├── .github └── workflows │ └── test.yml ├── .gitignore ├── LICENSE ├── README.md ├── cli.go ├── doc.go ├── go.mod ├── go.sum ├── internal └── commands │ ├── providers │ └── provider.go │ ├── root │ ├── auth.go │ ├── flag.go │ ├── http.go │ ├── http_test.go │ ├── mux.go │ ├── node.go │ ├── root.go │ └── root_test.go │ └── version │ └── version.go ├── logrus ├── flags.go └── init.go ├── manager └── resource.go ├── opencensus ├── flags.go └── init.go ├── opts ├── opts.go └── types.go └── provider ├── README.md ├── doc.go ├── mock ├── mock.go └── mock_test.go ├── provider.go ├── store.go └── types.go /.github/workflows/test.yml: -------------------------------------------------------------------------------- 1 | name: Go 2 | 3 | on: 4 | push: 5 | branches: [ master, release-0.2 ] 6 | pull_request: 7 | branches: [ master, release-0.2 ] 8 | 9 | env: 10 | GO111MODULE: on 11 | GOLANGCI_LINT_VERSION: 1.42.1 12 | 13 | jobs: 14 | test: 15 | strategy: 16 | matrix: 17 | go-versions: [1.15.x, 1.16.x, 1.17.x] 18 | platform: [ubuntu-latest] 19 | runs-on: ${{ matrix.platform }} 20 | steps: 21 | - name: Install Go 22 | uses: actions/setup-go@v1 23 | with: 24 | go-version: ${{ matrix.go-version }} 25 | - name: Checkout code 26 | uses: actions/checkout@v2 27 | - uses: actions/cache@v1 28 | with: 29 | path: ~/go/pkg/mod 30 | key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }} 31 | restore-keys: | 32 | ${{ runner.os }}-go-mod- 33 | - uses: actions/cache@v1 34 | with: 35 | path: ~/.build/go-cache 36 | key: ${{ runner.os }}-go-build-${{ hashFiles('**/go.sum') }} 37 | restore-keys: | 38 | ${{ runner.os }}-go-build- 39 | - name: go env 40 | run: go env 41 | - name: Fetch dependencies 42 | run: go get 43 | - name: Run tests 44 | run: go test ./... 45 | - name: Build 46 | run: go build 47 | lint: 48 | runs-on: ubuntu-latest 49 | steps: 50 | - name: Install Go 51 | uses: actions/setup-go@v1 52 | with: 53 | go-version: 1.17.x 54 | - name: Checkout code 55 | uses: actions/checkout@v2 56 | - uses: actions/cache@v1 57 | with: 58 | path: ~/go/pkg/mod 59 | key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }} 60 | restore-keys: | 61 | ${{ runner.os }}-go-mod- 62 | - uses: actions/cache@v1 63 | with: 64 | path: ~/.build/go-cache 65 | key: ${{ runner.os }}-go-build-${{ hashFiles('**/go.sum') }} 66 | restore-keys: | 67 | ${{ runner.os }}-go-build- 68 | - uses: actions/cache@v1 69 | id: bin 70 | with: 71 | path: ~/bin/ 72 | key: golangi-lint-${{ env.GOLANGCI_LINT_VERSION }} 73 | - name: Install golangci-lint 74 | if: steps.bin.outputs.cache-hit != 'true' 75 | run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b ~/bin/ v${GOLANGCI_LINT_VERSION} 76 | - name: Precompile packages 77 | run: go build ./... 78 | - name: Lint 79 | run: ~/bin/golangci-lint run --disable-all -v -E govet -E misspell -E gofmt -E ineffassign -E golint 80 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .idea/ 2 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright 2020 The virtual-kubelet authors 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Virtual-Kubelet CLI 2 | ================== 3 | 4 | This project provides a library for rapid prototyping of a virtual-kubelet node. 5 | It is not intended for production use and may have breaking changes, 6 | but takes as much as made sense from the old command line code from 7 | [github.com/virtual-kubelet/virtual-kubelet][vk]. 8 | 9 | [vk]: https://github.com/virtual-kubelet/virtual-kubelet 10 | 11 | 12 | ## Usage 13 | 14 | ```go 15 | package main 16 | 17 | import ( 18 | "context" 19 | "errors" 20 | 21 | "github.com/sirupsen/logrus" 22 | cli "github.com/virtual-kubelet/node-cli" 23 | logruscli "github.com/virtual-kubelet/node-cli/logrus" 24 | "github.com/virtual-kubelet/node-cli/provider" 25 | "github.com/virtual-kubelet/virtual-kubelet/log" 26 | logruslogger "github.com/virtual-kubelet/virtual-kubelet/log/logrus" 27 | ) 28 | 29 | func main() { 30 | ctx := cli.ContextWithCancelOnSignal(context.Background()) 31 | logger := logrus.StandardLogger() 32 | 33 | log.L = logruslogger.FromLogrus(logrus.NewEntry(logger)) 34 | logConfig := &logruscli.Config{LogLevel: "info"} 35 | 36 | node, err := cli.New(ctx, 37 | cli.WithProvider("demo", func(cfg provider.InitConfig) (provider.Provider, error) { 38 | return nil, errors.New("your implementation goes here") 39 | }), 40 | // Adds flags and parsing for using logrus as the configured logger 41 | cli.WithPersistentFlags(logConfig.FlagSet()), 42 | cli.WithPersistentPreRunCallback(func() error { 43 | return logruscli.Configure(logConfig, logger) 44 | }), 45 | ) 46 | 47 | if err != nil { 48 | panic(err) 49 | } 50 | // Args can be specified here, or os.Args[1:] will be used. 51 | if err := node.Run(ctx); err != nil { 52 | panic(err) 53 | } 54 | } 55 | ``` 56 | -------------------------------------------------------------------------------- /cli.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package cli 16 | 17 | import ( 18 | "context" 19 | "os" 20 | "os/signal" 21 | "path/filepath" 22 | "syscall" 23 | 24 | "github.com/spf13/cobra" 25 | "github.com/spf13/pflag" 26 | "github.com/virtual-kubelet/node-cli/internal/commands/providers" 27 | "github.com/virtual-kubelet/node-cli/internal/commands/root" 28 | "github.com/virtual-kubelet/node-cli/internal/commands/version" 29 | "github.com/virtual-kubelet/node-cli/opts" 30 | "github.com/virtual-kubelet/node-cli/provider" 31 | ) 32 | 33 | // Option sets an option on the command. 34 | type Option func(*Command) 35 | 36 | // Command builds the CLI command 37 | type Command struct { 38 | cmd *cobra.Command 39 | s *provider.Store 40 | name string 41 | version string 42 | buildTime string 43 | k8sVersion string 44 | persistentFlags []*pflag.FlagSet 45 | persistentPreRunCb []func() error 46 | opts *opts.Opts 47 | } 48 | 49 | // ContextWithCancelOnSignal returns a context which will be cancelled when 50 | // receiving one of the passed in signals. 51 | // If no signals are passed in, the default signals SIGTERM and SIGINT are used. 52 | func ContextWithCancelOnSignal(ctx context.Context, signals ...os.Signal) context.Context { 53 | ctx, cancel := context.WithCancel(ctx) 54 | sig := make(chan os.Signal, 1) 55 | if signals == nil { 56 | signals = []os.Signal{syscall.SIGINT, syscall.SIGTERM} 57 | } 58 | signal.Notify(sig, signals...) 59 | go func() { 60 | <-sig 61 | cancel() 62 | }() 63 | 64 | return ctx 65 | } 66 | 67 | // WithBaseOpts sets the base options used 68 | func WithBaseOpts(o *opts.Opts) Option { 69 | return func(c *Command) { 70 | c.opts = o 71 | } 72 | } 73 | 74 | // WithPersistentFlagsAllows you to attach custom, persitent flags to the command. 75 | // The flags are added to the main command and all sub commands. 76 | func WithPersistentFlags(flags *pflag.FlagSet) Option { 77 | return func(c *Command) { 78 | c.persistentFlags = append(c.persistentFlags, flags) 79 | } 80 | } 81 | 82 | // WithProvider registers a provider which the cli can be initialized with. 83 | func WithProvider(name string, f provider.InitFunc) Option { 84 | return func(c *Command) { 85 | if c.s == nil { 86 | c.s = provider.NewStore() 87 | } 88 | c.s.Register(name, f) 89 | } 90 | } 91 | 92 | // WithCLIVersion sets the version details for the `version` subcommand. 93 | func WithCLIVersion(version, buildTime string) Option { 94 | return func(c *Command) { 95 | c.version = version 96 | c.buildTime = buildTime 97 | } 98 | } 99 | 100 | // WithCLIBaseName sets the name of the command. 101 | // This is used for things like help output. 102 | // 103 | // If not set, the name is taken from `filepath.Base(os.Args[0])` 104 | func WithCLIBaseName(n string) Option { 105 | return func(c *Command) { 106 | c.name = n 107 | } 108 | } 109 | 110 | // WithKubernetesNodeVersion sets the version of kubernetes this should report 111 | // as to the Kubernetes API server. 112 | func WithKubernetesNodeVersion(v string) Option { 113 | return func(c *Command) { 114 | c.k8sVersion = v 115 | } 116 | } 117 | 118 | // WithPersistentPreRunCallback adds a callback which is called after flags are processed 119 | // but before running the command or any sub-command 120 | func WithPersistentPreRunCallback(f func() error) Option { 121 | return func(c *Command) { 122 | c.persistentPreRunCb = append(c.persistentPreRunCb, f) 123 | } 124 | } 125 | 126 | // New creates a new command. 127 | // Call `Run()` on the returned object to run the command. 