 164 | github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 165 | github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 166 | github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= 167 | github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= 168 | github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= 169 | github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= 170 | github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= 171 | github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= 172 | github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= 173 | github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= 174 | github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= 175 | github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= 176 | github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= 177 | github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 178 | github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 179 | github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 180 | github.com/google/go-containerregistry v0.0.0-20200110202235-f4fb41bf00a3/go.mod h1:2wIuQute9+hhWqvL3vEI7YB0EKluF4WcPzI1eAliazk= 181 | github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= 182 | github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= 183 | github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= 184 | github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= 185 | github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= 186 | github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= 187 | github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= 188 | github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= 189 | github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 190 | github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 191 | github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= 192 | github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= 193 | github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= 194 | github.com/googleapis/gnostic v0.2.2/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= 195 | github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= 196 | github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= 197 | github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= 198 | github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= 199 | github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= 200 | github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= 201 | github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= 202 | github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= 203 | github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= 204 | github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78= 205 | github.com/gruntwork-io/terratest v0.37.8 h1:XCkznySLTQfQiASqgHeqc47aT9xb3zdx4Gv6kN47bWc= 206 | github.com/gruntwork-io/terratest v0.37.8/go.mod h1:CSHpZNJdqYQ+TUrigM100jcahRUV5X6w7K2kZJ8iylY= 207 | github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= 208 | github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= 209 | github.com/hashicorp/go-multierror v1.1.0 h1:B9UzwGQJehnUY1yNrnwREHc3fGbC2xefo8g4TbElacI= 210 | github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= 211 | github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= 212 | github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= 213 | github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= 214 | github.com/hashicorp/golang-lru v0.5.3/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= 215 | github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= 216 | github.com/hashicorp/hcl/v2 v2.8.2/go.mod h1:bQTN5mpo+jewjJgh8jr0JUguIi7qPHUF6yIfAEN3jqY= 217 | github.com/hashicorp/terraform-json v0.12.0/go.mod h1:pmbq9o4EuL43db5+0ogX10Yofv1nozM+wskr/bGFJpI= 218 | github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= 219 | github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= 220 | github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= 221 | github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= 222 | github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= 223 | github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= 224 | github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= 225 | github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= 226 | github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= 227 | github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= 228 | github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= 229 | github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= 230 | github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= 231 | github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= 232 | github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= 233 | github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= 234 | github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= 235 | github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= 236 | github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= 237 | github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= 238 | github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= 239 | github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= 240 | github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= 241 | github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= 242 | github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= 243 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= 244 | github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= 245 | github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= 246 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 247 | github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= 248 | github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= 249 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 250 | github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= 251 | github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= 252 | github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= 253 | github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= 254 | github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= 255 | github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= 256 | github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= 257 | github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= 258 | github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= 259 | github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= 260 | github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= 261 | github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= 262 | github.com/mattn/go-zglob v0.0.1/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= 263 | github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= 264 | github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= 265 | github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= 266 | github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= 267 | github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= 268 | github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= 269 | github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= 270 | github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= 271 | github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= 272 | github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= 273 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= 274 | github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= 275 | github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= 276 | github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= 277 | github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= 278 | github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= 279 | github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= 280 | github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= 281 | github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= 282 | github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= 283 | github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 284 | github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 285 | github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 286 | github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 287 | github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 288 | github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= 289 | github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= 290 | github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= 291 | github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= 292 | github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= 293 | github.com/oracle/oci-go-sdk v7.1.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888= 294 | github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= 295 | github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= 296 | github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 297 | github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 298 | github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 299 | github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 300 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 301 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 302 | github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= 303 | github.com/pquerna/otp v1.2.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= 304 | github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= 305 | github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= 306 | github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= 307 | github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= 308 | github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= 309 | github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= 310 | github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= 311 | github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= 312 | github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= 313 | github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= 314 | github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= 315 | github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= 316 | github.com/rubiojr/go-vhd v0.0.0-20160810183302-0bfd3b39853c/go.mod h1:DM5xW0nvfNNm2uytzsvhI3OnX8uzaRAg8UX/CnDqbto= 317 | github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= 318 | github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= 319 | github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= 320 | github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= 321 | github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= 322 | github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= 323 | github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= 324 | github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= 325 | github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= 326 | github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= 327 | github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= 328 | github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= 329 | github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= 330 | github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= 331 | github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= 332 | github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= 333 | github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= 334 | github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 335 | github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 336 | github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 337 | github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 338 | github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= 339 | github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= 340 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 341 | github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 342 | github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= 343 | github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= 344 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= 345 | github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= 346 | github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= 347 | github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= 348 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 349 | github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= 350 | github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= 351 | github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= 352 | github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= 353 | github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= 354 | github.com/vdemeester/k8s-pkg-credentialprovider v0.0.0-20200107171650-7c61ffa44238/go.mod h1:JwQJCMWpUDqjZrB5jpw0f5VbN7U95zxFy1ZDpoEarGo= 355 | github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= 356 | github.com/vmware/govmomi v0.20.3/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59bHWk6aFU= 357 | github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= 358 | github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= 359 | github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= 360 | github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= 361 | github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= 362 | go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= 363 | go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= 364 | go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= 365 | go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= 366 | go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= 367 | go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= 368 | go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= 369 | go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= 370 | golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 371 | golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 372 | golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 373 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 374 | golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 375 | golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 376 | golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 377 | golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 378 | golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 379 | golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 380 | golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= 381 | golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= 382 | golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= 383 | golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= 384 | golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= 385 | golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= 386 | golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= 387 | golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= 388 | golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= 389 | golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= 390 | golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= 391 | golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= 392 | golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= 393 | golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= 394 | golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= 395 | golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= 396 | golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= 397 | golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= 398 | golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= 399 | golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= 400 | golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= 401 | golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= 402 | golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= 403 | golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= 404 | golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 405 | golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 406 | golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 407 | golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 408 | golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 409 | golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 410 | golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 411 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 412 | golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 413 | golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 414 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 415 | golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 416 | golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 417 | golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= 418 | golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 419 | golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 420 | golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 421 | golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 422 | golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 423 | golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 424 | golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 425 | golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 426 | golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= 427 | golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= 428 | golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= 429 | golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= 430 | golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= 431 | golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= 432 | golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= 433 | golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= 434 | golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= 435 | golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= 436 | golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 437 | golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 438 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 439 | golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 440 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 441 | golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 442 | golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 443 | golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 444 | golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 445 | golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 446 | golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 447 | golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 448 | golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 449 | golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 450 | golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 451 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 452 | golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 453 | golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 454 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 455 | golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 456 | golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 457 | golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 458 | golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 459 | golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 460 | golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 461 | golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 462 | golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 463 | golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 464 | golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 465 | golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 466 | golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 467 | golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 468 | golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 469 | golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 470 | golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 471 | golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 472 | golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 473 | golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 474 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 475 | golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 476 | golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= 477 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 478 | golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 479 | golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 480 | golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 481 | golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 482 | golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 483 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 484 | golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 485 | golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 486 | golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 487 | golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 488 | golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= 489 | golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= 490 | golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= 491 | golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= 492 | golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= 493 | golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= 494 | golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= 495 | golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 496 | golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 497 | golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 498 | golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 499 | golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= 500 | golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 501 | golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 502 | golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 503 | golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 504 | golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 505 | golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 506 | golang.org/x/tools v0.0.0-20191205215504-7b8c8591a921/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 507 | golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= 508 | golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= 509 | golang.org/x/tools v0.0.0-20201110201400-7099162a900a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= 510 | golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 511 | golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 512 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 513 | golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 514 | gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485/go.mod h1:2ltnJ7xHfj0zHS40VVPYEAAMTa3ZGguvHGBSJeRWqE0= 515 | gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= 516 | gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e/go.mod h1:kS+toOQn6AQKjmKJ7gzohV1XkqsFehRA2FbsbkopSuQ= 517 | google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= 518 | google.golang.org/api v0.6.1-0.20190607001116-5213b8090861/go.mod h1:btoxGiFvQNVUZQ8W08zLtrVS08CNpINPEfxXxgJL1Q4= 519 | google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= 520 | google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= 521 | google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= 522 | google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= 523 | google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= 524 | google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 525 | google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 526 | google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= 527 | google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= 528 | google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= 529 | google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 