128 | func New(ctx context.Context, options ...Option) (*Command, error) { 129 | var c Command 130 | for _, o := range options { 131 | o(&c) 132 | } 133 | 134 | name := c.name 135 | if name == "" { 136 | name = filepath.Base(os.Args[0]) 137 | } 138 | 139 | flagOpts := c.opts 140 | if flagOpts == nil { 141 | flagOpts = opts.New() 142 | } 143 | 144 | if c.k8sVersion != "" { 145 | flagOpts.Version = c.k8sVersion 146 | } 147 | 148 | c.cmd = root.NewCommand(name, c.s, flagOpts) 149 | for _, f := range c.persistentFlags { 150 | c.cmd.PersistentFlags().AddFlagSet(f) 151 | } 152 | 153 | c.cmd.PersistentPreRunE = func(_ *cobra.Command, _ []string) error { 154 | for _, f := range c.persistentPreRunCb { 155 | if err := f(); err != nil { 156 | return err 157 | } 158 | } 159 | return nil 160 | } 161 | 162 | c.cmd.AddCommand(version.NewCommand(c.version, c.buildTime), providers.NewCommand(c.s)) 163 | return &c, nil 164 | } 165 | 166 | // Run executes the command with the provided args. 167 | // If args is nil then os.Args[1:] is used 168 | func (c *Command) Run(ctx context.Context, args ...string) error { 169 | c.cmd.SetArgs(args) 170 | return c.cmd.ExecuteContext(ctx) 171 | } 172 | -------------------------------------------------------------------------------- /doc.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | // Package cli contains a reusable implemetation for a daemon that acts as a 16 | // single node on the cluster. 17 | package cli 18 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/virtual-kubelet/node-cli 2 | 3 | go 1.12 4 | 5 | require ( 6 | github.com/mitchellh/go-homedir v1.1.0 7 | github.com/pkg/errors v0.9.1 8 | github.com/sirupsen/logrus v1.6.0 9 | github.com/spf13/cobra v1.0.0 10 | github.com/spf13/pflag v1.0.5 11 | github.com/virtual-kubelet/virtual-kubelet v1.6.0 12 | go.opencensus.io v0.22.2 13 | gotest.tools v2.2.0+incompatible 14 | k8s.io/api v0.19.10 15 | k8s.io/apimachinery v0.19.10 16 | k8s.io/apiserver v0.19.10 17 | k8s.io/client-go v0.19.10 18 | k8s.io/klog v1.0.0 19 | ) 20 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 2 | cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 3 | cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= 4 | cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= 5 | cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= 6 | cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= 7 | cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= 8 | cloud.google.com/go v0.51.0/go.mod h1:hWtGJ6gnXH+KgDv+V0zFGDvpi07n3z8ZNj3T1RW0Gcw= 9 | cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= 10 | cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= 11 | cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= 12 | cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= 13 | contrib.go.opencensus.io/exporter/jaeger v0.1.0/go.mod h1:VYianECmuFPwU37O699Vc1GOcy+y8kOsfaxHRImmjbA= 14 | contrib.go.opencensus.io/exporter/ocagent v0.4.12/go.mod h1:450APlNTSR6FrvC3CTRqYosuDstRB9un7SOx2k/9ckA= 15 | dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= 16 | github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= 17 | github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= 18 | github.com/Azure/go-autorest/autorest v0.9.6/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630= 19 | github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= 20 | github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= 21 | github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= 22 | github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g= 23 | github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= 24 | github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= 25 | github.com/Azure/go-autorest/autorest/mocks v0.3.0/go.mod h1:a8FDP3DYzQ4RYfVAxAN3SVSiiO77gL2j2ronKKP0syM= 26 | github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= 27 | github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= 28 | github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= 29 | github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= 30 | github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= 31 | github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= 32 | github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= 33 | github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= 34 | github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= 35 | github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= 36 | github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= 37 | github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= 38 | github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= 39 | github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= 40 | github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= 41 | github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= 42 | github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= 43 | github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= 44 | github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= 45 | github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= 46 | github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= 47 | github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= 48 | github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= 49 | github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= 50 | github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= 51 | github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= 52 | github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= 53 | github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= 54 | github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= 55 | github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= 56 | github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= 57 | github.com/blang/semver v3.5.0+incompatible h1:CGxCgetQ64DKk7rdZ++Vfnb1+ogGNnB17OJKJXD2Cfs= 58 | github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= 59 | github.com/bombsimon/logrusr v1.0.0 h1:CTCkURYAt5nhCCnKH9eLShYayj2/8Kn/4Qg3QfiU+Ro= 60 | github.com/bombsimon/logrusr v1.0.0/go.mod h1:Jq0nHtvxabKE5EMwAAdgTaz7dfWE8C4i11NOltxGQpc= 61 | github.com/census-instrumentation/opencensus-proto v0.2.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= 62 | github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= 63 | github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= 64 | github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= 65 | github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY= 66 | github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= 67 | github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= 68 | github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= 69 | github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= 70 | github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= 71 | github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= 72 | github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= 73 | github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= 74 | github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= 75 | github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= 76 | github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= 77 | github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= 78 | github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= 79 | github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= 80 | github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= 81 | github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= 82 | github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= 83 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 84 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 85 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 86 | github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= 87 | github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= 88 | github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= 89 | github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= 90 | github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= 91 | github.com/docker/spdystream v0.0.0-20170912183627-bc6354cbbc29 h1:llBx5m8Gk0lrAaiLud2wktkX/e8haX7Ru0oVfQqtZQ4= 92 | github.com/docker/spdystream v0.0.0-20170912183627-bc6354cbbc29/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= 93 | github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= 94 | github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= 95 | github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= 96 | github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs= 97 | github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU= 98 | github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= 99 | github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= 100 | github.com/elazarl/goproxy v0.0.0-20190421051319-9d40249d3c2f h1:8GDPb0tCY8LQ+OJ3dbHb5sA6YZWXFORQYZx5sdsTlMs= 101 | github.com/elazarl/goproxy v0.0.0-20190421051319-9d40249d3c2f/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= 102 | github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2 h1:dWB6v3RcOy03t/bUadywsbyrQwCqZeNIEX6M1OtSZOM= 103 | github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= 104 | github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= 105 | github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= 106 | github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= 107 | github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= 108 | github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= 109 | github.com/evanphx/json-patch v4.9.0+incompatible h1:kLcOMZeuLAJvL2BPWLMIj5oaZQobrkAqrL+WFZwQses= 110 | github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= 111 | github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= 112 | github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= 113 | github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= 114 | github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= 115 | github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= 116 | github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= 117 | github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= 118 | github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= 119 | github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= 120 | github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= 121 | github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= 122 | github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= 123 | github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= 124 | github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= 125 | github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= 126 | github.com/go-logr/logr v0.3.0 h1:q4c+kbcR0d5rSurhBR8dIgieOaYpXtsdTYfx22Cu6rs= 127 | github.com/go-logr/logr v0.3.