530 | google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 531 | google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 532 | google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 533 | google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= 534 | google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= 535 | google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= 536 | google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= 537 | google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= 538 | google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= 539 | google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= 540 | google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= 541 | google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= 542 | google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= 543 | google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= 544 | google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= 545 | google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= 546 | google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= 547 | google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= 548 | google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= 549 | google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= 550 | google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= 551 | google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= 552 | google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= 553 | google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= 554 | google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= 555 | gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= 556 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 557 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 558 | gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= 559 | gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 560 | gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= 561 | gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= 562 | gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= 563 | gopkg.in/gcfg.v1 v1.2.0/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o= 564 | gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= 565 | gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= 566 | gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= 567 | gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= 568 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= 569 | gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= 570 | gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= 571 | gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 572 | gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 573 | gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 574 | gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 575 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= 576 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 577 | gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= 578 | honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 579 | honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 580 | honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 581 | honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 582 | honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= 583 | k8s.io/api v0.17.0/go.mod h1:npsyOePkeP0CPwyGfXDHxvypiYMJxBWAMpQxCaJ4ZxI= 584 | k8s.io/api v0.19.3/go.mod h1:VF+5FT1B74Pw3KxMdKyinLo+zynBaMBiAfGMuldcNDs= 585 | k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg= 586 | k8s.io/apimachinery v0.19.3/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= 587 | k8s.io/apiserver v0.17.0/go.mod h1:ABM+9x/prjINN6iiffRVNCBR2Wk7uY4z+EtEGZD48cg= 588 | k8s.io/client-go v0.17.0/go.mod h1:TYgR6EUHs6k45hb6KWjVD6jFZvJV4gHDikv/It0xz+k= 589 | k8s.io/client-go v0.19.3/go.mod h1:+eEMktZM+MG0KO+PTkci8xnbCZHvj9TqR6Q1XDUIJOM= 590 | k8s.io/cloud-provider v0.17.0/go.mod h1:Ze4c3w2C0bRsjkBUoHpFi+qWe3ob1wI2/7cUn+YQIDE= 591 | k8s.io/code-generator v0.0.0-20191121015212-c4c8f8345c7e/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= 592 | k8s.io/component-base v0.17.0/go.mod h1:rKuRAokNMY2nn2A6LP/MiwpoaMRHpfRnrPaUJJj1Yoc= 593 | k8s.io/csi-translation-lib v0.17.0/go.mod h1:HEF7MEz7pOLJCnxabi45IPkhSsE/KmxPQksuCrHKWls= 594 | k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= 595 | k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= 596 | k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= 597 | k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= 598 | k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= 599 | k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= 600 | k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= 601 | k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= 602 | k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= 603 | k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= 604 | k8s.io/legacy-cloud-providers v0.17.0/go.mod h1:DdzaepJ3RtRy+e5YhNtrCYwlgyK87j/5+Yfp0L9Syp8= 605 | k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= 606 | k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= 607 | modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= 608 | modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= 609 | modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= 610 | modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= 611 | modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= 612 | rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= 613 | sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= 614 | sigs.k8s.io/structured-merge-diff v1.0.1-0.20191108220359-b1b620dd3f06/go.mod h1:/ULNhyfzRopfcjskuui0cTITekDduZ7ycKN3oUT9R18= 615 | sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= 616 | sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= 617 | sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= 618 | -------------------------------------------------------------------------------- /docker/index.html: -------------------------------------------------------------------------------- 1 | Hello, World! -------------------------------------------------------------------------------- /docker/recommended_label_rules.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | profile: 3 | name: "Label" 4 | description: "Label checking rule file." 5 | line_rules: 6 | LABEL: 7 | paramSyntaxRegex: /.+/ 8 | # Use defined_label_rules to defined a set of labels for your dockerfile 9 | # In this example, the labels "Vendor","Authoritative_Registry","BZComponent" 10 | # have been defined. A label value is 'valid' if matches the regular 11 | # expression 'valueRegex', otherwise an warn is logged with the string "message" 12 | # at level 'level'. 'reference_url' provides a web link where the user can 13 | # get more information about the rule. 14 | # 15 | defined_namevals: 16 | Name: 17 | valueRegex: /[\w]+/ 18 | message: "Label 'Name' is missing or has invalid format" 19 | level: "warn" 20 | required: true 21 | reference_url: 22 | - "http://docs.projectatomic.io/container-best-practices/#" 23 | - "_recommended_labels_for_your_project" 24 | Version: 25 | valueRegex: /[\w.${}()"'\\\/~<>\-?\%:]+/ 26 | message: "Label 'Version' is missing or has invalid format" 27 | level: "warn" 28 | required: true 29 | reference_url: 30 | - "http://docs.projectatomic.io/container-best-practices/#" 31 | - "_recommended_labels_for_your_project" 32 | Release: 33 | valueRegex: /[\w.${}()"'\\\/~<>\-?\%:]+/ 34 | message: "Label 'Release' is missing or has invalid format" 35 | level: "warn" 36 | required: true 37 | reference_url: 38 | - "http://docs.projectatomic.io/container-best-practices/#" 39 | - "_recommended_labels_for_your_project" 40 | Architecture: 41 | valueRegex: /[\w]*[6,8][4,6]|[.]*86[.]*64/ 42 | message: "Label 'Architecture' is missing or has invalid format: x86, i386, x86_64" 43 | level: "true" 44 | required: false 45 | reference_url: 46 | - "http://docs.projectatomic.io/container-best-practices/#" 47 | - "_recommended_labels_for_your_project" 48 | Vendor: 49 | valueRegex: /([\w]+).+/ 50 | message: "Label 'Vendor' is missing or has invalid format" 51 | level: "warn" 52 | required: true 53 | reference_url: 54 | - "http://docs.projectatomic.io/container-best-practices/#" 55 | - "_recommended_labels_for_your_project" 56 | 57 | # The 'required_instructions' lists mandatory instructions 58 | # 59 | #required_instructions: 60 | # 61 | # This rule says, you must have 1 "LABEL" instruction 62 | # - 63 | # instruction: "LABEL" 64 | # count: 1 65 | # level: "warn" 66 | # message: "No LABELs are defined" 67 | # description: "Labels are needed because...." 68 | # reference_url: 69 | # - "https://docs.docker.com/engine/reference/builder/" 70 | # - "#label" 71 | 72 | -------------------------------------------------------------------------------- /docker/security_rules.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | profile: 3 | name: "Security Rules" 4 | description: "Set of rules focus on security aspects of Dockerfiles" 5 | line_rules: 6 | ADD: 7 | paramSyntaxRegex: /^~?([\w-.~:/?#\[\]\\\/*@!$&'()*+,;=.{}"]+[\s]*)+$/ 8 | rules: 9 | - 10 | label: "no_add_without_https" 11 | regex: /http\:\/\/.*/ 12 | level: "warn" 13 | message: "ADD is using a non-HTTPS url as source" 14 | description: "Using a URL without HTTPS can lead to MITM attacks on your infrastructure" 15 | RUN: 16 | paramSyntaxRegex: /.+/ 17 | rules: 18 | - 19 | label: "no_run_without_https" 20 | regex: /http\:\/\/.*/g 21 | level: "warn" 22 | message: "RUN is referencing a non-HTTPS url" 23 | description: "Using a URL without HTTPS can lead to MITM attacks on your infrastructure" 24 | - 25 | label: "no_run_with_sudo" 26 | regex: /sudo/ 27 | level: "warn" 28 | message: "Sudo has dangerous side effects" 29 | description: "Using sudo may lead to privilige escalation" 30 | USER: 31 | paramSyntaxRegex: /^[a-z0-9_][a-z0-9_]{0,40}$/ 32 | rules: 33 | - 34 | label: "root_user" 35 | regex: /root|0/ 36 | level: "error" 37 | message: "Running as a root user" 38 | description: "Containers should not run as root. Create a separate user instead." 39 | reference_url: 40 | - "https://medium.com/@mccode/processes-in-containers-should-not-run-as-root-2feae3f0df3b" 41 | required_instructions: 42 | - 43 | instruction: "USER" 44 | count: 1 45 | level: "warn" 46 | message: "No 'USER' instruction in the file" 47 | description: "If a USER command is not specified, the container may be running as the root user" 48 | reference_url: 49 | - "https://medium.com/@mccode/processes-in-containers-should-not-run-as-root-2feae3f0df3b" 50 | -------------------------------------------------------------------------------- /docker/structure_test.yaml: -------------------------------------------------------------------------------- 1 | schemaVersion: '2.0.0' # Make sure to test the latest schema version 2 | commandTests: 3 | - name: 'path' 4 | command: 'sh' 5 | args: ['-c', 'echo $PATH'] 6 | expectedOutput: ['/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'] 7 | fileContentTests: 8 | - name: 'Index HTML' 9 | expectedContents: ['Hello, World!'] 10 | path: '/usr/share/nginx/html/index.html' 11 | - name: 'Passwd file' 12 | expectedContents: ['root:x:0:0:root:/root:/bin/bash'] 13 | path: '/etc/passwd' 14 | fileExistenceTests: 15 | - name: 'Root' 16 | path: '/' 17 | shouldExist: true 18 | uid: 0 19 | gid: 0 20 | - name: 'Hosts File' 21 | path: '/etc/hosts' 22 | shouldExist: true 23 | - name: 'Dummy File' 24 | path: '/etc/dummy' 25 | shouldExist: false -------------------------------------------------------------------------------- /kubernetes/README.md: -------------------------------------------------------------------------------- 1 | # Testing Kubernetes YAML Definitions 2 | 3 | ## kubeval 4 | 5 | ```bash 6 | # see https://www.kubeval.com 7 | 8 | $ kubeval nginx-deployment.yaml 9 | ``` 10 | 11 | ## kubeconform 12 | 13 | ```bash 14 | # see https://github.com/yannh/kubeconform 15 | $ brew install kubeconform 16 | $ kubeconform nginx-deployment.yaml 17 | ``` 18 | 19 | ## kube-score 20 | 21 | ```bash 22 | # see https://github.com/zegl/kube-score 23 | 24 | $ kubectl score nginx-deployment.yaml 25 | $ kubectl score nginx-deployment.yaml --exit-one-on-warning 26 | $ kubectl score nginx-deployment.yaml --output-format ci 27 | ``` 28 | 29 | ## Snyk 30 | 31 | ```bash 32 | # see https://docs.snyk.io/snyk-cli/install-the-snyk-cli 33 | $ snyk iac test nginx-deployment.yaml 34 | ``` 35 | 36 | ## Checkov 37 | 38 | ```bash 39 | # see https://github.com/bridgecrewio/checkov 40 | $ checkov -f nginx-deployment.yaml 41 | ``` 42 | 43 | ## Kustomize 44 | 45 | Keep our YAML redundancy free (DRY) using Kustomize. 46 | 47 | ```bash 48 | $ kustomize build kustomize/overlays/prod/ 49 | $ kubectl apply -k kustomize/overlays/prod/ 50 | ``` 51 | 52 | ## Terratest 53 | 54 | ```bash 55 | # see https://terratest.gruntwork.io/docs/getting-started/quick-start/#example-4-kubernetes 56 | $ make cluster 57 | $ go test 58 | ``` 59 | -------------------------------------------------------------------------------- /kubernetes/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/lreimer/iac-testing/kubernetes 2 | 3 | go 1.16 4 | 5 | require ( 6 | github.com/gruntwork-io/terratest v0.37.8 7 | github.com/stretchr/testify v1.4.0 8 | ) 9 | -------------------------------------------------------------------------------- /kubernetes/kubernetes_nginx_deployment_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "strings" 6 | "testing" 7 | "time" 8 | 9 | http_helper "github.com/gruntwork-io/terratest/modules/http-helper" 10 | 11 | "github.com/stretchr/testify/require" 12 | 13 | "github.com/gruntwork-io/terratest/modules/k8s" 14 | "github.com/gruntwork-io/terratest/modules/random" 15 | ) 16 | 17 | func TestKubernetesNginxDeployment(t *testing.T) { 18 | t.Parallel() 19 | 20 | // Path to the Kubernetes resource config we will test. 21 | kubeResourcePath := "./nginx-deployment.yaml" 22 | 23 | namespaceName := fmt.Sprintf("kubernetes-nginx-deployment-%s", strings.ToLower(random.UniqueId())) 24 | 25 | // Setup the kubectl config and context in random test namespace 26 | options := k8s.NewKubectlOptions("", "", namespaceName) 27 | 28 | k8s.CreateNamespace(t, options, namespaceName) 29 | defer k8s.DeleteNamespace(t, options, namespaceName) 30 | 31 | // At the end of the test, run "kubectl delete" to clean up any resources that were created. 32 | defer k8s.KubectlDelete(t, options, kubeResourcePath) 33 | 34 | // Run `kubectl apply` to deploy. Fail the test if there are any errors. 35 | k8s.KubectlApply(t, options, kubeResourcePath) 36 | 37 | // Verify the service is available and get the URL for it. 38 | k8s.WaitUntilServiceAvailable(t, options, "nginx-service", 30, 5*time.Second) 39 | 40 | service := k8s.GetService(t, options, "nginx-service") 41 | require.Equal(t, service.Name, "nginx-service") 42 | 43 | // Make an HTTP request to the URL and make sure it returns a 200 OK with the body "Hello, World". 44 | url := fmt.Sprintf("http://%s", k8s.GetServiceEndpoint(t, options, service, 18080)) 45 | http_helper.HttpGetWithRetry(t, url, nil, 200, "Hello world!", 5, 3*time.Second) 46 | } 47 | -------------------------------------------------------------------------------- /kubernetes/kustomize/base/common.properties: -------------------------------------------------------------------------------- 1 | name=Clean Infrastructure as Code 2 | -------------------------------------------------------------------------------- /kubernetes/kustomize/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | commonLabels: 5 | app: clean-infrastructure-as-code 6 | 7 | namespace: default 8 | nameSuffix: -v1 9 | 10 | resources: 11 | - microservice-deployment.yaml 12 | - microservice-service.yaml 13 | 14 | configMapGenerator: 15 | - name: microservice-configmap 16 | files: 17 | - common.properties 18 | literals: 19 | - DEFAULT_MESSAGE=Hello World. 20 | -------------------------------------------------------------------------------- /kubernetes/kustomize/base/microservice-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: clean-infrastructure-as-code 5 | labels: 6 | type: microservice 7 | env: local 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | type: microservice 13 | template: 14 | metadata: 15 | labels: 16 | type: microservice 17 | env: local 18 | spec: 19 | containers: 20 | - name: microservice 21 | image: lreimer/productive-cloud-native-devex 22 | envFrom: 23 | - configMapRef: 24 | name: microservice-configmap 25 | ports: 26 | - containerPort: 8080 27 | -------------------------------------------------------------------------------- /kubernetes/kustomize/base/microservice-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: clean-infrastructure-as-code 5 | labels: 6 | type: microservice 7 | env: local 8 | spec: 9 | ports: 10 | - port: 8080 11 | name: http 12 | selector: 13 | type: microservice 14 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/dev/hoverfly-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | labels: 5 | type: hoverfly 6 | name: hoverfly 7 | spec: 8 | replicas: 1 9 | selector: 10 | matchLabels: 11 | type: hoverfly 12 | template: 13 | metadata: 14 | labels: 15 | type: hoverfly 16 | spec: 17 | containers: 18 | - name: hoverfly 19 | image: spectolabs/hoverfly:v1.3.2 20 | ports: 21 | - containerPort: 8500 22 | - containerPort: 8888 23 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/dev/hoverfly-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | type: hoverfly 6 | name: hoverfly 7 | spec: 8 | ports: 9 | - name: proxy 10 | port: 8500 11 | targetPort: 8500 12 | - name: webserver 13 | port: 8888 14 | targetPort: 8888 15 | selector: 16 | type: hoverfly 17 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/dev/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | commonLabels: 5 | env: dev 6 | 7 | namePrefix: dev- 8 | 9 | bases: 10 | # you can also specify a Git repo URL here 11 | # deprecated, move to resources when working with kubectl apply -k 12 | - ../../base 13 | 14 | resources: 15 | - hoverfly-deployment.yaml 16 | - hoverfly-service.yaml 17 | 18 | configMapGenerator: 19 | - name: microservice-configmap 20 | behavior: merge 21 | files: 22 | - microservice.properties 23 | literals: 24 | - DEFAULT_MESSAGE=Hello World DEV. 25 | - PORT=8080 26 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/dev/microservice.properties: -------------------------------------------------------------------------------- 1 | default.message=Hello World DEV. 2 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/int/2-replicas.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: clean-infrastructure-as-code 5 | spec: 6 | replicas: 2 7 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/int/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | commonLabels: 5 | env: int 6 | 7 | namePrefix: int- 8 | 9 | bases: 10 | # you can also specify a Git repo URL here 11 | # deprecated, move to resources when working with kubectl apply -k 12 | - ../../base 13 | 14 | patchesStrategicMerge: 15 | - 2-replicas.yaml 16 | 17 | configMapGenerator: 18 | - name: microservice-configmap 19 | behavior: merge 20 | files: 21 | - microservice.properties 22 | literals: 23 | - DEFAULT_MESSAGE=Hello World INT. 24 | - PORT=8080 25 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/int/microservice.properties: -------------------------------------------------------------------------------- 1 | default.message=Hello World INT. 2 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/prod/4-replicas.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: clean-infrastructure-as-code 5 | spec: 6 | replicas: 4 7 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | commonLabels: 5 | env: prod 6 | 7 | namePrefix: prod- 8 | 9 | bases: 10 | # you can also specify a Git repo URL here 11 | # deprecated, move to resources when working with kubectl apply -k 12 | - ../../base 13 | 14 | patchesStrategicMerge: 15 | - 4-replicas.yaml 16 | - probes.yaml 17 | 18 | patchesJson6902: 19 | - target: 20 | version: v1 21 | kind: Service 22 | name: clean-infrastructure-as-code 23 | path: loadbalancer.yaml 24 | 25 | configMapGenerator: 26 | - name: microservice-configmap 27 | behavior: merge 28 | files: 29 | - microservice.properties 30 | literals: 31 | - DEFAULT_MESSAGE=Hello World PROD. 32 | - PORT=8080 33 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/prod/loadbalancer.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/type 3 | value: LoadBalancer -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/prod/microservice.properties: -------------------------------------------------------------------------------- 1 | default.message=Hello World PROD. 2 | -------------------------------------------------------------------------------- /kubernetes/kustomize/overlays/prod/probes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: clean-infrastructure-as-code 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: microservice 10 | livenessProbe: 11 | httpGet: 12 | path: /health 13 | port: 8080 14 | initialDelaySeconds: 30 15 | periodSeconds: 3 16 | readinessProbe: 17 | initialDelaySeconds: 30 18 | periodSeconds: 10 19 | httpGet: 20 | path: / 21 | port: 8080 22 | -------------------------------------------------------------------------------- /kubernetes/nginx-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: nginx-service 5 | spec: 6 | type: LoadBalancer 7 | # type: NodePort 8 | ports: 9 | - port: 18080 10 | targetPort: 80 11 | protocol: TCP 12 | selector: 13 | app: nginx 14 | --- 15 | apiVersion: apps/v1 16 | kind: Deployment 17 | metadata: 18 | name: nginx-deployment 19 | spec: 20 | selector: 21 | matchLabels: 22 | app: nginx 23 | replicas: 2 24 | template: 25 | metadata: 26 | labels: 27 | app: nginx 28 | spec: 29 | containers: 30 | - name: nginx 31 | image: nginx:1.19.4-alpine 32 | ports: 33 | - containerPort: 80 34 | -------------------------------------------------------------------------------- /pulumi/.gitignore: -------------------------------------------------------------------------------- 1 | /bin/ 2 | /node_modules/ 3 | /.pulumi/ -------------------------------------------------------------------------------- /pulumi/README.md: -------------------------------------------------------------------------------- 1 | # Infrastructure as Software with Pulumi 2 | 3 | For the complete list of different examples and working projects have a look at https://github.com/pulumi/examples.git 4 | -------------------------------------------------------------------------------- /pulumi/aws-ts-eks/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2016-2019, Pulumi Corporation. All rights reserved. 2 | 3 | import * as awsx from "@pulumi/awsx"; 4 | import * as eks from "@pulumi/eks"; 5 | 6 | // Create a VPC for our cluster. 7 | const vpc = new awsx.ec2.Vpc("vpc", { numberOfAvailabilityZones: 2 }); 8 | 9 | // Create the EKS cluster itself and a deployment of the Kubernetes dashboard. 10 | const cluster = new eks.Cluster("cluster", { 11 | vpcId: vpc.id, 12 | subnetIds: vpc.publicSubnetIds, 13 | instanceType: "t2.medium", 14 | desiredCapacity: 2, 15 | minSize: 1, 16 | maxSize: 2, 17 | }); 18 | 19 | // Export the cluster's kubeconfig. 20 | export const kubeconfig = cluster.kubeconfig; 21 | -------------------------------------------------------------------------------- /pulumi/aws-ts-fargate/.gitignore: -------------------------------------------------------------------------------- 1 | /bin/ 2 | /node_modules/ 3 | -------------------------------------------------------------------------------- /pulumi/aws-ts-fargate/Pulumi.dev.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | aws:region: eu-central-1 3 | -------------------------------------------------------------------------------- /pulumi/aws-ts-fargate/Pulumi.yaml: -------------------------------------------------------------------------------- 1 | name: pulumi-fargate 2 | runtime: nodejs 3 | description: A minimal AWS TypeScript Pulumi program 4 | -------------------------------------------------------------------------------- /pulumi/aws-ts-fargate/app/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM nginx:1.19.3-alpine 2 | COPY index.html /usr/share/nginx/html -------------------------------------------------------------------------------- /pulumi/aws-ts-fargate/app/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | Hello Fargate 4 | 5 | 6 |

Hello AWS Fargate!