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= 128 | github.com/go-logr/zapr v0.2.0 h1:v6Ji8yBW77pva6NkJKQdHLAJKrIJKRHz0RXwPqCHSR4= 129 | github.com/go-logr/zapr v0.2.0/go.mod h1:qhKdvif7YF5GI9NWEpyxTSSBdGmzkNguibrdCNVPunU= 130 | github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= 131 | github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= 132 | github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= 133 | github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk= 134 | github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU= 135 | github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= 136 | github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= 137 | github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= 138 | github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= 139 | github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= 140 | github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= 141 | github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= 142 | github.com/go-openapi/jsonpointer v0.19.3 h1:gihV7YNZK1iK6Tgwwsxo2rJbD1GTbdm72325Bq8FI3w= 143 | github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= 144 | github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= 145 | github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= 146 | github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= 147 | github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= 148 | github.com/go-openapi/jsonreference v0.19.3 h1:5cxNfTy0UVC3X8JL5ymxzyoUZmo8iZb+jeTWn7tUa8o= 149 | github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= 150 | github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= 151 | github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= 152 | github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= 153 | github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs= 154 | github.com/go-openapi/loads v0.19.4/go.mod h1:zZVHonKd8DXyxyw4yfnVjPzBjIQcLt0CCsn0N0ZrQsk= 155 | github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA= 156 | github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64= 157 | github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4= 158 | github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= 159 | github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= 160 | github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= 161 | github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY= 162 | github.com/go-openapi/spec v0.19.3 h1:0XRyw8kguri6Yw4SxhsQA/atC88yqrk0+G4YhI2wabc= 163 | github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= 164 | github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= 165 | github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= 166 | github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY= 167 | github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= 168 | github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= 169 | github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= 170 | github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= 171 | github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= 172 | github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= 173 | github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= 174 | github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= 175 | github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA= 176 | github.com/go-openapi/validate v0.19.5/go.mod h1:8DJv2CVJQ6kGNpFW6eV9N3JviE1C85nY1c2z52x1Gk4= 177 | github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= 178 | github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= 179 | github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= 180 | github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= 181 | github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= 182 | github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= 183 | github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= 184 | github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= 185 | github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= 186 | github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= 187 | github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= 188 | github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= 189 | github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7 h1:5ZkaAPbicIKTF2I64qf5Fh8Aa83Q/dnOafMYV0OMwjA= 190 | github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= 191 | github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= 192 | github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= 193 | github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= 194 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 195 | github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 196 | github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 197 | github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= 198 | github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= 199 | github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= 200 | github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= 201 | github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= 202 | github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= 203 | github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= 204 | github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0= 205 | github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= 206 | github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= 207 | github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= 208 | github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= 209 | github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= 210 | github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 211 | github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 212 | github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 213 | github.com/google/go-cmp v0.5.2 h1:X2ev0eStA3AbceY54o37/0PQ/UWqKEiiO2dKL5OPaFM= 214 | github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 215 | github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= 216 | github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= 217 | github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= 218 | github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= 219 | github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= 220 | github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= 221 | github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= 222 | github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= 223 | github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 224 | github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= 225 | github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 226 | github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= 227 | github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= 228 | github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= 229 | github.com/googleapis/gnostic v0.5.1 h1:A8Yhf6EtqTv9RMsU6MQTyrtV1TjWlR6xU9BsZIwuTCM= 230 | github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= 231 | github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= 232 | github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= 233 | github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw= 234 | github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= 235 | github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= 236 | github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= 237 | github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= 238 | github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= 239 | github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= 240 | github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= 241 | github.com/grpc-ecosystem/grpc-gateway v1.8.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= 242 | github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= 243 | github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= 244 | github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= 245 | github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= 246 | github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= 247 | github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= 248 | github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= 249 | github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= 250 | github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= 251 | github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= 252 | github.com/imdario/mergo v0.3.10 h1:6q5mVkdH/vYmqngx7kZQTjJ5HRsx+ImorDIEQ+beJgc= 253 | github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= 254 | github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= 255 | github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= 256 | github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= 257 | github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= 258 | github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= 259 | github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68= 260 | github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= 261 | github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= 262 | github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= 263 | github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= 264 | github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= 265 | github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= 266 | github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= 267 | github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= 268 | github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= 269 | github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= 270 | github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8= 271 | github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= 272 | github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= 273 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= 274 | github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= 275 | github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= 276 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 277 | github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= 278 | github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= 279 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 280 | github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= 281 | github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= 282 | github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= 283 | github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= 284 | github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= 285 | github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= 286 | github.com/mailru/easyjson v0.7.0 h1:aizVhC/NAAcKWb+5QsU1iNOZb4Yws5UO2I+aIprQITM= 287 | github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= 288 | github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= 289 | github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= 290 | github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= 291 | github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= 292 | github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= 293 | github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= 294 | github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= 295 | github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= 296 | github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= 297 | github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= 298 | github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= 299 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= 300 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= 301 | github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= 302 | github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= 303 | github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= 304 | github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= 305 | github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= 306 | github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= 307 | github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= 308 | github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78= 309 | github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= 310 | github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= 311 | github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= 312 | github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 313 | github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 314 | github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 315 | github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 316 | github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= 317 | github.com/onsi/ginkgo v1.14.1 h1:jMU0WaQrP0a/YAEq8eJmJKjBoMs+pClEr1vDMlM/Do4= 318 | github.com/onsi/ginkgo v1.14.1/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= 319 | github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= 320 | github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= 321 | github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= 322 | github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= 323 | github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= 324 | github.com/onsi/gomega v1.10.2 h1:aY/nuoWlKJud2J6U0E3NWsjlg+0GtwXxgEqthRdzlcs= 325 | github.com/onsi/gomega v1.10.2/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= 326 | github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw= 327 | github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= 328 | github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= 329 | github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= 330 | github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= 331 | github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 332 | github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 333 | github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= 334 | github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 335 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 336 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 337 | github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= 338 | github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= 339 | github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs= 340 | github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= 341 | github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= 342 | github.com/prometheus/client_golang v1.7.1 h1:NTGy1Ja9pByO+xAeH/qiWnLrKtr3hJPNjaVUwnjpdpA= 343 | github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= 344 | github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= 345 | github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= 346 | github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= 347 | github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= 348 | github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= 349 | github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= 350 | github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= 351 | github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= 352 | github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= 353 | github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= 354 | github.com/prometheus/common v0.10.0 h1:RyRA7RzGXQZiW+tGMr7sxa85G1z0yOpM1qq5c8lNawc= 355 | github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= 356 | github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= 357 | github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= 358 | github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= 359 | github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= 360 | github.com/prometheus/procfs v0.1.3 h1:F0+tqvhOksq22sc6iCHF5WGlWjdwj92p0udFh1VFBS8= 361 | github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= 362 | github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= 363 | github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= 364 | github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= 365 | github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= 366 | github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= 367 | github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= 368 | github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= 369 | github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= 370 | github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= 371 | github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= 372 | github.com/sirupsen/logrus v1.6.0 h1:UBcNElsrwanuuMsnGSlYmtmgbb23qDR5dG+6X6Oo89I= 373 | github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= 374 | github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= 375 | github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= 376 | github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= 377 | github.com/spf13/afero v1.2.2 h1:5jhuqJyZCZf2JRofRvN/nIFgIWNzPa3/Vz8mYylgbWc= 378 | github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= 379 | github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= 380 | github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= 381 | github.com/spf13/cobra v1.0.0 h1:6m/oheQuQ13N9ks4hubMG6BnvwOeaJrqSPLahSnczz8= 382 | github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= 383 | github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= 384 | github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 385 | github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 386 | github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 387 | github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= 388 | github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= 389 | github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= 390 | github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= 391 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 392 | github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 393 | github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= 394 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= 395 | github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= 396 | github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= 397 | github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= 398 | github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= 399 | github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= 400 | github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= 401 | github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= 402 | github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= 403 | github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= 404 | github.com/vektah/gqlparser v1.1.2/go.mod h1:1ycwN7Ij5njmMkPPAOaRFY4rET2Enx7IkVv3vaXspKw= 405 | github.com/virtual-kubelet/virtual-kubelet v1.6.0 h1:BJAsHB3ItrXVhzQszWiIqmwVkuxrtu4f0Xz5hjMPR7c= 406 | github.com/virtual-kubelet/virtual-kubelet v1.6.0/go.mod h1:Uf0+/KqEDz5Tz6TNQSok5B4A+guFZV6cs4JohQTHdEQ= 407 | github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= 408 | github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= 409 | github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= 410 | github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= 411 | go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= 412 | go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= 413 | go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= 414 | go.etcd.io/etcd v0.5.0-alpha.5.0.20200819165624-17cef6e3e9d5/go.mod h1:skWido08r9w6Lq/w70DO5XYIKMu4QFu1+4VsqLQuJy8= 415 | go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= 416 | go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= 417 | go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= 418 | go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= 419 | go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= 420 | go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= 421 | go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= 422 | go.opencensus.io v0.22.2 h1:75k/FF0Q2YM8QYo07VPddOLBslDt1MZOdEslOHvmzAs= 423 | go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= 424 | go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= 425 | go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= 426 | go.uber.org/atomic v1.6.0 h1:Ezj3JGmsOnG1MoRWQkPBsKLe9DwWD9QeXzTRzzldNVk= 427 | go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= 428 | go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0= 429 | go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= 430 | go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= 431 | go.uber.org/multierr v1.5.0 h1:KCa4XfM8CWFCpxXRGok+Q0SS/0XBhMDbHHGABQLvD2A= 432 | go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= 433 | go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee h1:0mgffUl7nfd+FpvXMVz4IDEaUSmT1ysygQC7qYo7sG4= 434 | go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= 435 | go.uber.org/zap v1.8.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= 436 | go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= 437 | go.uber.org/zap v1.15.0 h1:ZZCA22JRF2gQE5FoNmhmrf7jeJJ2uhqDUNRYKm8dvmM= 438 | go.uber.org/zap v1.15.0/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc= 439 | golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 440 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 441 | golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 442 | golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 443 | golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 444 | golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 445 | golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 446 | golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 447 | golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= 448 | golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= 449 | golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= 450 | golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= 451 | golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= 452 | golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= 453 | golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= 454 | golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= 455 | golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= 456 | golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= 457 | golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= 458 | golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= 459 | golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= 460 | golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= 461 | golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= 462 | golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= 463 | golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= 464 | golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f h1:J5lckAjkw6qYlOZNj90mLYNTEKDvWeuc1yieZ8qUzUE= 465 | golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= 466 | golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= 467 | golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= 468 | golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= 469 | golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= 470 | golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= 471 | golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= 472 | golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4= 473 | golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= 474 | golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 475 | golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 476 | golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 477 | golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 478 | golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 479 | golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 480 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 481 | golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 482 | golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 483 | golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 484 | golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 485 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 486 | golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 487 | golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 488 | golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= 489 | golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= 490 | golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 491 | golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 492 | golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 493 | golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 494 | golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 495 | golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 496 | golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= 497 | golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= 498 | golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= 499 | golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= 500 | golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= 501 | golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= 502 | golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= 503 | golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= 