7 |

Made with ❤️ with Pulumi

8 | 9 | -------------------------------------------------------------------------------- /pulumi/aws-ts-fargate/index.ts: -------------------------------------------------------------------------------- 1 | import * as awsx from "@pulumi/awsx"; 2 | 3 | // Build and publish the image to ECR 4 | const repo = new awsx.ecr.Repository("nginx-pulumi"); 5 | const nginxImage = repo.buildAndPushImage("./app"); 6 | 7 | // Create a load balancer to listen for requests and route them to the container. 8 | let lb = new awsx.lb.NetworkListener("nginx", { port: 80 }); 9 | 10 | // Define the service, building and publishing our "./app/Dockerfile", and using the load balancer. 11 | let service = new awsx.ecs.FargateService("nginx", { 12 | taskDefinitionArgs: { 13 | containers: { 14 | nginx: { 15 | // alternatively, if we do not need the image and ECR 16 | image: awsx.ecr.buildAndPushImage("app", "./app").image(), 17 | memory: 512, 18 | portMappings: [ lb ], 19 | }, 20 | }, 21 | }, 22 | desiredCount: 2, 23 | }); 24 | 25 | // Export the URL so we can easily access it. 26 | export const url = lb.endpoint.hostname; 27 | -------------------------------------------------------------------------------- /pulumi/aws-ts-fargate/package-lock.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "pulumi-fargate", 3 | "requires": true, 4 | "lockfileVersion": 1, 5 | "dependencies": { 6 | "@grpc/grpc-js": { 7 | "version": "0.6.18", 8 | "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-0.6.18.tgz", 9 | "integrity": "sha512-uAzv/tM8qpbf1vpx1xPMfcUMzbfdqJtdCYAqY/LsLeQQlnTb4vApylojr+wlCyr7bZeg3AFfHvtihnNOQQt/nA==", 10 | "requires": { 11 | "semver": "^6.2.0" 12 | } 13 | }, 14 | "@protobufjs/aspromise": { 15 | "version": "1.1.2", 16 | "resolved": "https://registry.npmjs.org/@protobufjs/aspromise/-/aspromise-1.1.2.tgz", 17 | "integrity": "sha1-m4sMxmPWaafY9vXQiToU00jzD78=" 18 | }, 19 | "@protobufjs/base64": { 20 | "version": "1.1.2", 21 | "resolved": "https://registry.npmjs.org/@protobufjs/base64/-/base64-1.1.2.tgz", 22 | "integrity": "sha512-AZkcAA5vnN/v4PDqKyMR5lx7hZttPDgClv83E//FMNhR2TMcLUhfRUBHCmSl0oi9zMgDDqRUJkSxO3wm85+XLg==" 23 | }, 24 | "@protobufjs/codegen": { 25 | "version": "2.0.4", 26 | "resolved": "https://registry.npmjs.org/@protobufjs/codegen/-/codegen-2.0.4.tgz", 27 | "integrity": "sha512-YyFaikqM5sH0ziFZCN3xDC7zeGaB/d0IUb9CATugHWbd1FRFwWwt4ld4OYMPWu5a3Xe01mGAULCdqhMlPl29Jg==" 28 | }, 29 | "@protobufjs/eventemitter": { 30 | "version": "1.1.0", 31 | "resolved": "https://registry.npmjs.org/@protobufjs/eventemitter/-/eventemitter-1.1.0.tgz", 32 | "integrity": "sha1-NVy8mLr61ZePntCV85diHx0Ga3A=" 33 | }, 34 | "@protobufjs/fetch": { 35 | "version": "1.1.0", 36 | "resolved": "https://registry.npmjs.org/@protobufjs/fetch/-/fetch-1.1.0.tgz", 37 | "integrity": "sha1-upn7WYYUr2VwDBYZ/wbUVLDYTEU=", 38 | "requires": { 39 | "@protobufjs/aspromise": "^1.1.1", 40 | "@protobufjs/inquire": "^1.1.0" 41 | } 42 | }, 43 | "@protobufjs/float": { 44 | "version": "1.0.2", 45 | "resolved": "https://registry.npmjs.org/@protobufjs/float/-/float-1.0.2.tgz", 46 | "integrity": "sha1-Xp4avctz/Ap8uLKR33jIy9l7h9E=" 47 | }, 48 | "@protobufjs/inquire": { 49 | "version": "1.1.0", 50 | "resolved": "https://registry.npmjs.org/@protobufjs/inquire/-/inquire-1.1.0.tgz", 51 | "integrity": "sha1-/yAOPnzyQp4tyvwRQIKOjMY48Ik=" 52 | }, 53 | "@protobufjs/path": { 54 | "version": "1.1.2", 55 | "resolved": "https://registry.npmjs.org/@protobufjs/path/-/path-1.1.2.tgz", 56 | "integrity": "sha1-bMKyDFya1q0NzP0hynZz2Nf79o0=" 57 | }, 58 | "@protobufjs/pool": { 59 | "version": "1.1.0", 60 | "resolved": "https://registry.npmjs.org/@protobufjs/pool/-/pool-1.1.0.tgz", 61 | "integrity": "sha1-Cf0V8tbTq/qbZbw2ZQbWrXhG/1Q=" 62 | }, 63 | "@protobufjs/utf8": { 64 | "version": "1.1.0", 65 | "resolved": "https://registry.npmjs.org/@protobufjs/utf8/-/utf8-1.1.0.tgz", 66 | "integrity": "sha1-p3c2C1s5oaLlEG+OhY8v0tBgxXA=" 67 | }, 68 | "@pulumi/aws": { 69 | "version": "3.6.1", 70 | "resolved": "https://registry.npmjs.org/@pulumi/aws/-/aws-3.6.1.tgz", 71 | "integrity": "sha512-4pjObQMTVXFkoIan/POQzVs2N2G/jAzsjE3vApjD4i2NJ8J52HlnDUpSDkqSOyEWb7IkNPzslNIB6Am5FVfbig==", 72 | "requires": { 73 | "@pulumi/pulumi": "^2.0.0", 74 | "aws-sdk": "^2.0.0", 75 | "builtin-modules": "3.0.0", 76 | "mime": "^2.0.0", 77 | "read-package-tree": "^5.2.1", 78 | "resolve": "^1.7.1" 79 | } 80 | }, 81 | "@pulumi/awsx": { 82 | "version": "0.22.0", 83 | "resolved": "https://registry.npmjs.org/@pulumi/awsx/-/awsx-0.22.0.tgz", 84 | "integrity": "sha512-A9GA9CelWRh8xtuINl6cpCMDnEVVtJ+RNvVArgXegYnNZltaYbHrQJKG6cAu/JOM+AD8WF5PVTFTbYNVFkPUsw==", 85 | "requires": { 86 | "@pulumi/docker": "^1.0.0 || ^2.0.0", 87 | "@types/aws-lambda": "^8.10.23", 88 | "mime": "^2.0.0" 89 | } 90 | }, 91 | "@pulumi/docker": { 92 | "version": "2.3.1", 93 | "resolved": "https://registry.npmjs.org/@pulumi/docker/-/docker-2.3.1.tgz", 94 | "integrity": "sha512-oT/l6copYSxRjT4Bqd3OUvDOK1aIJPfBAcHlCdOAId2YzQrBt7+/1QCgp1eia2PvTvzZs9bL2g1x4YwsekpT/g==", 95 | "requires": { 96 | "@pulumi/pulumi": "^2.0.0", 97 | "semver": "^5.4.0" 98 | }, 99 | "dependencies": { 100 | "semver": { 101 | "version": "5.7.1", 102 | "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", 103 | "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==" 104 | } 105 | } 106 | }, 107 | "@pulumi/pulumi": { 108 | "version": "2.11.2", 109 | "resolved": "https://registry.npmjs.org/@pulumi/pulumi/-/pulumi-2.11.2.tgz", 110 | "integrity": "sha512-Oeif9ZhhxXu+NaMDR9bUeS/LrAZ/rMyMv6zj/7yyO1dWqk49KctcyNM3EL4HylN4EkfRptM52M4IVs6WrkVoIA==", 111 | "requires": { 112 | "@grpc/grpc-js": "^0.6.15", 113 | "@pulumi/query": "^0.3.0", 114 | "google-protobuf": "^3.5.0", 115 | "minimist": "^1.2.0", 116 | "normalize-package-data": "^2.4.0", 117 | "protobufjs": "^6.8.6", 118 | "read-package-tree": "^5.3.1", 119 | "require-from-string": "^2.0.1", 120 | "semver": "^6.1.0", 121 | "source-map-support": "^0.4.16", 122 | "ts-node": "^7.0.1", 123 | "typescript": "~3.7.3", 124 | "upath": "^1.1.0" 125 | } 126 | }, 127 | "@pulumi/query": { 128 | "version": "0.3.0", 129 | "resolved": "https://registry.npmjs.org/@pulumi/query/-/query-0.3.0.tgz", 130 | "integrity": "sha512-xfo+yLRM2zVjVEA4p23IjQWzyWl1ZhWOGobsBqRpIarzLvwNH/RAGaoehdxlhx4X92302DrpdIFgTICMN4P38w==" 131 | }, 132 | "@types/aws-lambda": { 133 | "version": "8.10.63", 134 | "resolved": "https://registry.npmjs.org/@types/aws-lambda/-/aws-lambda-8.10.63.tgz", 135 | "integrity": "sha512-XEE+3iJxyeCmZTUoHZRbnxSy8aMxXXwrALgsoDBGcgkbll+8bDfuk4XbIJ9Oaec/Pxee6rno6SGMiV6EbqhF+A==" 136 | }, 137 | "@types/long": { 138 | "version": "4.0.1", 139 | "resolved": "https://registry.npmjs.org/@types/long/-/long-4.0.1.tgz", 140 | "integrity": "sha512-5tXH6Bx/kNGd3MgffdmP4dy2Z+G4eaXw0SE81Tq3BNadtnMR5/ySMzX4SLEzHJzSmPNn4HIdpQsBvXMUykr58w==" 141 | }, 142 | "@types/node": { 143 | "version": "10.17.39", 144 | "resolved": "https://registry.npmjs.org/@types/node/-/node-10.17.39.tgz", 145 | "integrity": "sha512-dJLCxrpQmgyxYGcl0Ae9MTsQgI22qHHcGFj/8VKu7McJA5zQpnuGjoksnxbo1JxSjW/Nahnl13W8MYZf01CZHA==", 146 | "dev": true 147 | }, 148 | "arrify": { 149 | "version": "1.0.1", 150 | "resolved": "https://registry.npmjs.org/arrify/-/arrify-1.0.1.tgz", 151 | "integrity": "sha1-iYUI2iIm84DfkEcoRWhJwVAaSw0=" 152 | }, 153 | "asap": { 154 | "version": "2.0.6", 155 | "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", 156 | "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" 157 | }, 158 | "aws-sdk": { 159 | "version": "2.771.0", 160 | "resolved": "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.771.0.tgz", 161 | "integrity": "sha512-fqNGusCwkdemx3yFqvQbU1+xq/PB2wGq7EQIrrTZx/zxfXUp+7+PnrHzXtViCRghN0tylLghBfWYD4VcVcqi7g==", 162 | "requires": { 163 | "buffer": "4.9.2", 164 | "events": "1.1.1", 165 | "ieee754": "1.1.13", 166 | "jmespath": "0.15.0", 167 | "querystring": "0.2.0", 168 | "sax": "1.2.1", 169 | "url": "0.10.3", 170 | "uuid": "3.3.2", 171 | "xml2js": "0.4.19" 172 | } 173 | }, 174 | "balanced-match": { 175 | "version": "1.0.0", 176 | "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", 177 | "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=" 178 | }, 179 | "base64-js": { 180 | "version": "1.3.1", 181 | "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", 182 | "integrity": "sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g==" 183 | }, 184 | "brace-expansion": { 185 | "version": "1.1.11", 186 | "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", 187 | "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", 188 | "requires": { 189 | "balanced-match": "^1.0.0", 190 | "concat-map": "0.0.1" 191 | } 192 | }, 193 | "buffer": { 194 | "version": "4.9.2", 195 | "resolved": "https://registry.npmjs.org/buffer/-/buffer-4.9.2.tgz", 196 | "integrity": "sha512-xq+q3SRMOxGivLhBNaUdC64hDTQwejJ+H0T/NB1XMtTVEwNTrfFF3gAxiyW0Bu/xWEGhjVKgUcMhCrUy2+uCWg==", 197 | "requires": { 198 | "base64-js": "^1.0.2", 199 | "ieee754": "^1.1.4", 200 | "isarray": "^1.0.0" 201 | } 202 | }, 203 | "buffer-from": { 204 | "version": "1.1.1", 205 | "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", 206 | "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==" 207 | }, 208 | "builtin-modules": { 209 | "version": "3.0.0", 210 | "resolved": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-3.0.0.tgz", 211 | "integrity": "sha512-hMIeU4K2ilbXV6Uv93ZZ0Avg/M91RaKXucQ+4me2Do1txxBDyDZWCBa5bJSLqoNTRpXTLwEzIk1KmloenDDjhg==" 212 | }, 213 | "concat-map": { 214 | "version": "0.0.1", 215 | "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", 216 | "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" 217 | }, 218 | "debuglog": { 219 | "version": "1.0.1", 220 | "resolved": "https://registry.npmjs.org/debuglog/-/debuglog-1.0.1.tgz", 221 | "integrity": "sha1-qiT/uaw9+aI1GDfPstJ5NgzXhJI=" 222 | }, 223 | "define-properties": { 224 | "version": "1.1.3", 225 | "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.3.tgz", 226 | "integrity": "sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==", 227 | "requires": { 228 | "object-keys": "^1.0.12" 229 | } 230 | }, 231 | "dezalgo": { 232 | "version": "1.0.3", 233 | "resolved": "https://registry.npmjs.org/dezalgo/-/dezalgo-1.0.3.tgz", 234 | "integrity": "sha1-f3Qt4Gb8dIvI24IFad3c5Jvw1FY=", 235 | "requires": { 236 | "asap": "^2.0.0", 237 | "wrappy": "1" 238 | } 239 | }, 240 | "diff": { 241 | "version": "3.5.0", 242 | "resolved": "https://registry.npmjs.org/diff/-/diff-3.5.0.tgz", 243 | "integrity": "sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA==" 244 | }, 245 | "es-abstract": { 246 | "version": "1.17.7", 247 | "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.17.7.tgz", 248 | "integrity": "sha512-VBl/gnfcJ7OercKA9MVaegWsBHFjV492syMudcnQZvt/Dw8ezpcOHYZXa/J96O8vx+g4x65YKhxOwDUh63aS5g==", 249 | "requires": { 250 | "es-to-primitive": "^1.2.1", 251 | "function-bind": "^1.1.1", 252 | "has": "^1.0.3", 253 | "has-symbols": "^1.0.1", 254 | "is-callable": "^1.2.2", 255 | "is-regex": "^1.1.1", 256 | "object-inspect": "^1.8.0", 257 | "object-keys": "^1.1.1", 258 | "object.assign": "^4.1.1", 259 | "string.prototype.trimend": "^1.0.1", 260 | "string.prototype.trimstart": "^1.0.1" 261 | } 262 | }, 263 | "es-to-primitive": { 264 | "version": "1.2.1", 265 | "resolved": "https://registry.npmjs.org/es-to-primitive/-/es-to-primitive-1.2.1.tgz", 266 | "integrity": "sha512-QCOllgZJtaUo9miYBcLChTUaHNjJF3PYs1VidD7AwiEj1kYxKeQTctLAezAOH5ZKRH0g2IgPn6KwB4IT8iRpvA==", 267 | "requires": { 268 | "is-callable": "^1.1.4", 269 | "is-date-object": "^1.0.1", 270 | "is-symbol": "^1.0.2" 271 | } 272 | }, 273 | "events": { 274 | "version": "1.1.1", 275 | "resolved": "https://registry.npmjs.org/events/-/events-1.1.1.tgz", 276 | "integrity": "sha1-nr23Y1rQmccNzEwqH1AEKI6L2SQ=" 277 | }, 278 | "fs.realpath": { 279 | "version": "1.0.0", 280 | "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", 281 | "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" 282 | }, 283 | "function-bind": { 284 | "version": "1.1.1", 285 | "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", 286 | "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" 287 | }, 288 | "glob": { 289 | "version": "7.1.6", 290 | "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", 291 | "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", 292 | "requires": { 293 | "fs.realpath": "^1.0.0", 294 | "inflight": "^1.0.4", 295 | "inherits": "2", 296 | "minimatch": "^3.0.4", 297 | "once": "^1.3.0", 298 | "path-is-absolute": "^1.0.0" 299 | } 300 | }, 301 | "google-protobuf": { 302 | "version": "3.13.0", 303 | "resolved": "https://registry.npmjs.org/google-protobuf/-/google-protobuf-3.13.0.tgz", 304 | "integrity": "sha512-ZIf3qfLFayVrPvAjeKKxO5FRF1/NwRxt6Dko+fWEMuHwHbZx8/fcaAao9b0wCM6kr8qeg2te8XTpyuvKuD9aKw==" 305 | }, 306 | "graceful-fs": { 307 | "version": "4.2.4", 308 | "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz", 309 | "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==" 310 | }, 311 | "has": { 312 | "version": "1.0.3", 313 | "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", 314 | "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", 315 | "requires": { 316 | "function-bind": "^1.1.1" 317 | } 318 | }, 319 | "has-symbols": { 320 | "version": "1.0.1", 321 | "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.1.tgz", 322 | "integrity": "sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg==" 323 | }, 324 | "hosted-git-info": { 325 | "version": "2.8.8", 326 | "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.8.tgz", 327 | "integrity": "sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==" 328 | }, 329 | "ieee754": { 330 | "version": "1.1.13", 331 | "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", 332 | "integrity": "sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==" 333 | }, 334 | "inflight": { 335 | "version": "1.0.6", 336 | "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", 337 | "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", 338 | "requires": { 339 | "once": "^1.3.0", 340 | "wrappy": "1" 341 | } 342 | }, 343 | "inherits": { 344 | "version": "2.0.4", 345 | "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", 346 | "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" 347 | }, 348 | "is-callable": { 349 | "version": "1.2.2", 350 | "resolved": "https://registry.npmjs.org/is-callable/-/is-callable-1.2.2.tgz", 351 | "integrity": "sha512-dnMqspv5nU3LoewK2N/y7KLtxtakvTuaCsU9FU50/QDmdbHNy/4/JuRtMHqRU22o3q+W89YQndQEeCVwK+3qrA==" 352 | }, 353 | "is-date-object": { 354 | "version": "1.0.2", 355 | "resolved": "https://registry.npmjs.org/is-date-object/-/is-date-object-1.0.2.tgz", 356 | "integrity": "sha512-USlDT524woQ08aoZFzh3/Z6ch9Y/EWXEHQ/AaRN0SkKq4t2Jw2R2339tSXmwuVoY7LLlBCbOIlx2myP/L5zk0g==" 357 | }, 358 | "is-negative-zero": { 359 | "version": "2.0.0", 360 | "resolved": "https://registry.npmjs.org/is-negative-zero/-/is-negative-zero-2.0.0.tgz", 361 | "integrity": "sha1-lVOxIbD6wohp2p7UWeIMdUN4hGE=" 362 | }, 363 | "is-regex": { 364 | "version": "1.1.1", 365 | "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.1.1.tgz", 366 | "integrity": "sha512-1+QkEcxiLlB7VEyFtyBg94e08OAsvq7FUBgApTq/w2ymCLyKJgDPsybBENVtA7XCQEgEXxKPonG+mvYRxh/LIg==", 367 | "requires": { 368 | "has-symbols": "^1.0.1" 369 | } 370 | }, 371 | "is-symbol": { 372 | "version": "1.0.3", 373 | "resolved": "https://registry.npmjs.org/is-symbol/-/is-symbol-1.0.3.tgz", 374 | "integrity": "sha512-OwijhaRSgqvhm/0ZdAcXNZt9lYdKFpcRDT5ULUuYXPoT794UNOdU+gpT6Rzo7b4V2HUl/op6GqY894AZwv9faQ==", 375 | "requires": { 376 | "has-symbols": "^1.0.1" 377 | } 378 | }, 379 | "isarray": { 380 | "version": "1.0.0", 381 | "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", 382 | "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" 383 | }, 384 | "jmespath": { 385 | "version": "0.15.0", 386 | "resolved": "https://registry.npmjs.org/jmespath/-/jmespath-0.15.0.tgz", 387 | "integrity": "sha1-o/Iiqarp+Wb10nx5ZRDigJF2Qhc=" 388 | }, 389 | "json-parse-even-better-errors": { 390 | "version": "2.3.1", 391 | "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", 392 | "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==" 393 | }, 394 | "long": { 395 | "version": "4.0.0", 396 | "resolved": "https://registry.npmjs.org/long/-/long-4.0.0.tgz", 397 | "integrity": "sha512-XsP+KhQif4bjX1kbuSiySJFNAehNxgLb6hPRGJ9QsUr8ajHkuXGdrHmFUTUUXhDwVX2R5bY4JNZEwbUiMhV+MA==" 398 | }, 399 | "make-error": { 400 | "version": "1.3.6", 401 | "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", 402 | "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==" 403 | }, 404 | "mime": { 405 | "version": "2.4.6", 406 | "resolved": "https://registry.npmjs.org/mime/-/mime-2.4.6.tgz", 407 | "integrity": "sha512-RZKhC3EmpBchfTGBVb8fb+RL2cWyw/32lshnsETttkBAyAUXSGHxbEJWWRXc751DrIxG1q04b8QwMbAwkRPpUA==" 408 | }, 409 | "minimatch": { 410 | "version": "3.0.4", 411 | "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", 412 | "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", 413 | "requires": { 414 | "brace-expansion": "^1.1.7" 415 | } 416 | }, 417 | "minimist": { 418 | "version": "1.2.5", 419 | "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", 420 | "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" 421 | }, 422 | "mkdirp": { 423 | "version": "0.5.5", 424 | "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.5.tgz", 425 | "integrity": "sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==", 426 | "requires": { 427 | "minimist": "^1.2.5" 428 | } 429 | }, 430 | "normalize-package-data": { 431 | "version": "2.5.0", 432 | "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", 433 | "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==", 434 | "requires": { 435 | "hosted-git-info": "^2.1.4", 436 | "resolve": "^1.10.0", 437 | "semver": "2 || 3 || 4 || 5", 438 | "validate-npm-package-license": "^3.0.1" 439 | }, 440 | "dependencies": { 441 | "semver": { 442 | "version": "5.7.1", 443 | "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", 444 | "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==" 445 | } 446 | } 447 | }, 448 | "npm-normalize-package-bin": { 449 | "version": "1.0.1", 450 | "resolved": "https://registry.npmjs.org/npm-normalize-package-bin/-/npm-normalize-package-bin-1.0.1.tgz", 451 | "integrity": "sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA==" 452 | }, 453 | "object-inspect": { 454 | "version": "1.8.0", 455 | "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.8.0.tgz", 456 | "integrity": "sha512-jLdtEOB112fORuypAyl/50VRVIBIdVQOSUUGQHzJ4xBSbit81zRarz7GThkEFZy1RceYrWYcPcBFPQwHyAc1gA==" 457 | }, 458 | "object-keys": { 459 | "version": "1.1.1", 460 | "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz", 461 | "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==" 462 | }, 463 | "object.assign": { 464 | "version": "4.1.1", 465 | "resolved": "https://registry.npmjs.org/object.assign/-/object.assign-4.1.1.tgz", 466 | "integrity": "sha512-VT/cxmx5yaoHSOTSyrCygIDFco+RsibY2NM0a4RdEeY/4KgqezwFtK1yr3U67xYhqJSlASm2pKhLVzPj2lr4bA==", 467 | "requires": { 468 | "define-properties": "^1.1.3", 469 | "es-abstract": "^1.18.0-next.0", 470 | "has-symbols": "^1.0.1", 471 | "object-keys": "^1.1.1" 472 | }, 473 | "dependencies": { 474 | "es-abstract": { 475 | "version": "1.18.0-next.1", 476 | "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.18.0-next.1.tgz", 477 | "integrity": "sha512-I4UGspA0wpZXWENrdA0uHbnhte683t3qT/1VFH9aX2dA5PPSf6QW5HHXf5HImaqPmjXaVeVk4RGWnaylmV7uAA==", 478 | "requires": { 479 | "es-to-primitive": "^1.2.1", 480 | "function-bind": "^1.1.1", 481 | "has": "^1.0.3", 482 | "has-symbols": "^1.0.1", 483 | "is-callable": "^1.2.2", 484 | "is-negative-zero": "^2.0.0", 485 | "is-regex": "^1.1.1", 486 | "object-inspect": "^1.8.0", 487 | "object-keys": "^1.1.1", 488 | "object.assign": "^4.1.1", 489 | "string.prototype.trimend": "^1.0.1", 490 | "string.prototype.trimstart": "^1.0.1" 491 | } 492 | } 493 | } 494 | }, 495 | "object.getownpropertydescriptors": { 496 | "version": "2.1.0", 497 | "resolved": "https://registry.npmjs.org/object.getownpropertydescriptors/-/object.getownpropertydescriptors-2.1.0.tgz", 498 | "integrity": "sha512-Z53Oah9A3TdLoblT7VKJaTDdXdT+lQO+cNpKVnya5JDe9uLvzu1YyY1yFDFrcxrlRgWrEFH0jJtD/IbuwjcEVg==", 499 | "requires": { 500 | "define-properties": "^1.1.3", 501 | "es-abstract": "^1.17.0-next.1" 502 | } 503 | }, 504 | "once": { 505 | "version": "1.4.0", 506 | "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", 507 | "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", 508 | "requires": { 509 | "wrappy": "1" 510 | } 511 | }, 512 | "path-is-absolute": { 513 | "version": "1.0.1", 514 | "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", 515 | "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" 516 | }, 517 | "path-parse": { 518 | "version": "1.0.6", 519 | "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz", 520 | "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==" 521 | }, 522 | "protobufjs": { 523 | "version": "6.10.1", 524 | "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.10.1.tgz", 525 | "integrity": "sha512-pb8kTchL+1Ceg4lFd5XUpK8PdWacbvV5SK2ULH2ebrYtl4GjJmS24m6CKME67jzV53tbJxHlnNOSqQHbTsR9JQ==", 526 | "requires": { 527 | "@protobufjs/aspromise": "^1.1.2", 528 | "@protobufjs/base64": "^1.1.2", 529 | "@protobufjs/codegen": "^2.0.4", 530 | "@protobufjs/eventemitter": "^1.1.0", 531 | "@protobufjs/fetch": "^1.1.0", 532 | "@protobufjs/float": "^1.0.2", 533 | "@protobufjs/inquire": "^1.1.0", 534 | "@protobufjs/path": "^1.1.2", 535 | "@protobufjs/pool": "^1.1.0", 536 | "@protobufjs/utf8": "^1.1.0", 537 | "@types/long": "^4.0.1", 538 | "@types/node": "^13.7.0", 539 | "long": "^4.0.0" 540 | }, 541 | "dependencies": { 542 | "@types/node": { 543 | "version": "13.13.25", 544 | "resolved": "https://registry.npmjs.org/@types/node/-/node-13.13.25.tgz", 545 | "integrity": "sha512-6ZMK4xRcF2XrPdKmPYQxZkdHKV18xKgUFVvhIgw2iwaaO6weleLPHLBGPZmLhjo+m1N+MZXRAoBEBCCVqgO2zQ==" 546 | } 547 | } 548 | }, 549 | "punycode": { 550 | "version": "1.3.2", 551 | "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.3.2.tgz", 552 | "integrity": "sha1-llOgNvt8HuQjQvIyXM7v6jkmxI0=" 553 | }, 554 | "querystring": { 555 | "version": "0.2.0", 556 | "resolved": "https://registry.npmjs.org/querystring/-/querystring-0.2.0.tgz", 557 | "integrity": "sha1-sgmEkgO7Jd+CDadW50cAWHhSFiA=" 558 | }, 559 | "read-package-json": { 560 | "version": "2.1.2", 561 | "resolved": "https://registry.npmjs.org/read-package-json/-/read-package-json-2.1.2.tgz", 562 | "integrity": "sha512-D1KmuLQr6ZSJS0tW8hf3WGpRlwszJOXZ3E8Yd/DNRaM5d+1wVRZdHlpGBLAuovjr28LbWvjpWkBHMxpRGGjzNA==", 563 | "requires": { 564 | "glob": "^7.1.1", 565 | "json-parse-even-better-errors": "^2.3.0", 566 | "normalize-package-data": "^2.0.0", 567 | "npm-normalize-package-bin": "^1.0.0" 568 | } 569 | }, 570 | "read-package-tree": { 571 | "version": "5.3.1", 572 | "resolved": "https://registry.npmjs.org/read-package-tree/-/read-package-tree-5.3.1.tgz", 573 | "integrity": "sha512-mLUDsD5JVtlZxjSlPPx1RETkNjjvQYuweKwNVt1Sn8kP5Jh44pvYuUHCp6xSVDZWbNxVxG5lyZJ921aJH61sTw==", 574 | "requires": { 575 | "read-package-json": "^2.0.0", 576 | "readdir-scoped-modules": "^1.0.0", 577 | "util-promisify": "^2.1.0" 578 | } 579 | }, 580 | "readdir-scoped-modules": { 581 | "version": "1.1.0", 582 | "resolved": "https://registry.npmjs.org/readdir-scoped-modules/-/readdir-scoped-modules-1.1.0.tgz", 583 | "integrity": "sha512-asaikDeqAQg7JifRsZn1NJZXo9E+VwlyCfbkZhwyISinqk5zNS6266HS5kah6P0SaQKGF6SkNnZVHUzHFYxYDw==", 584 | "requires": { 585 | "debuglog": "^1.0.1", 586 | "dezalgo": "^1.0.0", 587 | "graceful-fs": "^4.1.2", 588 | "once": "^1.3.0" 589 | } 590 | }, 591 | "require-from-string": { 592 | "version": "2.0.2", 593 | "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", 594 | "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==" 595 | }, 596 | "resolve": { 597 | "version": "1.17.0", 598 | "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.17.0.tgz", 599 | "integrity": "sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==", 600 | "requires": { 601 | "path-parse": "^1.0.6" 602 | } 603 | }, 604 | "sax": { 605 | "version": "1.2.1", 606 | "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.1.tgz", 607 | "integrity": "sha1-e45lYZCyKOgaZq6nSEgNgozS03o=" 608 | }, 609 | "semver": { 610 | "version": "6.3.0", 611 | "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", 612 | "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" 613 | }, 614 | "source-map": { 615 | "version": "0.5.7", 616 | "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", 617 | "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=" 618 | }, 619 | "source-map-support": { 620 | "version": "0.4.18", 621 | "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.4.18.tgz", 622 | "integrity": "sha512-try0/JqxPLF9nOjvSta7tVondkP5dwgyLDjVoyMDlmjugT2lRZ1OfsrYTkCd2hkDnJTKRbO/Rl3orm8vlsUzbA==", 623 | "requires": { 624 | "source-map": "^0.5.6" 625 | } 626 | }, 627 | "spdx-correct": { 628 | "version": "3.1.1", 629 | "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz", 630 | "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==", 631 | "requires": { 632 | "spdx-expression-parse": "^3.0.0", 633 | "spdx-license-ids": "^3.0.0" 634 | } 635 | }, 636 | "spdx-exceptions": { 637 | "version": "2.3.0", 638 | "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz", 639 | "integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==" 640 | }, 641 | "spdx-expression-parse": { 642 | "version": "3.0.1", 643 | "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", 644 | "integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==", 645 | "requires": { 646 | "spdx-exceptions": "^2.1.0", 647 | "spdx-license-ids": "^3.0.0" 648 | } 649 | }, 650 | "spdx-license-ids": { 651 | "version": "3.0.6", 652 | "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.6.tgz", 653 | "integrity": "sha512-+orQK83kyMva3WyPf59k1+Y525csj5JejicWut55zeTWANuN17qSiSLUXWtzHeNWORSvT7GLDJ/E/XiIWoXBTw==" 654 | }, 655 | "string.prototype.trimend": { 656 | "version": "1.0.1", 657 | "resolved": "https://registry.npmjs.org/string.prototype.trimend/-/string.prototype.trimend-1.0.1.tgz", 658 | "integrity": "sha512-LRPxFUaTtpqYsTeNKaFOw3R4bxIzWOnbQ837QfBylo8jIxtcbK/A/sMV7Q+OAV/vWo+7s25pOE10KYSjaSO06g==", 659 | "requires": { 660 | "define-properties": "^1.1.3", 661 | "es-abstract": "^1.17.5" 662 | } 663 | }, 664 | "string.prototype.trimstart": { 665 | "version": "1.0.1", 666 | "resolved": "https://registry.npmjs.org/string.prototype.trimstart/-/string.prototype.trimstart-1.0.1.tgz", 667 | "integrity": "sha512-XxZn+QpvrBI1FOcg6dIpxUPgWCPuNXvMD72aaRaUQv1eD4e/Qy8i/hFTe0BUmD60p/QA6bh1avmuPTfNjqVWRw==", 668 | "requires": { 669 | "define-properties": "^1.1.3", 670 | "es-abstract": "^1.17.5" 671 | } 672 | }, 673 | "ts-node": { 674 | "version": "7.0.1", 675 | "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-7.0.1.tgz", 676 | "integrity": "sha512-BVwVbPJRspzNh2yfslyT1PSbl5uIk03EZlb493RKHN4qej/D06n1cEhjlOJG69oFsE7OT8XjpTUcYf6pKTLMhw==", 677 | "requires": { 678 | "arrify": "^1.0.0", 679 | "buffer-from": "^1.1.0", 680 | "diff": "^3.1.0", 681 | "make-error": "^1.1.1", 682 | "minimist": "^1.2.0", 683 | "mkdirp": "^0.5.1", 684 | "source-map-support": "^0.5.6", 685 | "yn": "^2.0.0" 686 | }, 687 | "dependencies": { 688 | "source-map": { 689 | "version": "0.6.1", 690 | "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", 691 | "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" 692 | }, 693 | "source-map-support": { 694 | "version": "0.5.19", 695 | "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.19.tgz", 696 | "integrity": "sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==", 697 | "requires": { 698 | "buffer-from": "^1.0.0", 699 | "source-map": "^0.6.0" 700 | } 701 | } 702 | } 703 | }, 704 | "typescript": { 705 | "version": "3.7.5", 706 | "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.7.5.tgz", 707 | "integrity": "sha512-/P5lkRXkWHNAbcJIiHPfRoKqyd7bsyCma1hZNUGfn20qm64T6ZBlrzprymeu918H+mB/0rIg2gGK/BXkhhYgBw==" 708 | }, 709 | "upath": { 710 | "version": "1.2.0", 711 | "resolved": "https://registry.npmjs.org/upath/-/upath-1.2.0.tgz", 712 | "integrity": "sha512-aZwGpamFO61g3OlfT7OQCHqhGnW43ieH9WZeP7QxN/G/jS4jfqUkZxoryvJgVPEcrl5NL/ggHsSmLMHuH64Lhg==" 713 | }, 714 | "url": { 715 | "version": "0.10.3", 716 | "resolved": "https://registry.npmjs.org/url/-/url-0.10.3.tgz", 717 | "integrity": "sha1-Ah5NnHcF8hu/N9A861h2dAJ3TGQ=", 718 | "requires": { 719 | "punycode": "1.3.2", 720 | "querystring": "0.2.0" 721 | } 722 | }, 723 | "util-promisify": { 724 | "version": "2.1.0", 725 | "resolved": "https://registry.npmjs.org/util-promisify/-/util-promisify-2.1.0.tgz", 726 | "integrity": "sha1-PCI2R2xNMsX/PEcAKt18E7moKlM=", 727 | "requires": { 728 | "object.getownpropertydescriptors": "^2.0.3" 729 | } 730 | }, 731 | "uuid": { 732 | "version": "3.3.2", 733 | "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", 734 | "integrity": "sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA==" 735 | }, 736 | "validate-npm-package-license": { 737 | "version": "3.0.4", 738 | "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", 739 | "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", 740 | "requires": { 741 | "spdx-correct": "^3.0.0", 742 | "spdx-expression-parse": "^3.0.0" 743 | } 744 | }, 745 | "wrappy": { 746 | "version": "1.0.2", 747 | "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", 748 | "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" 749 | }, 750 | "xml2js": { 751 | "version": "0.4.19", 752 | "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.19.tgz", 753 | "integrity": "sha512-esZnJZJOiJR9wWKMyuvSE1y6Dq5LCuJanqhxslH2bxM6duahNZ+HMpCLhBQGZkbX6xRf8x1Y2eJlgt2q3qo49Q==", 754 | "requires": { 755 | "sax": ">=0.6.0", 756 | "xmlbuilder": "~9.0.1" 757 | } 758 | }, 759 | "xmlbuilder": { 760 | "version": "9.0.7", 761 | "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-9.0.7.tgz", 762 | "integrity": "sha1-Ey7mPS7FVlxVfiD0wi35rKaGsQ0=" 763 | }, 764 | "yn": { 765 | "version": "2.0.0", 766 | "resolved": "https://registry.npmjs.org/yn/-/yn-2.0.0.tgz", 767 | "integrity": "sha1-5a2ryKz0CPY4X8dklWhMiOavaJo=" 768 | } 769 | } 770 | } 771 | -------------------------------------------------------------------------------- /pulumi/aws-ts-fargate/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "pulumi-fargate", 3 | "devDependencies": { 4 | "@types/node": "^10.0.0" 5 | }, 6 | "dependencies": { 7 | "@pulumi/pulumi": "^2.0.0", 8 | "@pulumi/aws": "^3.0.0", 9 | "@pulumi/awsx": "^0.22.0" 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /pulumi/aws-ts-fargate/tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "strict": true, 4 | "outDir": "bin", 5 | "target": "es2016", 6 | "module": "commonjs", 7 | "moduleResolution": "node", 8 | "sourceMap": true, 9 | "experimentalDecorators": true, 10 | "pretty": true, 11 | "noFallthroughCasesInSwitch": true, 12 | "noImplicitReturns": true, 13 | "forceConsistentCasingInFileNames": true 14 | }, 15 | "files": [ 16 | "index.ts" 17 | ] 18 | } 19 | -------------------------------------------------------------------------------- /pulumi/kubernetes-ts-nginx/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2016-2018, Pulumi Corporation. All rights reserved. 