504 | golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= 505 | golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6 h1:pE8b58s1HRDMi8RDc79m0HISf9D4TzseP40cEA6IGfs= 506 | golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= 507 | golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 508 | golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 509 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 510 | golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 511 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 512 | golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 513 | golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck= 514 | golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 515 | golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 516 | golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 517 | golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 518 | golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 519 | golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 520 | golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 521 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 522 | golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 523 | golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 524 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 525 | golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 526 | golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 527 | golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 528 | golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 529 | golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 530 | golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 531 | golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 532 | golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 533 | golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 534 | golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 535 | golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 536 | golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 537 | golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 538 | golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 539 | golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 540 | golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 541 | golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 542 | golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 543 | golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 544 | golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 545 | golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 546 | golang.org/x/sys v0.0.0-20201112073958-5cba982894dd h1:5CtCZbICpIOFdgO940moixOPjc0178IU44m4EjOO5IY= 547 | golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 548 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 549 | golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 550 | golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= 551 | golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= 552 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 553 | golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 554 | golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 555 | golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 556 | golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 557 | golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e h1:EHBhcS0mlXEAVwNyO2dLfjToGsyY4j24pTs2ScHnX7s= 558 | golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 559 | golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 560 | golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 561 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 562 | golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 563 | golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 564 | golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 565 | golang.org/x/tools v0.0.0-20190125232054-d66bd3c5d5a6/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 566 | golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= 567 | golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= 568 | golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= 569 | golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= 570 | golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= 571 | golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= 572 | golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= 573 | golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 574 | golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 575 | golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 576 | golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 577 | golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 578 | golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 579 | golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 580 | golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 581 | golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 582 | golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 583 | golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 584 | golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 585 | golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 586 | golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 587 | golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= 588 | golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= 589 | golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= 590 | golang.org/x/tools v0.0.0-20210106214847-113979e3529a h1:CB3a9Nez8M13wwlr/E2YtwoU+qYHKfC+JrDa45RXXoQ= 591 | golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= 592 | golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 593 | golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 594 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 595 | golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= 596 | golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 597 | gomodules.xyz/jsonpatch/v2 v2.1.0 h1:Phva6wqu+xR//Njw6iorylFFgn/z547tw5Ne3HZPQ+k= 598 | gomodules.xyz/jsonpatch/v2 v2.1.0/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU= 599 | google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk= 600 | google.golang.org/api v0.3.2/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk= 601 | google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= 602 | google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= 603 | google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= 604 | google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= 605 | google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= 606 | google.golang.org/api v0.15.1/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= 607 | google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= 608 | google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 609 | google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 610 | google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= 611 | google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= 612 | google.golang.org/appengine v1.6.6 h1:lMO5rYAqUxkmaj76jAkRUvt5JZgFymx/+Q5Mzfivuhc= 613 | google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= 614 | google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= 615 | google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 616 | google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 617 | google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 618 | google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 619 | google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= 620 | google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= 621 | google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= 622 | google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= 623 | google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013 h1:+kGHl1aib/qcwaRi1CbqBZ1rk19r85MNUf8HaBghugY= 624 | google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= 625 | google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= 626 | google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= 627 | google.golang.org/grpc v1.19.1/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= 628 | google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= 629 | google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= 630 | google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= 631 | google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= 632 | google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= 633 | google.golang.org/grpc v1.27.0 h1:rRYRFMVgRv6E0D70Skyfsr28tDXIuuPZyWGMPdMcnXg= 634 | google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= 635 | google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= 636 | google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= 637 | google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= 