2 | 3 | import * as k8s from "@pulumi/kubernetes"; 4 | import * as pulumi from "@pulumi/pulumi"; 5 | 6 | const config = new pulumi.Config(); 7 | 8 | const nginxLabels = { app: "nginx" }; 9 | const nginxDeployment = new k8s.apps.v1.Deployment("nginx-deployment", { 10 | spec: { 11 | selector: { matchLabels: nginxLabels }, 12 | replicas: config.getNumber("replicas") || 2, 13 | template: { 14 | metadata: { labels: nginxLabels }, 15 | spec: { 16 | containers: [{ 17 | name: "nginx", 18 | image: "nginx:1.7.9", 19 | ports: [{ containerPort: 80 }], 20 | }], 21 | }, 22 | }, 23 | }, 24 | }); 25 | 26 | export const nginx = nginxDeployment.metadata.name; 27 | -------------------------------------------------------------------------------- /pulumi/testing-unit-ts/bucket_pair.ts: -------------------------------------------------------------------------------- 1 | import * as aws from "@pulumi/aws" 2 | import * as pulumi from "@pulumi/pulumi"; 3 | 4 | export class BucketPair extends pulumi.ComponentResource { 5 | 6 | contentBucket: aws.s3.Bucket; 7 | logsBucket: aws.s3.Bucket; 8 | 9 | constructor(contentBucketName: string, logsBucketName: string, opts: any) { 10 | super("pulumi:examples:BucketPair", "BucketPair", {}, opts); 11 | 12 | this.contentBucket = new aws.s3.Bucket("contentBucket", { 13 | bucket: contentBucketName, 14 | }, { parent: this }); 15 | 16 | this.logsBucket = new aws.s3.Bucket("logsBucket", { 17 | bucket: logsBucketName, 18 | }, { parent: this }); 19 | 20 | // Register output properties for this component 21 | this.registerOutputs({ 22 | contentBucket: this.contentBucket, 23 | logsBucket: this.logsBucket 24 | }); 25 | } 26 | } -------------------------------------------------------------------------------- /pulumi/testing-unit-ts/bucket_pair_test.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2016-2020, Pulumi Corporation. All rights reserved. 2 | 3 | import * as pulumi from "@pulumi/pulumi"; 4 | import "mocha"; 5 | import * as assert from 'assert'; 6 | 7 | pulumi.runtime.setMocks({ 8 | newResource: function(args: pulumi.runtime.MockResourceArgs): {id: string, state: any} { 9 | switch (args.type) { 10 | default: 11 | return { 12 | id: args.inputs.name + "_id", 13 | state: { 14 | ...args.inputs, 15 | }, 16 | }; 17 | } 18 | }, 19 | call: function(args: pulumi.runtime.MockCallArgs) { 20 | switch (args.token) { 21 | default: 22 | return args; 23 | } 24 | }, 25 | }); 26 | 27 | describe("BucketPair", function() { 28 | let module: typeof import("./bucket_pair"); 29 | 30 | before(async function() { 31 | // It's important to import the program _after_ the mocks are defined. 32 | module = await import("./bucket_pair"); 33 | }); 34 | 35 | describe("constructor", function() { 36 | it("must pass bucket names", function(done) { 37 | const bucketPair = new module.BucketPair('my_content_bucket', 'my_logs_bucket', {}); 38 | const outputs = [bucketPair.contentBucket.bucket, bucketPair.logsBucket.bucket]; 39 | pulumi.all(outputs).apply(([contentBucketName, logsBucketName]) => { 40 | assert.strictEqual(contentBucketName, 'my_content_bucket'); 41 | assert.strictEqual(logsBucketName, 'my_logs_bucket'); 42 | done(); 43 | }); 44 | }); 45 | }); 46 | }); 47 | -------------------------------------------------------------------------------- /pulumi/testing-unit-ts/ec2tests.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2016-2020, Pulumi Corporation. All rights reserved. 2 | 3 | import * as pulumi from "@pulumi/pulumi"; 4 | import "mocha"; 5 | 6 | pulumi.runtime.setMocks({ 7 | newResource: function(args: pulumi.runtime.MockResourceArgs): {id: string, state: any} { 8 | switch (args.type) { 9 | case "aws:ec2/securityGroup:SecurityGroup": 10 | return { 11 | id: "sg-12345678", 12 | state: { 13 | ...args.inputs, 14 | 15 | arn: "arn:aws:ec2:us-west-2:123456789012:security-group/sg-12345678", 16 | name: args.inputs.name || args.name + "-sg", 17 | }, 18 | }; 19 | case "aws:ec2/instance:Instance": 20 | return { 21 | id: "i-1234567890abcdef0", 22 | state: { 23 | ...args.inputs, 24 | 25 | arn: "arn:aws:ec2:us-west-2:123456789012:instance/i-1234567890abcdef0", 26 | instanceState: "running", 27 | primaryNetworkInterfaceId: "eni-12345678", 28 | privateDns: "ip-10-0-1-17.ec2.internal", 29 | publicDns: "ec2-203-0-113-12.compute-1.amazonaws.com", 30 | publicIp: "203.0.113.12", 31 | }, 32 | }; 33 | default: 34 | return { 35 | id: args.inputs.name + "_id", 36 | state: { 37 | ...args.inputs, 38 | }, 39 | }; 40 | } 41 | }, 42 | call: function(args: pulumi.runtime.MockCallArgs) { 43 | switch (args.token) { 44 | case "aws:ec2/getAmi:getAmi": 45 | return { 46 | "architecture": "x86_64", 47 | "id": "ami-0eb1f3cdeeb8eed2a", 48 | }; 49 | default: 50 | return args; 51 | } 52 | }, 53 | }); 54 | 55 | describe("Infrastructure", function() { 56 | let infra: typeof import("./index"); 57 | 58 | before(async function() { 59 | // It's important to import the program _after_ the mocks are defined. 60 | infra = await import("./index"); 61 | }); 62 | 63 | describe("#server", function() { 64 | // check 1: Instances have a Name tag. 65 | it("must have a name tag", function(done) { 66 | pulumi.all([infra.server.urn, infra.server.tags]).apply(([urn, tags]) => { 67 | if (!tags || !tags["Name"]) { 68 | done(new Error(`Missing a name tag on server ${urn}`)); 69 | } else { 70 | done(); 71 | } 72 | }); 73 | }); 74 | 75 | // check 2: Instances must not use an inline userData script. 76 | it("must not use userData (use an AMI instead)", function(done) { 77 | pulumi.all([infra.server.urn, infra.server.userData]).apply(([urn, userData]) => { 78 | if (userData) { 79 | done(new Error(`Illegal use of userData on server ${urn}`)); 80 | } else { 81 | done(); 82 | } 83 | }); 84 | }); 85 | }); 86 | 87 | describe("#group", function() { 88 | // check 3: Instances must not have SSH open to the Internet. 89 | it("must not open port 22 (SSH) to the Internet", function(done) { 90 | pulumi.all([infra.group.urn, infra.group.ingress]).apply(([ urn, ingress ]) => { 91 | if (ingress.find(rule => 92 | rule.fromPort === 22 && (rule.cidrBlocks || []).find(block => block === "0.0.0.0/0"))) { 93 | done(new Error(`Illegal SSH port 22 open to the Internet (CIDR 0.0.0.0/0) on group ${urn}`)); 94 | } else { 95 | done(); 96 | } 97 | }); 98 | }); 99 | }); 100 | }); 101 | -------------------------------------------------------------------------------- /pulumi/testing-unit-ts/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2016-2020, Pulumi Corporation. All rights reserved. 2 | 3 | import * as aws from "@pulumi/aws"; 4 | 5 | export const group = new aws.ec2.SecurityGroup("web-secgrp", { 6 | ingress: [ 7 | // uncomment to fail a test: 8 | // { protocol: "tcp", fromPort: 22, toPort: 22, cidrBlocks: ["0.0.0.0/0"] }, 9 | { protocol: "tcp", fromPort: 80, toPort: 80, cidrBlocks: ["0.0.0.0/0"] }, 10 | ], 11 | }); 12 | 13 | const amiId = aws.ec2.getAmi({ 14 | mostRecent: true, 15 | owners: ["099720109477"], 16 | filters: [{ 17 | name: "name", 18 | values: ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"], 19 | }], 20 | }).then(ami => ami.id); 21 | 22 | export const server = new aws.ec2.Instance("web-server-www", { 23 | instanceType: "t2.micro", 24 | vpcSecurityGroupIds: [ group.id ], // reference the group object above 25 | ami: amiId, 26 | // comment to fail a test: 27 | tags: { Name: "www-server" }, // name tag 28 | // uncomment to fail a test: 29 | // userData: `#!/bin/bash echo "Hello, World!" > index.html nohup python -m SimpleHTTPServer 80 &`, 30 | }); 31 | 32 | export const publicIp = server.publicIp; 33 | export const publicHostName = server.publicDns; 34 | -------------------------------------------------------------------------------- /terraform/README.md: -------------------------------------------------------------------------------- 1 | # Testing Terraform Code 2 | 3 | ## Pre-Commit 4 | 5 | ```bash 6 | # see https://github.com/pre-commit/pre-commit 7 | brew install pre-commit 8 | 9 | # see https://github.com/gruntwork-io/pre-commit 10 | # see https://github.com/antonbabenko/pre-commit-terraform 11 | ``` 12 | 13 | # Terrascan 14 | 15 | ```bash 16 | # see https://github.com/accurics/terrascan 17 | $ brew install terrascan 18 | ``` 19 | 20 | ## TFLint und Rule Sets 21 | 22 | ```bash 23 | # see https://github.com/terraform-linters/tflint 24 | # see https://github.com/terraform-linters/tflint-ruleset-aws 25 | 26 | $ cd examples/aws 27 | $ terraform init 28 | $ terraform plan 29 | 30 | $ tflint 31 | ``` 32 | 33 | ## Checkov 34 | 35 | ```bash 36 | # see https://github.com/bridgecrewio/checkov 37 | 38 | $ checkov --directory examples/aws 39 | ``` 40 | 41 | ## Snyk 42 | 43 | ```bash 44 | # Installation and usage instructions 45 | # https://docs.snyk.io/snyk-cli/install-the-snyk-cli 46 | 47 | $ cd examples/aws 48 | $ snyk iac test main.tf 49 | ``` 50 | 51 | ## Terratest 52 | 53 | ```bash 54 | # see https://terratest.gruntwork.io/docs/getting-started/quick-start/#example-1-terraform-hello-world 55 | $ cd examples/basic && go test 56 | 57 | # see https://terratest.gruntwork.io/docs/getting-started/quick-start/#example-2-terraform-and-aws 58 | $ cd examples/aws && go test 59 | ``` 60 | -------------------------------------------------------------------------------- /terraform/examples/aws/.tflint.hcl: -------------------------------------------------------------------------------- 1 | plugin "aws" { 2 | enabled = true 3 | version = "0.7.1" 4 | source = "github.com/terraform-linters/tflint-ruleset-aws" 5 | } 6 | -------------------------------------------------------------------------------- /terraform/examples/aws/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/lreimer/iac-testing/terraform/aws 2 | 3 | go 1.16 4 | 5 | require github.com/gruntwork-io/terratest v0.37.8 6 | -------------------------------------------------------------------------------- /terraform/examples/aws/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | # This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting 3 | # 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it 4 | # forwards compatible with 0.13.x code. 5 | required_version = ">= 0.12.26" 6 | } 7 | 8 | provider "aws" { 9 | region = "us-east-2" 10 | } 11 | 12 | # Deploy an EC2 Instance. 13 | resource "aws_instance" "example" { 14 | # Run an Ubuntu 18.04 AMI on the EC2 instance. 15 | ami = "ami-0d5d9d301c853a04a" 16 | instance_type = "t2.mini" 17 | # instance_type = "t2.micro" 18 | vpc_security_group_ids = [aws_security_group.instance.id] 19 | 20 | # When the instance boots, start a web server on port 8080 that responds with "Hello, World!". 21 | user_data = < index.html 24 | nohup busybox httpd -f -p 8080 & 25 | EOF 26 | } 27 | 28 | # Allow the instance to receive requests on port 8080. 29 | resource "aws_security_group" "instance" { 30 | ingress { 31 | from_port = 8080 32 | to_port = 8080 33 | protocol = "tcp" 34 | cidr_blocks = ["0.0.0.0/0"] 35 | } 36 | } 37 | 38 | # Output the instance's public IP address. 39 | output "public_ip" { 40 | value = aws_instance.example.public_ip 41 | } -------------------------------------------------------------------------------- /terraform/examples/aws/terraform_aws_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "testing" 6 | "time" 7 | 8 | http_helper "github.com/gruntwork-io/terratest/modules/http-helper" 9 | 10 | "github.com/gruntwork-io/terratest/modules/terraform" 11 | ) 12 | 13 | func TestTerraformAws(t *testing.T) { 14 | t.Parallel() 15 | 16 | // Construct the terraform options with default retryable errors to handle the most common 17 | // retryable errors in terraform testing. 18 | terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ 19 | // The path to where our Terraform code is located 20 | TerraformDir: ".", 21 | }) 22 | 23 | // At the end of the test, run `terraform destroy` to clean up any resources that were created. 24 | defer terraform.Destroy(t, terraformOptions) 25 | 26 | // Run `terraform init` and `terraform apply`. Fail the test if there are any errors. 27 | terraform.InitAndApply(t, terraformOptions) 28 | 29 | // Run `terraform output` to get the IP of the instance 30 | publicIp := terraform.Output(t, terraformOptions, "public_ip") 31 | 32 | // Make an HTTP request to the instance and make sure we get back a 200 OK with the body "Hello, World!" 33 | url := fmt.Sprintf("http://%s:8080", publicIp) 34 | http_helper.HttpGetWithRetry(t, url, nil, 200, "Hello, World!", 30, 5*time.Second) 35 | } 36 | -------------------------------------------------------------------------------- /terraform/examples/basic/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/lreimer/iac-testing/terraform/basic 2 | 3 | go 1.16 4 | 5 | require ( 6 | github.com/gruntwork-io/terratest v0.37.8 7 | github.com/stretchr/testify v1.7.0 8 | ) 9 | -------------------------------------------------------------------------------- /terraform/examples/basic/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | # This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting 3 | # 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it 4 | # forwards compatible with 0.13.x code. 5 | required_version = ">= 0.12.26" 6 | } 7 | 8 | # The simplest possible Terraform module: it just outputs "Hello, World!" 