638 | google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= 639 | google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= 640 | google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= 641 | google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= 642 | google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= 643 | google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA= 644 | google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= 645 | gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= 646 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 647 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 648 | gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= 649 | gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 650 | gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= 651 | gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= 652 | gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= 653 | gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= 654 | gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= 655 | gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= 656 | gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= 657 | gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= 658 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= 659 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= 660 | gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= 661 | gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 662 | gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 663 | gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 664 | gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 665 | gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 666 | gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= 667 | gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 668 | gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ= 669 | gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 670 | gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= 671 | gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= 672 | gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= 673 | honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 674 | honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 675 | honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 676 | honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 677 | honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 678 | honnef.co/go/tools v0.0.1-2019.2.3 h1:3JgtbtFHMiCmsznwGVTUWbgGov+pVqnlf1dEJTNAXeM= 679 | honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= 680 | k8s.io/api v0.19.2/go.mod h1:IQpK0zFQ1xc5iNIQPqzgoOwuFugaYHK4iCknlAQP9nI= 681 | k8s.io/api v0.19.10 h1:AGQnvGl693Kxib2Byxc7lTcNm1/KdHMht9xDb5GcOmY= 682 | k8s.io/api v0.19.10/go.mod h1:FSHnCfzQ9/b9qSSF1A1+QWk5cdO1auExjLcc/RJ/zB0= 683 | k8s.io/apiextensions-apiserver v0.19.2 h1:oG84UwiDsVDu7dlsGQs5GySmQHCzMhknfhFExJMz9tA= 684 | k8s.io/apiextensions-apiserver v0.19.2/go.mod h1:EYNjpqIAvNZe+svXVx9j4uBaVhTB4C94HkY3w058qcg= 685 | k8s.io/apimachinery v0.19.2/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= 686 | k8s.io/apimachinery v0.19.10 h1:icUAE7gRZ1lAfQcwejs5kJtWBNa7uOXYL53pAuUW19U= 687 | k8s.io/apimachinery v0.19.10/go.mod h1:9eb44nUQSsz9QZiilFRuMj3ZbTmoWolU8S2gnXoRMjo= 688 | k8s.io/apiserver v0.19.2/go.mod h1:FreAq0bJ2vtZFj9Ago/X0oNGC51GfubKK/ViOKfVAOA= 689 | k8s.io/apiserver v0.19.10 h1:sGC2quUUqZ+yJNKC6E9uOiORxe2VNcgJRfwbg0gAUq0= 690 | k8s.io/apiserver v0.19.10/go.mod h1:kmUiThSt+QHVWZmlskXRXa+ODBgZkeTi5m+LgJvD1pk= 691 | k8s.io/client-go v0.19.2/go.mod h1:S5wPhCqyDNAlzM9CnEdgTGV4OqhsW3jGO1UM1epwfJA= 692 | k8s.io/client-go v0.19.10 h1:imq8ZDEdeabcKZNxdR3MfhxVKYnBumNqZSEpCfyVN9w= 693 | k8s.io/client-go v0.19.10/go.mod h1:z1zmFQISK3I2eWLcRjhhX2/DpQUuq5Jemy45W2a5cPQ= 694 | k8s.io/code-generator v0.19.2/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= 695 | k8s.io/component-base v0.19.2/go.mod h1:g5LrsiTiabMLZ40AR6Hl45f088DevyGY+cCE2agEIVo= 696 | k8s.io/component-base v0.19.10 h1:asX5d7XlF3j1eq0Zpx/n3lStDEDf7tS+86LEU1AEHGU= 697 | k8s.io/component-base v0.19.10/go.mod h1:zI8HZGnByYplvaM9JevUscbVVG4bTGzJmrDR60jffvQ= 698 | k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= 699 | k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= 700 | k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= 701 | k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= 702 | k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= 703 | k8s.io/klog/v2 v2.2.0 h1:XRvcwJozkgZ1UQJmfMGpvRthQHOvihEhYtDfAaxMz/A= 704 | k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= 705 | k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6 h1:+WnxoVtG8TMiudHBSEtrVL1egv36TkkJm+bA8AxicmQ= 706 | k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= 707 | k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= 708 | k8s.io/utils v0.0.0-20200912215256-4140de9c8800 h1:9ZNvfPvVIEsp/T1ez4GQuzCcCTEQWhovSofhqR73A6g= 709 | k8s.io/utils v0.0.0-20200912215256-4140de9c8800/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= 710 | rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= 711 | sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.9/go.mod h1:dzAXnQbTRyDlZPJX2SUPEqvnB+j7AJjtlox7PEwigU0= 712 | sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15 h1:4uqm9Mv+w2MmBYD+F4qf/v6tDFUdPOk29C095RbU5mY= 713 | sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= 714 | sigs.k8s.io/controller-runtime v0.7.1 h1:nqVwzVzdenfd9xIbB35pC7JJH2IXVL4hDo3MNzkyCh4= 715 | sigs.k8s.io/controller-runtime v0.7.1/go.mod h1:pJ3YBrJiAqMAZKi6UVGuE98ZrroV1p+pIhoHsMm9wdU= 716 | sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= 717 | sigs.k8s.io/structured-merge-diff/v4 v4.0.3 h1:4oyYo8NREp49LBBhKxEqCulFjg26rawYKrnCmg+Sr6c= 718 | sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= 719 | sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= 720 | sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= 721 | sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= 722 | -------------------------------------------------------------------------------- /internal/commands/providers/provider.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package providers 16 | 17 | import ( 18 | "fmt" 19 | "os" 20 | 21 | "github.com/spf13/cobra" 22 | "github.com/virtual-kubelet/node-cli/provider" 23 | ) 24 | 25 | // NewCommand creates a new providers subcommand 26 | // This subcommand is used to determine which providers are registered. 27 | func NewCommand(s *provider.Store) *cobra.Command { 28 | return &cobra.Command{ 29 | Use: "providers", 30 | Short: "Show the list of supported providers", 31 | Long: "Show the list of supported providers", 32 | Args: cobra.MaximumNArgs(2), 33 | Run: func(cmd *cobra.Command, args []string) { 34 | switch len(args) { 35 | case 0: 36 | for _, p := range s.List() { 37 | fmt.Fprintln(cmd.OutOrStdout(), p) 38 | } 39 | case 1: 40 | if !s.Exists(args[0]) { 41 | fmt.Fprintln(cmd.OutOrStderr(), "no such provider", args[0]) 42 | 43 | // TODO(@cpuuy83): would be nice to not short-circuit the exit here 44 | // But at the momemt this seems to be the only way to exit non-zero and 45 | // handle our own error output 46 | os.Exit(1) 47 | } 48 | fmt.Fprintln(cmd.OutOrStdout(), args[0]) 49 | } 50 | return 51 | }, 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /internal/commands/root/auth.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2020 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package root 16 | 17 | import ( 18 | "errors" 19 | "net/http" 20 | "reflect" 21 | "strings" 22 | 23 | "k8s.io/apimachinery/pkg/types" 24 | "k8s.io/apiserver/pkg/authentication/authenticator" 25 | "k8s.io/apiserver/pkg/authentication/authenticatorfactory" 26 | "k8s.io/apiserver/pkg/authentication/user" 27 | "k8s.io/apiserver/pkg/authorization/authorizer" 28 | "k8s.io/apiserver/pkg/authorization/authorizerfactory" 29 | "k8s.io/apiserver/pkg/server/dynamiccertificates" 30 | clientset "k8s.io/client-go/kubernetes" 31 | authenticationclient "k8s.io/client-go/kubernetes/typed/authentication/v1" 32 | authorizationclient "k8s.io/client-go/kubernetes/typed/authorization/v1" 33 | 34 | "github.com/virtual-kubelet/node-cli/opts" 35 | ) 36 | 37 | const ( 38 | metricsPath = "/metrics" 39 | statsPath = "/stats/" 40 | logsPath = "/logs/" 41 | ) 42 | 43 | // AuthInterface contains all methods required by the auth filters 44 | type AuthInterface interface { 45 | authenticator.Request 46 | authorizer.RequestAttributesGetter 47 | authorizer.Authorizer 48 | } 49 | 50 | // VirtualKubeletAuth implements AuthInterface 51 | type VirtualKubeletAuth struct { 52 | // authenticator identifies the user for requests to the Kubelet API 53 | authenticator.Request 54 | // authorizerAttributeGetter builds authorization.Attributes for a request to the Kubelet API 55 | authorizer.RequestAttributesGetter 56 | // authorizer determines whether a given authorization.Attributes is allowed 57 | authorizer.Authorizer 