9 | output "hello_world" { 10 | value = "Hello, World!" 11 | } 12 | -------------------------------------------------------------------------------- /terraform/examples/basic/terraform_hello_world_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/gruntwork-io/terratest/modules/terraform" 7 | "github.com/stretchr/testify/assert" 8 | ) 9 | 10 | func TestTerraformBasic(t *testing.T) { 11 | // Construct the terraform options with default retryable errors to handle the most common 12 | // retryable errors in terraform testing. 13 | terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ 14 | // Set the path to the Terraform code that will be tested. 15 | TerraformDir: ".", 16 | }) 17 | 18 | // Clean up resources with "terraform destroy" at the end of the test. 19 | defer terraform.Destroy(t, terraformOptions) 20 | 21 | // Run "terraform init" and "terraform apply". Fail the test if there are any errors. 22 | terraform.InitAndApply(t, terraformOptions) 23 | 24 | // Run `terraform output` to get the values of output variables and check they have the expected values. 25 | output := terraform.Output(t, terraformOptions, "hello_world") 26 | assert.Equal(t, "Hello, World!", output) 27 | } 28 | -------------------------------------------------------------------------------- /terraform/modules/aurora_serverless/README.md: -------------------------------------------------------------------------------- 1 | # Terraform Module for Amazon Aurora with PostgreSQL compatibility (Serverless) 2 | 3 | A module to create a Serverless Amazon Aurora DB with PostgreSQL compatibility. Under the hood it 4 | uses the official AWS `rds_aurora` module found [here](https://github.com/terraform-aws-modules/terraform-aws-rds-aurora). 5 | 6 | ## Development 7 | 8 | If you want to make changes to this module, proceed as follows to format and validate the module sources: 9 | 10 | ```bash 11 | $ terraform init 12 | $ export AWS_DEFAULT_REGION=eu-central-1 13 | 14 | $ terraform fmt 15 | $ terraform validate 16 | ``` 17 | 18 | ## Usage 19 | 20 | ``` 21 | module "aurora_serverless" { 22 | source = git::git@github.com:lreimer/clean-infrastructure-as-code.git//terraform/modules/aurora_serverless?ref=v1.0.0 23 | 24 | cluster_name = "example-aurora-db" 25 | vpc_id = "vpc-12345678" 26 | database_subnets = ["subnet-12345678", "subnet-87654321"] 27 | allowed_cidr_blocks = ["10.20.0.0/20"] 28 | 29 | tags = { 30 | Creator = "Terraform" 31 | Environment = "Dev" 32 | Component = "CLOUD" 33 | } 34 | } 35 | ``` 36 | 37 | ## Requirements 38 | 39 | | Name | Version | 40 | |------|---------| 41 | | terraform | >= 0.14.0 | 42 | | aws | >= 3.0 | 43 | 44 | ## Providers 45 | 46 | | Name | Version | 47 | |------|---------| 48 | | aws | >= 3.0 | 49 | 50 | ## Inputs 51 | 52 | | Name | Description | Type | Default | Required | 53 | |------|-------------|------|---------|:--------:| 54 | | cluster_name | Name for Aurora DB cluster | `string` | | yes | 55 | | vpc_id | ID of the VPC to use | `string` | | yes | 56 | | database_subnets | A list of database subnets to use | `list(string)` | | yes | 57 | | allowed_cidr_blocks | A list of allowed CIDR ranges allowed to access the database (e.g. the private subnet ranges) | `list(string)` | | yes | 58 | | database_name | Name of the initial database | `string` | `""` | no | 59 | | username | Name of the master user | `string` | `postgres` | no | 60 | | port | The database port | `number` | `5432` | no | 61 | | min_capacity | The minimum ACU" | `number` | `2` | no | 62 | | max_capacity | The maximum ACU | `number` | `4` | no | 63 | | monitoring_interval | The monitoring interval in seconds | `number` | `60` | no | 64 | | backup_retention_period | The backup retention period in days | `number` | `7` | no | 65 | | preferred_backup_window | The preferred backup window time slot | `string` | `02:00-03:00` | no | 66 | | preferred_maintenance_window | The preferred time slot for DB maintenance | `string` | `sun:05:00-sun:06:00` | no | 67 | | deletion_protection | If the DB instance should be deletion protection enabled | `bool` | `false` | no | 68 | | tags | Tags to set on the Aurora DB cluster and associated resources | `map(string)` | `{}` | no | 69 | 70 | 71 | ## Outputs 72 | 73 | | Name | Description | 74 | |------|-------------| 75 | | cluster_id | The ID of the cluster | 76 | | cluster_arn | The ARN of the cluster | 77 | | cluster_endpoint | The cluster endpoint | 78 | | cluster_port | The cluster port | 79 | | cluster_instance_ids | A list of all cluster instance ids | 80 | | cluster_instance_endpoints | A list of all cluster instance endpoints | 81 | | cluster_hosted_zone_id | Route53 hosted zone id of the created cluster | 82 | | cluster_database_name | Name for an automatically created database on cluster creation | 83 | | cluster_master_username | The master username | 84 | | cluster_master_password | The master password | 85 | 86 | 87 | The master username and password are marked as `sensitive`, they will not be output on the console. 88 | To retrieve these values, issue the following command: `terragrunt state pull | jq '.outputs[].value'` 89 | -------------------------------------------------------------------------------- /terraform/modules/aurora_serverless/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "~> 3.0" 6 | } 7 | } 8 | } 9 | 10 | module "aurora_serverless" { 11 | source = "terraform-aws-modules/rds-aurora/aws" 12 | version = "5.0.0" 13 | 14 | name = var.cluster_name 15 | 16 | engine = "aurora-postgresql" 17 | engine_mode = "serverless" 18 | storage_encrypted = true 19 | 20 | vpc_id = var.vpc_id 21 | subnets = var.database_subnets 22 | 23 | create_security_group = true 24 | security_group_description = "" 25 | allowed_cidr_blocks = var.allowed_cidr_blocks 26 | port = var.port 27 | 28 | database_name = var.database_name 29 | username = var.username 30 | create_random_password = true 31 | 32 | replica_scale_enabled = false 33 | replica_count = 0 34 | 35 | monitoring_interval = var.monitoring_interval 36 | backup_retention_period = var.backup_retention_period 37 | preferred_backup_window = var.preferred_backup_window 38 | preferred_maintenance_window = var.preferred_maintenance_window 39 | auto_minor_version_upgrade = true 40 | allow_major_version_upgrade = false 41 | 42 | deletion_protection = var.deletion_protection 43 | apply_immediately = true 44 | skip_final_snapshot = true 45 | 46 | db_parameter_group_name = aws_db_parameter_group.aurora_serverless.id 47 | db_cluster_parameter_group_name = aws_rds_cluster_parameter_group.aurora_serverless.id 48 | 49 | scaling_configuration = { 50 | auto_pause = true 51 | min_capacity = var.min_capacity 52 | max_capacity = var.max_capacity 53 | seconds_until_auto_pause = 300 54 | timeout_action = "ForceApplyCapacityChange" 55 | } 56 | 57 | tags = var.tags 58 | } 59 | 60 | resource "aws_db_parameter_group" "aurora_serverless" { 61 | name = "${var.cluster_name}-postgres-db-parameter-group" 62 | family = "aurora-postgresql10" 63 | description = "${var.cluster_name}-postgres-db-parameter-group" 64 | tags = var.tags 65 | } 66 | 67 | resource "aws_rds_cluster_parameter_group" "aurora_serverless" { 68 | name = "${var.cluster_name}-postgres-cluster-parameter-group" 69 | family = "aurora-postgresql10" 70 | description = "${var.cluster_name}-postgres-cluster-parameter-group" 71 | tags = var.tags 72 | } -------------------------------------------------------------------------------- /terraform/modules/aurora_serverless/outputs.tf: -------------------------------------------------------------------------------- 1 | output "cluster_id" { 2 | description = "The ID of the cluster" 3 | value = module.aurora_serverless.rds_cluster_id 4 | } 5 | 6 | output "cluster_arn" { 7 | description = "The ARN of the cluster" 8 | value = module.aurora_serverless.rds_cluster_arn 9 | } 10 | 11 | output "cluster_endpoint" { 12 | description = "The cluster endpoint" 13 | value = module.aurora_serverless.rds_cluster_endpoint 14 | } 15 | 16 | output "cluster_port" { 17 | description = "The cluster port" 18 | value = module.aurora_serverless.rds_cluster_port 19 | } 20 | 21 | output "cluster_instance_ids" { 22 | description = "A list of all cluster instance ids" 23 | value = module.aurora_serverless.rds_cluster_instance_ids 24 | } 25 | 26 | output "cluster_instance_endpoints" { 27 | description = "A list of all cluster instance endpoints" 28 | value = module.aurora_serverless.rds_cluster_instance_endpoints 29 | } 30 | 31 | output "cluster_hosted_zone_id" { 32 | description = "Route53 hosted zone id of the created cluster" 33 | value = module.aurora_serverless.rds_cluster_hosted_zone_id 34 | } 35 | 36 | output "cluster_database_name" { 37 | description = "Name for an automatically created database on cluster creation" 38 | value = var.database_name 39 | } 40 | 41 | output "cluster_master_username" { 42 | description = "The master username" 43 | value = module.aurora_serverless.rds_cluster_master_username 44 | sensitive = true 45 | } 46 | 47 | output "cluster_master_password" { 48 | description = "The master password" 49 | value = module.aurora_serverless.rds_cluster_master_password 50 | sensitive = true 51 | } 52 | -------------------------------------------------------------------------------- /terraform/modules/aurora_serverless/variables.tf: -------------------------------------------------------------------------------- 1 | variable "cluster_name" { 2 | description = "Name for Aurora DB cluster" 3 | type = string 4 | } 5 | 6 | variable "vpc_id" { 7 | description = "ID of the VPC to use" 8 | type = string 9 | } 10 | 11 | variable "database_subnets" { 12 | description = "A list of database subnets to use" 13 | type = list(string) 14 | } 15 | 16 | variable "allowed_cidr_blocks" { 17 | description = "A list of allowed CIDR ranges allowed to access the database (e.g. the private subnet ranges)" 18 | type = list(string) 19 | } 20 | 21 | variable "database_name" { 22 | description = "Name of the initial database" 23 | type = string 24 | default = "" 25 | } 26 | 27 | variable "username" { 28 | description = "Name of the master user" 29 | type = string 30 | default = "postgres" 31 | } 32 | 33 | variable "port" { 34 | description = "The database port" 35 | type = number 36 | default = 5432 37 | } 38 | 39 | variable "min_capacity" { 40 | description = "The minimum ACU" 41 | type = number 42 | default = 2 43 | } 44 | 45 | variable "max_capacity" { 46 | description = "The maximum ACU" 47 | type = number 48 | default = 4 49 | } 50 | 51 | variable "monitoring_interval" { 52 | description = "The monitoring interval in seconds" 53 | type = number 54 | default = 60 55 | } 56 | 57 | variable "backup_retention_period" { 58 | description = "The backup retention period in days" 59 | type = number 60 | default = 7 61 | } 62 | 63 | variable "preferred_backup_window" { 64 | description = "The preferred backup window time slot" 65 | type = string 66 | default = "02:00-03:00" 67 | } 68 | 69 | variable "preferred_maintenance_window" { 70 | description = "The preferred time slot for DB maintenance" 71 | type = string 72 | default = "sun:05:00-sun:06:00" 73 | } 74 | 75 | variable "deletion_protection" { 76 | description = "If the DB instance should be deletion protection enabled" 77 | type = bool 78 | default = false 79 | } 80 | 81 | variable "tags" { 82 | description = "Tags to set on the Aurora DB cluster and associated resources" 83 | type = map(string) 84 | default = {} 85 | } 86 | -------------------------------------------------------------------------------- /terraform/modules/custom_vpc/README.md: -------------------------------------------------------------------------------- 1 | # Terraform Module for a Custom Apps VPC 2 | 3 | A reusable module that performs a the creation of a custom VPC for the apps account. 4 | Under the hood, this module wraps and uses the AWS VPC module. 5 | 6 | ## Development 7 | 8 | If you want to make changes to this module, proceed as follows to format and validate the module sources: 9 | 10 | ```bash 11 | $ terraform init 12 | $ export AWS_DEFAULT_REGION=eu-central-1 13 | 14 | $ terraform fmt 15 | $ terraform validate 16 | ``` 17 | 18 | If using this module from Terragrunt, here is how to test out changes to a module locally: 19 | 20 | 1. Update the code as necessary. 21 | 2. Go into the folder wehere you have the `terragrunt.hcl` file that uses this module. 22 | 3. Run `terragrunt plan --terragrunt-source `, where `LOCAL_PATH` is the path to your local checkout of the module code. 23 | 4. If the plan looks good, run `terragrunt apply --terragrunt-source `. 24 | 25 | Using the `--terragrunt-source` parameter (or `TERRAGRUNT_SOURCE` environment variable) allows you to do rapid, iterative, make-a-change-and-rerun development. 26 | 27 | ## Requirements 28 | 29 | | Name | Version | 30 | |------|---------| 31 | | terraform | >= 0.14.0 | 32 | | aws | >= 3.0 | 33 | 34 | ## Providers 35 | 36 | | Name | Version | 37 | |------|---------| 38 | | aws | >= 3.0 | 39 | 40 | ## Inputs 41 | 42 | | Name | Description | Type | Default | Required | 43 | |------|-------------|------|---------|:--------:| 44 | | prefix | The name prefix for the created resources | `string` | | yes | 45 | | cidr | The CIDR block for the VPC | `string` | | yes | 46 | | private_subnets | A list of private subnets inside the VPC | `list` | | yes | 47 | | public_subnets | A list of public subnets inside the VPC | `list` | | yes | 48 | | database_subnets | A list of database subnets inside the VPC | `list` | | yes | 49 | | common_tags | The common map of tags | `map` | `{}` | no | 50 | | create_igw | Enable Internet Gateway for public subnets | `bool` | `true` | no | 51 | | enable_nat_gateway | Enable NAT Gateways for each of your private network | `bool` | `true` | no | 52 | | single_nat_gateway | Single shared NAT Gateway across all of your private networks | `bool` | `false` | no | 53 | | one_nat_gateway_per_az | Enable only one NAT Gateway per availability zone | `bool` | `false` | no | 54 | | enable_dns_support | Enable DNS support in the VPC | `bool` | `true` | no | 55 | | enable_dns_hostnames | Enable DNS hostnames in the VPC | `bool` | `true` | no | 56 | | enable_ecr_api_endpoint | Provision an ECR API endpoint to the VPC | `bool` | `false` | no | 57 | | enable_ecr_dkr_endpoint | Provision an ECR DKR endpoint to the VPC | `bool` | `false` | no | 58 | | enable_s3_endpoint | Provision an S3 endpoint to the VPC | `bool` | `false` | no | 59 | 60 | ## Outputs 61 | 62 | | Name | Description | 63 | |------|-------------| 64 | | availability_zones | The name of the AZs in the current region | 65 | | vpc_id | The ID of the VPC | 66 | | public_subnet_ids | The list of public subnet IDs | 67 | | public_subnet_ranges | The list of public subnet CIDR blocks | 68 | | public_subnet_arns | The list of public subnet ARNs | 69 | | private_subnet_ids | The list of private subnet IDs | 70 | | private_subnet_ranges | The list of private subnet CIDR blocks | 71 | | private_subnet_arns | The list of private subnet ARNs | 72 | | database_subnet_ids | The list of private subnet IDs | 73 | | database_subnet_ranges | The list of private subnet CIDR blocks | 74 | | database_subnet_arms | The list of private subnet ARNs | 75 | | vpc_endpoint_ecr_api_id | The ID of VPC endpoint for ECR API | 76 | | vpc_endpoint_ecr_dkr_id | The ID of VPC endpoint for ECR Docker | 77 | | vpc_endpoint_s3_id | The ID of VPC endpoint for S3 | 78 | -------------------------------------------------------------------------------- /terraform/modules/custom_vpc/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "~> 3.0" 6 | } 7 | } 8 | } 9 | 10 | data "aws_availability_zones" "available" { 11 | } 12 | 13 | data "aws_security_group" "default" { 14 | name = "default" 15 | vpc_id = module.vpc_aws.vpc_id 16 | } 17 | 18 | # Use an official module. 19 | # https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws/latest 20 | module "vpc_aws" { 21 | source = "terraform-aws-modules/vpc/aws" 22 | version = "2.77.0" 23 | 24 | name = "${var.prefix}-vpc" 25 | 26 | azs = [ 27 | data.aws_availability_zones.available.names[0], 28 | data.aws_availability_zones.available.names[1], 29 | data.aws_availability_zones.available.names[2] 30 | ] 31 | 32 | cidr = var.cidr 33 | private_subnets = var.private_subnets 34 | public_subnets = var.public_subnets 35 | database_subnets = var.database_subnets 36 | 37 | create_igw = var.create_igw 38 | enable_nat_gateway = var.enable_nat_gateway 39 | single_nat_gateway = var.single_nat_gateway 40 | one_nat_gateway_per_az = var.one_nat_gateway_per_az 41 | 42 | enable_dns_support = var.enable_dns_support 43 | enable_dns_hostnames = var.enable_dns_hostnames 44 | 45 | # required for ECR to function correctly 46 | # https://aws.amazon.com/de/blogs/containers/using-vpc-endpoint-policies-to-control-amazon-ecr-access/ 47 | enable_ecr_api_endpoint = var.enable_ecr_api_endpoint 48 | ecr_api_endpoint_security_group_ids = var.enable_ecr_api_endpoint ? [data.aws_security_group.default.id] : [] 49 | 50 | enable_ecr_dkr_endpoint = var.enable_ecr_dkr_endpoint 51 | ecr_dkr_endpoint_security_group_ids = var.enable_ecr_dkr_endpoint ? [data.aws_security_group.default.id] : [] 52 | 53 | enable_s3_endpoint = var.enable_s3_endpoint 54 | s3_endpoint_security_group_ids = var.enable_s3_endpoint ? [data.aws_security_group.default.id] : [] 55 | 56 | tags = merge(var.common_tags, { 57 | Name = "${var.prefix}-vpc" 58 | }) 59 | 60 | private_subnet_tags = { 61 | SubnetType = "private" 62 | "kubernetes.io/role/internal-elb" = "1" 63 | } 64 | public_subnet_tags = { 65 | SubnetType = "public" 66 | "kubernetes.io/role/elb" = "1" 67 | } 68 | database_subnet_tags = { 69 | SubnetType = "database" 70 | } 71 | 72 | igw_tags = var.common_tags 73 | } 74 | 75 | -------------------------------------------------------------------------------- /terraform/modules/custom_vpc/outputs.tf: -------------------------------------------------------------------------------- 1 | output "vpc_id" { 2 | value = module.vpc_aws.vpc_id 3 | } 4 | 5 | output "availability_zones" { 6 | value = module.vpc_aws.azs 7 | } 8 | 9 | output "public_subnet_ids" { 10 | value = module.vpc_aws.public_subnets 11 | } 12 | 13 | output "public_subnet_ranges" { 14 | value = module.vpc_aws.public_subnets_cidr_blocks 15 | } 16 | 17 | output "public_subnet_arns" { 18 | value = module.vpc_aws.public_subnet_arns 19 | } 20 | 21 | output "private_subnet_ids" { 22 | value = module.vpc_aws.private_subnets 23 | } 24 | 25 | output "private_subnet_ranges" { 26 | value = module.vpc_aws.private_subnets_cidr_blocks 27 | } 28 | 29 | output "private_subnet_arns" { 30 | value = module.vpc_aws.private_subnet_arns 31 | } 32 | 33 | output "database_subnet_ids" { 34 | value = module.vpc_aws.database_subnets 35 | } 36 | 37 | output "database_subnet_ranges" { 38 | value = module.vpc_aws.database_subnets_cidr_blocks 39 | } 40 | 41 | output "database_subnet_arns" { 42 | value = module.vpc_aws.database_subnet_arns 43 | } 44 | 45 | output "default_security_group_id" { 46 | value = module.vpc_aws.default_security_group_id 47 | } 48 | 49 | output "vpc_endpoint_ecr_api_id" { 50 | value = module.vpc_aws.vpc_endpoint_ecr_api_id 51 | } 52 | 53 | output "vpc_endpoint_ecr_dkr_id" { 54 | value = module.vpc_aws.vpc_endpoint_ecr_dkr_id 55 | } 56 | 57 | output "vpc_endpoint_s3_id" { 58 | value = module.vpc_aws.vpc_endpoint_s3_id 59 | } 60 | -------------------------------------------------------------------------------- /terraform/modules/custom_vpc/variables.tf: -------------------------------------------------------------------------------- 1 | variable "prefix" { 2 | description = "The name prefix for the created resources" 3 | type = string 4 | } 5 | 6 | variable "cidr" { 7 | description = "The CIDR block for the VPC" 8 | type = string 9 | } 10 | 11 | variable "private_subnets" { 12 | description = "A list of private subnets inside the VPC" 13 | type = list 14 | } 15 | 16 | variable "public_subnets" { 17 | description = "A list of public subnets inside the VPC" 18 | type = list 19 | } 20 | 21 | variable "database_subnets" { 22 | description = "A list of database subnets inside the VPC" 23 | type = list 24 | } 25 | 26 | variable "common_tags" { 27 | description = "The common map of tags" 28 | type = map 29 | default = {} 30 | } 31 | 32 | variable "create_igw" { 33 | description = "Enable Internet Gateway for public subnets" 34 | type = bool 35 | default = true 36 | } 37 | 38 | variable "enable_nat_gateway" { 39 | description = "Enable NAT Gateways for each of your private network" 40 | type = bool 41 | default = true 42 | } 43 | 44 | variable "single_nat_gateway" { 45 | description = "Single shared NAT Gateway across all of your private networks" 46 | type = bool 47 | default = false 48 | } 49 | 50 | variable "one_nat_gateway_per_az" { 51 | description = "Enable only one NAT Gateway per availability zone" 52 | type = bool 53 | default = false 54 | } 55 | 56 | variable "enable_dns_support" { 57 | description = "Enable DNS support in the VPC" 58 | type = bool 59 | default = true 60 | } 61 | 62 | variable "enable_dns_hostnames" { 63 | description = "Enable DNS hostnames in the VPC" 64 | type = bool 65 | default = true 66 | } 67 | 68 | variable "enable_ecr_api_endpoint" { 69 | description = "Provision an ECR API endpoint to the VPC" 70 | type = bool 71 | default = false 72 | } 73 | 74 | variable "enable_ecr_dkr_endpoint" { 75 | description = "Provision an ECR DKR endpoint to the VPC" 76 | type = bool 77 | default = false 78 | } 79 | 80 | variable "enable_s3_endpoint" { 81 | description = "Provision an S3 endpoint to the VPC" 82 | type = bool 83 | default = false 84 | } 85 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/README.md: -------------------------------------------------------------------------------- 1 | # Terraform Module for an ECS Fargate Service 2 | 3 | A reusable module that performs a the creation of an ECS Fargate cluster and the deployment of a 4 | task for a given microservice image. 5 | 6 | ## Development 7 | 8 | If you want to make changes to this module, proceed as follows to format and validate the module sources: 9 | 10 | ```bash 11 | $ terraform init 12 | $ export AWS_DEFAULT_REGION=eu-central-1 13 | 14 | $ terraform fmt 15 | $ terraform validate 16 | ``` 17 | 18 | If using this module from Terragrunt, here is how to test out changes to a module locally: 19 | 20 | 1. Update the code as necessary. 21 | 2. Go into the folder wehere you have the `terragrunt.hcl` file that uses this module. 22 | 3. Run `terragrunt plan --terragrunt-source `, where `LOCAL_PATH` is the path to your local checkout of the module code. 23 | 4. If the plan looks good, run `terragrunt apply --terragrunt-source `. 24 | 25 | Using the `--terragrunt-source` parameter (or `TERRAGRUNT_SOURCE` environment variable) allows you to do rapid, iterative, make-a-change-and-rerun development. 26 | 27 | ## Requirements 28 | 29 | | Name | Version | 30 | |------|---------| 31 | | terraform | >= 0.14.0 | 32 | | aws | >= 3.0 | 33 | 34 | ## Providers 35 | 36 | | Name | Version | 37 | |------|---------| 38 | | aws | >= 3.0 | 39 | 40 | ## Inputs 41 | 42 | | Name | Description | Type | Default | Required | 43 | |------|-------------|------|---------|:--------:| 44 | | vpc_id | The ID of the VPC | `string` | | yes | 45 | | public_subnets | A list of public subnets inside the VPC | `list` | | yes | 46 | | common_tags | The common map of tags | `map` | `{}` | no | 47 | | service_name | The ECS service name | `string` | | yes | 48 | | service_image | The Docker service image to run in the ECS cluster | `string` | | yes | 49 | | service_port | Port exposed by the docker image to redirect traffic to | `number` | `8080` | no | 50 | | service_count | Number of ECS service containers to run | `number` | `3` | no | 51 | | service_cpu | Fargate instance CPU units to provision (1 vCPU = 1024 CPU units) | `string` | `1024` | no | 52 | | service_memory | Fargate instance memory to provision (in MiB) | `string` | `2048` | no | 53 | | service_health_check_path | The health check URL path for the service | `string` | `/health` | no | 54 | 55 | ## Outputs 56 | 57 | | Name | Description | 58 | |------|-------------| 59 | | alb_hostname | The ALB hostname of the service | 60 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/alb.tf: -------------------------------------------------------------------------------- 1 | resource "aws_alb" "main" { 2 | name = "${var.service_name}-load-balancer" 3 | subnets = var.public_subnet_ids 4 | security_groups = [aws_security_group.lb.id] 5 | } 6 | 7 | resource "aws_alb_target_group" "service" { 8 | name = "${var.service_name}-target-group" 9 | port = 80 10 | protocol = "HTTP" 11 | vpc_id = var.vpc_id 12 | target_type = "ip" 13 | 14 | health_check { 15 | healthy_threshold = "2" 16 | interval = "30" 17 | protocol = "HTTP" 18 | matcher = "200" 19 | timeout = "5" 20 | path = var.service_health_check_path 21 | unhealthy_threshold = "3" 22 | } 23 | } 24 | 25 | # Redirect all traffic from the ALB to the target group 26 | resource "aws_alb_listener" "front_end" { 27 | load_balancer_arn = aws_alb.main.id 28 | port = var.service_port 29 | protocol = "HTTP" 30 | 31 | default_action { 32 | target_group_arn = aws_alb_target_group.service.id 33 | type = "forward" 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/auto_scaling.tf: -------------------------------------------------------------------------------- 1 | resource "aws_appautoscaling_target" "target" { 2 | service_namespace = "ecs" 3 | resource_id = "service/${aws_ecs_cluster.main.name}/${aws_ecs_service.main.name}" 4 | scalable_dimension = "ecs:service:DesiredCount" 5 | min_capacity = 3 6 | max_capacity = 5 7 | } 8 | 9 | # Automatically scale capacity up by one 10 | resource "aws_appautoscaling_policy" "up" { 11 | name = "${var.service_name}-scale-up-policy" 12 | service_namespace = "ecs" 13 | resource_id = "service/${aws_ecs_cluster.main.name}/${aws_ecs_service.main.name}" 14 | scalable_dimension = "ecs:service:DesiredCount" 15 | 16 | step_scaling_policy_configuration { 17 | adjustment_type = "ChangeInCapacity" 18 | cooldown = 60 19 | metric_aggregation_type = "Maximum" 20 | 21 | step_adjustment { 22 | metric_interval_lower_bound = 0 23 | scaling_adjustment = 1 24 | } 25 | } 26 | 27 | depends_on = [aws_appautoscaling_target.target] 28 | } 29 | 30 | # Automatically scale capacity down by one 31 | resource "aws_appautoscaling_policy" "down" { 32 | name = "${var.service_name}-scale-down-policy" 33 | service_namespace = "ecs" 34 | resource_id = "service/${aws_ecs_cluster.main.name}/${aws_ecs_service.main.name}" 35 | scalable_dimension = "ecs:service:DesiredCount" 36 | 37 | step_scaling_policy_configuration { 38 | adjustment_type = "ChangeInCapacity" 39 | cooldown = 60 40 | metric_aggregation_type = "Maximum" 41 | 42 | step_adjustment { 43 | metric_interval_lower_bound = 0 44 | scaling_adjustment = -1 45 | } 46 | } 47 | 48 | depends_on = [aws_appautoscaling_target.target] 49 | } 50 | 51 | # CloudWatch alarm that triggers the autoscaling up policy 52 | resource "aws_cloudwatch_metric_alarm" "service_cpu_high" { 53 | alarm_name = "${var.service_name}-cpu-utilization-high" 54 | comparison_operator = "GreaterThanOrEqualToThreshold" 55 | evaluation_periods = "2" 56 | metric_name = "CPUUtilization" 57 | namespace = "AWS/ECS" 58 | period = "60" 59 | statistic = "Average" 60 | threshold = "85" 61 | 62 | dimensions = { 63 | ClusterName = aws_ecs_cluster.main.name 64 | ServiceName = aws_ecs_service.main.name 65 | } 66 | 67 | alarm_actions = [aws_appautoscaling_policy.up.arn] 68 | } 69 | 70 | # CloudWatch alarm that triggers the autoscaling down policy 71 | resource "aws_cloudwatch_metric_alarm" "service_cpu_low" { 72 | alarm_name = "${var.service_name}-cpu-utilization-low" 73 | comparison_operator = "LessThanOrEqualToThreshold" 74 | evaluation_periods = "2" 75 | metric_name = "CPUUtilization" 76 | namespace = "AWS/ECS" 77 | period = "60" 78 | statistic = "Average" 79 | threshold = "10" 80 | 81 | dimensions = { 82 | ClusterName = aws_ecs_cluster.main.name 83 | ServiceName = aws_ecs_service.main.name 84 | } 85 | 86 | alarm_actions = [aws_appautoscaling_policy.down.arn] 87 | } 88 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/ecs.tf: -------------------------------------------------------------------------------- 1 | resource "aws_ecs_cluster" "main" { 2 | name = "${var.service_name}-ecs-cluster" 3 | 4 | tags = merge(var.common_tags, { 5 | Name = "${var.service_name}-ecs-cluster" 6 | }) 7 | } 8 | 9 | data "template_file" "service_template" { 10 | template = file("./templates/ecs_service.json.tpl") 11 | 12 | vars = { 13 | service_name = var.service_name 14 | service_image = var.service_image 15 | service_port = var.service_port 16 | service_cpu = var.service_cpu 17 | service_memory = var.service_memory 18 | service_region = data.aws_availability_zones.available.id 19 | } 20 | } 21 | 22 | resource "aws_ecs_task_definition" "service" { 23 | family = "${var.service_name}-ecs-task" 24 | execution_role_arn = aws_iam_role.ecs_task_execution_role.arn 25 | network_mode = "awsvpc" 26 | requires_compatibilities = ["FARGATE"] 27 | cpu = var.service_cpu 28 | memory = var.service_memory 29 | container_definitions = data.template_file.service_template.rendered 30 | } 31 | 32 | resource "aws_ecs_service" "main" { 33 | name = "${var.service_name}-ecs-service" 34 | cluster = aws_ecs_cluster.main.id 35 | task_definition = aws_ecs_task_definition.service.arn 36 | desired_count = var.service_count 37 | launch_type = "FARGATE" 38 | 39 | network_configuration { 40 | security_groups = [aws_security_group.ecs_tasks.id] 41 | subnets = var.public_subnet_ids 42 | assign_public_ip = true 43 | } 44 | 45 | load_balancer { 46 | target_group_arn = aws_alb_target_group.service.id 47 | container_name = var.service_name 48 | container_port = var.service_port 49 | } 50 | 51 | depends_on = [aws_alb_listener.front_end, aws_iam_role_policy_attachment.ecs_task_execution_role] 52 | } 53 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/logs.tf: -------------------------------------------------------------------------------- 1 | # Set up CloudWatch group and log stream and retain logs for 30 days 2 | resource "aws_cloudwatch_log_group" "log_group" { 3 | name = "/ecs/${var.service_name}-log-group" 4 | retention_in_days = 30 5 | 6 | tags = { 7 | Name = "/ecs/${var.service_name}-log-group" 8 | } 9 | } 10 | 11 | resource "aws_cloudwatch_log_stream" "log_stream" { 12 | name = "${var.service_name}-log-stream" 13 | log_group_name = aws_cloudwatch_log_group.log_group.name 14 | } 15 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "~> 3.0" 6 | } 7 | } 8 | } 9 | 10 | data "aws_availability_zones" "available" { 11 | } 12 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/outputs.tf: -------------------------------------------------------------------------------- 1 | output "alb_hostname" { 2 | value = aws_alb.main.dns_name 3 | } 4 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/roles.tf: -------------------------------------------------------------------------------- 1 | # ECS task execution role data 2 | data "aws_iam_policy_document" "ecs_task_execution_role" { 3 | version = "2012-10-17" 4 | statement { 5 | sid = "" 6 | effect = "Allow" 7 | actions = ["sts:AssumeRole"] 8 | 9 | principals { 10 | type = "Service" 11 | identifiers = ["ecs-tasks.amazonaws.com"] 12 | } 13 | } 14 | } 15 | 16 | # ECS task execution role 17 | resource "aws_iam_role" "ecs_task_execution_role" { 18 | name = "${var.service_name}-EcsTaskExecutionRole" 19 | assume_role_policy = data.aws_iam_policy_document.ecs_task_execution_role.json 20 | } 21 | 22 | # ECS task execution role policy attachment 23 | resource "aws_iam_role_policy_attachment" "ecs_task_execution_role" { 24 | role = aws_iam_role.ecs_task_execution_role.name 25 | policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" 26 | } 27 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/security.tf: -------------------------------------------------------------------------------- 1 | # ALB Security Group: Edit to restrict access to the application 2 | resource "aws_security_group" "lb" { 3 | name = "${var.service_name}-lb-security-group" 4 | description = "Security group to control access to the ALB" 5 | vpc_id = var.vpc_id 6 | 7 | ingress { 8 | protocol = "tcp" 9 | from_port = var.service_port 10 | to_port = var.service_port 11 | cidr_blocks = ["0.0.0.0/0"] 12 | } 13 | 14 | egress { 15 | protocol = "-1" 16 | from_port = 0 17 | to_port = 0 18 | cidr_blocks = ["0.0.0.0/0"] 19 | } 20 | } 21 | 22 | # Traffic to the ECS cluster should only come from the ALB 23 | resource "aws_security_group" "ecs_tasks" { 24 | name = "${var.service_name}-ecs-tasks-security-group" 25 | description = "Security group to allow inbound access from the ALB only" 26 | vpc_id = var.vpc_id 27 | 28 | ingress { 29 | protocol = "tcp" 30 | from_port = var.service_port 31 | to_port = var.service_port 32 | security_groups = [aws_security_group.lb.id] 33 | } 34 | 35 | egress { 36 | protocol = "-1" 37 | from_port = 0 38 | to_port = 0 39 | cidr_blocks = ["0.0.0.0/0"] 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/templates/ecs_service.json.tpl: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "${service_name}", 4 | "image": "${service_image}", 5 | "cpu": ${service_cpu}, 6 | "memory": ${service_memory}, 7 | "networkMode": "awsvpc", 8 | "logConfiguration": { 9 | "logDriver": "awslogs", 10 | "options": { 11 | "awslogs-group": "/ecs/${service_name}-log-group", 12 | "awslogs-region": "${service_region}", 13 | "awslogs-stream-prefix": "ecs" 14 | } 15 | }, 16 | "portMappings": [ 17 | { 18 | "containerPort": ${service_port}, 19 | "hostPort": ${service_port} 20 | } 21 | ] 22 | } 23 | ] 24 | -------------------------------------------------------------------------------- /terraform/modules/fargate_service/variables.tf: -------------------------------------------------------------------------------- 1 | variable "vpc_id" { 2 | description = "The ID of the VPC" 3 | type = string 4 | } 5 | 6 | variable "public_subnet_ids" { 7 | description = "The list of public subnet IDs" 8 | type = list(any) 9 | } 10 | 11 | variable "common_tags" { 12 | description = "The common map of tags" 13 | type = map(any) 14 | default = {} 15 | } 16 | 17 | variable "service_name" { 18 | description = "The ECS service name" 19 | type = string 20 | } 21 | 22 | variable "service_image" { 23 | description = "The Docker service image to run in the ECS cluster" 24 | type = string 25 | } 26 | 27 | variable "service_port" { 28 | description = "Port exposed by the docker image to redirect traffic to" 29 | type = number 30 | default = 8080 31 | } 32 | 33 | variable "service_count" { 34 | description = "Number of ECS service containers to run" 35 | type = number 36 | default = 3 37 | } 38 | 39 | variable "service_cpu" { 40 | description = "Fargate instance CPU units to provision (1 vCPU = 1024 CPU units)" 41 | type = string 42 | default = "1024" 43 | } 44 | 45 | variable "service_memory" { 46 | description = "Fargate instance memory to provision (in MiB)" 47 | type = string 48 | default = "2048" 49 | } 50 | 51 | variable "service_health_check_path" { 52 | description = "The health check URL path for the service" 53 | type = string 54 | default = "/health" 55 | } 56 | -------------------------------------------------------------------------------- /terragrunt/dev/account.hcl: -------------------------------------------------------------------------------- 1 | # Set account-wide variables 2 | locals { 3 | account_name = "dev" 4 | aws_account_id = "TODO" # TODO insert with actual account ID 5 | aws_profile = "profile" 6 | } -------------------------------------------------------------------------------- /terragrunt/dev/eu-central-1/dev/aurora_db/terragrunt.hcl: -------------------------------------------------------------------------------- 1 | locals { 2 | environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) 3 | region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl")) 4 | 5 | region = local.region_vars.locals.aws_region 6 | environment = local.environment_vars.locals.environment 7 | component = local.environment_vars.locals.component 8 | creator = local.environment_vars.locals.creator 9 | } 10 | 11 | terraform { 12 | source = "git::git@github.com:lreimer/clean-infrastructure-as-code.git//terraform/modules/aurora_serverless?ref=v1.0.0" 13 | } 14 | 15 | include { 16 | path = find_in_parent_folders() 17 | } 18 | 19 | dependency "networking" { 20 | config_path = "../networking" 21 | 22 | mock_outputs_allowed_terraform_commands = ["validate"] 23 | mock_outputs = { 24 | vpc_id = "fake-vpc-id" 25 | } 26 | } 27 | 28 | inputs = { 29 | cluster_name = "example-aurora-serverless-${local.environment}" 30 | vpc_id = dependency.networking.outputs.vpc_id 31 | database_subnets = dependency.networking.outputs.database_subnet_ids 32 | allowed_cidr_blocks = dependency.networking.outputs.private_subnet_ranges 33 | database_name = "example" 34 | 35 | tags = { 36 | Environment = local.environment 37 | Component = local.component 38 | Creator = local.creator 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /terragrunt/dev/eu-central-1/dev/env.hcl: -------------------------------------------------------------------------------- 1 | # Set common variables for the environment 2 | locals { 3 | component = "Cloud" 4 | creator = "Terragrunt" 5 | environment = "dev" 6 | } 7 | -------------------------------------------------------------------------------- /terragrunt/dev/eu-central-1/dev/microservice/terragrunt.hcl: -------------------------------------------------------------------------------- 1 | locals { 2 | environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) 3 | 4 | environment = local.environment_vars.locals.environment 5 | component = local.environment_vars.locals.component 6 | creator = local.environment_vars.locals.creator 7 | } 8 | 9 | terraform { 10 | source = "git::git@github.com:lreimer/clean-infrastructure-as-code.git//terraform/modules/fargate_service?ref=v1.0.0" 11 | } 12 | 13 | include { 14 | path = find_in_parent_folders() 15 | } 16 | 17 | dependency "networking" { 18 | config_path = "../networking" 19 | 20 | mock_outputs_allowed_terraform_commands = ["validate"] 21 | mock_outputs = { 22 | vpc_id = "fake-vpc-id" 23 | } 24 | } 25 | 26 | inputs = { 27 | vpc_id = dependency.networking.outputs.vpc_id 28 | public_subnet_ids = dependency.networking.outputs.public_subnet_ids 29 | 30 | service_name = "jakartaee8-java11" 31 | service_image = "lreimer/jakartaee8-java11:d412e89362d3ee78e3e70fc29caf4689a84caa36c9652910a301654f8c7472fa" 32 | 33 | common_tags = { 34 | Environment = local.environment 35 | Component = local.component 36 | Creator = local.creator 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /terragrunt/dev/eu-central-1/dev/networking/terragrunt.hcl: -------------------------------------------------------------------------------- 1 | locals { 2 | environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) 3 | 4 | environment = local.environment_vars.locals.environment 5 | component = local.environment_vars.locals.component 6 | creator = local.environment_vars.locals.creator 7 | } 8 | 9 | terraform { 10 | source = "git::git@github.com:lreimer/clean-infrastructure-as-code.git//terraform/modules/custom_vpc?ref=v1.0.0" 11 | } 12 | 13 | include { 14 | path = find_in_parent_folders() 15 | } 16 | 17 | inputs = { 18 | prefix = "example-${local.environment}" 19 | 20 | cidr = "10.19.0.0/16" 21 | public_subnets = ["10.19.1.0/24", "10.19.2.0/24", "10.19.3.0/24"] 22 | private_subnets = ["10.19.4.0/24", "10.19.5.0/24", "10.19.6.0/24"] 23 | database_subnets = ["10.19.7.0/24", "10.19.8.0/24", "10.19.9.0/24"] 24 | 25 | enable_ecr_api_endpoint = true 26 | enable_ecr_dkr_endpoint = true 27 | enable_s3_endpoint = true 28 | 29 | common_tags = { 30 | Environment = local.environment 31 | Component = local.component 32 | Creator = local.creator 33 | } 34 | } -------------------------------------------------------------------------------- /terragrunt/dev/eu-central-1/region.hcl: -------------------------------------------------------------------------------- 1 | # Set common variables for the region 2 | locals { 3 | aws_region = "eu-central-1" 4 | } 5 | -------------------------------------------------------------------------------- /terragrunt/prod/account.hcl: -------------------------------------------------------------------------------- 1 | # Set account-wide variables 2 | locals { 3 | account_name = "prod" 4 | aws_account_id = "TODO" # TODO insert with actual account ID 5 | aws_profile = "default" 6 | } 7 | -------------------------------------------------------------------------------- /terragrunt/prod/eu-central-1/prod/env.hcl: -------------------------------------------------------------------------------- 1 | # Set common variables for the environment 2 | locals { 3 | component = "Cloud" 4 | creator = "Terragrunt" 5 | environment = "prod" 6 | } 7 | -------------------------------------------------------------------------------- /terragrunt/prod/eu-central-1/prod/networking/terragrunt.hcl: -------------------------------------------------------------------------------- 1 | locals { 2 | environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) 3 | 4 | environment = local.environment_vars.locals.environment 5 | component = local.environment_vars.locals.component 6 | creator = local.environment_vars.locals.creator 7 | } 8 | 9 | terraform { 10 | source = "git::git@github.com:lreimer/clean-infrastructure-as-code.git//terraform/modules/custom_vpc?ref=v1.0.0" 11 | } 12 | 13 | include { 14 | path = find_in_parent_folders() 15 | } 16 | 17 | inputs = { 18 | prefix = "example-${local.environment}" 19 | cidr = "10.19.0.0/16" 20 | public_subnets = ["10.19.1.0/24", "10.19.2.0/24", "10.19.3.0/24"] 21 | private_subnets = ["10.19.4.0/24", "10.19.5.0/24", "10.19.6.0/24"] 22 | common_tags = { 23 | Environment = local.environment 24 | Component = local.component 25 | Creator = local.creator 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /terragrunt/prod/eu-central-1/region.hcl: -------------------------------------------------------------------------------- 1 | # Set common variables for the region 2 | locals { 3 | aws_region = "eu-central-1" 4 | } 5 | -------------------------------------------------------------------------------- /terragrunt/terragrunt.hcl: -------------------------------------------------------------------------------- 1 | locals { 2 | # Automatically load account-level variables 3 | account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl")) 4 | 5 | # Automatically load region-level variables 6 | region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl")) 7 | 8 | # Automatically load environment-level variables 9 | environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) 10 | 11 | # Extract the variables we need for easy access 12 | account_name = local.account_vars.locals.account_name 13 | account_id = local.account_vars.locals.aws_account_id 14 | aws_profile = local.account_vars.locals.aws_profile 15 | 16 | aws_region = local.region_vars.locals.aws_region 17 | 18 | component = local.environment_vars.locals.component 19 | creator = local.environment_vars.locals.creator 20 | environment = local.environment_vars.locals.environment 21 | } 22 | 23 | # Generate an AWS provider block 24 | generate "provider" { 25 | path = "provider.tf" 26 | if_exists = "overwrite_terragrunt" 27 | contents = <