58 | } 59 | 60 | // NewVirtualKubeletAuth returns a AuthInterface composed of the given authenticator, attribute getter, and authorizer 61 | func NewVirtualKubeletAuth(authenticator authenticator.Request, authorizerAttributeGetter authorizer.RequestAttributesGetter, authorizer authorizer.Authorizer) AuthInterface { 62 | return &VirtualKubeletAuth{authenticator, authorizerAttributeGetter, authorizer} 63 | } 64 | 65 | // BuildAuth creates an authenticator, an authorizer, and a matching authorizer attributes getter compatible with the virtual-kubelet's needs 66 | func BuildAuth(nodeName types.NodeName, client clientset.Interface, config opts.Opts) (AuthInterface, func(<-chan struct{}), error) { 67 | // Get clients, if provided 68 | var ( 69 | tokenClient authenticationclient.TokenReviewInterface 70 | sarClient authorizationclient.SubjectAccessReviewInterface 71 | ) 72 | if client != nil && !reflect.ValueOf(client).IsNil() { 73 | tokenClient = client.AuthenticationV1().TokenReviews() 74 | sarClient = client.AuthorizationV1().SubjectAccessReviews() 75 | } 76 | 77 | authenticator, runAuthenticatorCAReload, err := BuildAuthn(tokenClient, config.Authentication, config.ClientCACert) 78 | if err != nil { 79 | return nil, nil, err 80 | } 81 | 82 | attributes := NewNodeAuthorizerAttributesGetter(nodeName) 83 | 84 | authorizer, err := BuildAuthz(sarClient, config.Authorization) 85 | if err != nil { 86 | return nil, nil, err 87 | } 88 | 89 | return NewVirtualKubeletAuth(authenticator, attributes, authorizer), runAuthenticatorCAReload, nil 90 | } 91 | 92 | // BuildAuthn creates an authenticator compatible with the virtual-kubelet's needs 93 | func BuildAuthn(client authenticationclient.TokenReviewInterface, authn opts.Authentication, clientCACert string) (authenticator.Request, func(<-chan struct{}), error) { 94 | var dynamicCAContentFromFile *dynamiccertificates.DynamicFileCAContent 95 | var err error 96 | if len(clientCACert) == 0 { 97 | return nil, nil, errors.New("no ca file is provided, cannot use webhook authorization") 98 | } 99 | dynamicCAContentFromFile, err = dynamiccertificates.NewDynamicCAContentFromFile("client-ca-bundle", clientCACert) 100 | if err != nil { 101 | return nil, nil, err 102 | } 103 | 104 | authenticatorConfig := authenticatorfactory.DelegatingAuthenticatorConfig{ 105 | Anonymous: false, 106 | CacheTTL: authn.Webhook.CacheTTL.Duration, 107 | ClientCertificateCAContentProvider: dynamicCAContentFromFile, 108 | } 109 | 110 | if authn.Webhook.Enabled { 111 | if client == nil { 112 | return nil, nil, errors.New("no client provided, cannot use webhook authentication") 113 | } 114 | authenticatorConfig.TokenAccessReviewClient = client 115 | } 116 | 117 | authenticator, _, err := authenticatorConfig.New() 118 | if err != nil { 119 | return nil, nil, err 120 | } 121 | 122 | return authenticator, func(stopCh <-chan struct{}) { 123 | if dynamicCAContentFromFile != nil { 124 | go dynamicCAContentFromFile.Run(1, stopCh) 125 | } 126 | }, err 127 | } 128 | 129 | // BuildAuthz creates an authorizer compatible with the virtual-kubelet's needs 130 | func BuildAuthz(client authorizationclient.SubjectAccessReviewInterface, authz opts.Authorization) (authorizer.Authorizer, error) { 131 | if client == nil { 132 | return nil, errors.New("no client provided, cannot use webhook authorization") 133 | } 134 | authorizerConfig := authorizerfactory.DelegatingAuthorizerConfig{ 135 | SubjectAccessReviewClient: client, 136 | AllowCacheTTL: authz.Webhook.CacheAuthorizedTTL.Duration, 137 | DenyCacheTTL: authz.Webhook.CacheUnauthorizedTTL.Duration, 138 | } 139 | return authorizerConfig.New() 140 | } 141 | 142 | type nodeAuthorizerAttributesGetter struct { 143 | nodeName types.NodeName 144 | } 145 | 146 | // NewNodeAuthorizerAttributesGetter creates a new authorizer.RequestAttributesGetter for the node. 147 | func NewNodeAuthorizerAttributesGetter(nodeName types.NodeName) authorizer.RequestAttributesGetter { 148 | return nodeAuthorizerAttributesGetter{nodeName: nodeName} 149 | } 150 | 151 | // GetRequestAttributes populates authorizer attributes for the requests to the virtual-kubelet API. 152 | // Default attributes are: {apiVersion=v1,verb=,resource=nodes,name=,subresource=proxy} 153 | func (n nodeAuthorizerAttributesGetter) GetRequestAttributes(u user.Info, r *http.Request) authorizer.Attributes { 154 | apiVerb := "" 155 | switch r.Method { 156 | case "POST": 157 | apiVerb = "create" 158 | case "GET": 159 | apiVerb = "get" 160 | case "PUT": 161 | apiVerb = "update" 162 | case "PATCH": 163 | apiVerb = "patch" 164 | case "DELETE": 165 | apiVerb = "delete" 166 | } 167 | 168 | requestPath := r.URL.Path 169 | 170 | attrs := authorizer.AttributesRecord{ 171 | User: u, 172 | Verb: apiVerb, 173 | Namespace: "", 174 | APIGroup: "", 175 | APIVersion: "v1", 176 | Resource: "nodes", 177 | Subresource: "proxy", 178 | Name: string(n.nodeName), 179 | ResourceRequest: true, 180 | Path: requestPath, 181 | } 182 | 183 | switch { 184 | case isSubpath(requestPath, statsPath): 185 | attrs.Subresource = "stats" 186 | case isSubpath(requestPath, metricsPath): 187 | attrs.Subresource = "metrics" 188 | case isSubpath(requestPath, logsPath): 189 | attrs.Subresource = "log" 190 | } 191 | 192 | return attrs 193 | } 194 | 195 | func isSubpath(subpath, path string) bool { 196 | path = strings.TrimSuffix(path, "/") 197 | return subpath == path || (strings.HasPrefix(subpath, path) && subpath[len(path)] == '/') 198 | } 199 | -------------------------------------------------------------------------------- /internal/commands/root/flag.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package root 16 | 17 | import ( 18 | "flag" 19 | "os" 20 | 21 | "github.com/spf13/pflag" 22 | "github.com/virtual-kubelet/node-cli/opts" 23 | "k8s.io/klog" 24 | ) 25 | 26 | func installFlags(flags *pflag.FlagSet, c *opts.Opts) { 27 | flags.StringVar(&c.KubeConfigPath, "kubeconfig", c.KubeConfigPath, "kube config file to use for connecting to the Kubernetes API server") 28 | flags.StringVar(&c.KubeNamespace, "namespace", c.KubeNamespace, "kubernetes namespace (default is 'all')") 29 | flags.StringVar(&c.KubeClusterDomain, "cluster-domain", c.KubeClusterDomain, "kubernetes cluster-domain (default is 'cluster.local')") 30 | flags.StringVar(&c.NodeName, "nodename", c.NodeName, "kubernetes node name") 31 | flags.StringVar(&c.OperatingSystem, "os", c.OperatingSystem, "Operating System (Linux/Windows)") 32 | flags.StringVar(&c.Provider, "provider", c.Provider, "cloud provider") 33 | flags.StringVar(&c.ProviderConfigPath, "provider-config", c.ProviderConfigPath, "cloud provider configuration file") 34 | flags.StringVar(&c.MetricsAddr, "metrics-addr", c.MetricsAddr, "address to listen for metrics/stats requests") 35 | 36 | flags.StringVar(&c.TaintKey, "taint", c.TaintKey, "Set node taint key") 37 | flags.BoolVar(&c.DisableTaint, "disable-taint", c.DisableTaint, "disable the virtual-kubelet node taint") 38 | flags.MarkDeprecated("taint", "Taint key should now be configured using the VK_TAINT_KEY environment variable") 39 | 40 | flags.IntVar(&c.PodSyncWorkers, "pod-sync-workers", c.PodSyncWorkers, `set the number of pod synchronization workers`) 41 | flags.BoolVar(&c.EnableNodeLease, "enable-node-lease", c.EnableNodeLease, `use node leases (1.13) for node heartbeats`) 42 | 43 | flags.DurationVar(&c.InformerResyncPeriod, "full-resync-period", c.InformerResyncPeriod, "how often to perform a full resync of pods between kubernetes and the provider") 44 | flags.DurationVar(&c.StartupTimeout, "startup-timeout", c.StartupTimeout, "How long to wait for the virtual-kubelet to start") 45 | 46 | flags.Int32Var(&c.KubeAPIQPS, "kube-api-qps", c.KubeAPIQPS, 47 | "kubeAPIQPS is the QPS to use while talking with kubernetes apiserver") 48 | flags.Int32Var(&c.KubeAPIBurst, "kube-api-burst", c.KubeAPIBurst, 49 | "kubeAPIBurst is the burst to allow while talking with kubernetes apiserver") 50 | 51 | flags.StringVar(&c.ClientCACert, "client-verify-ca", os.Getenv("APISERVER_CA_CERT_LOCATION"), "CA cert to use to verify client requests") 52 | flags.BoolVar(&c.AllowUnauthenticatedClients, "no-verify-clients", c.AllowUnauthenticatedClients, "Do not require client certificate validation") 53 | 54 | flags.BoolVar(&c.Authentication.Webhook.Enabled, "authentication-token-webhook", c.Authentication.Webhook.Enabled, ""+ 55 | "Use the TokenReview API to determine authentication for bearer tokens.") 56 | flags.DurationVar(&c.Authentication.Webhook.CacheTTL.Duration, "authentication-token-webhook-cache-ttl", c.Authentication.Webhook.CacheTTL.Duration, ""+ 57 | "The duration to cache responses from the webhook token authenticator.") 58 | 59 | flags.DurationVar(&c.Authorization.Webhook.CacheAuthorizedTTL.Duration, "authorization-webhook-cache-authorized-ttl", c.Authorization.Webhook.CacheAuthorizedTTL.Duration, ""+ 60 | "The duration to cache 'authorized' responses from the webhook authorizer.") 61 | flags.DurationVar(&c.Authorization.Webhook.CacheUnauthorizedTTL.Duration, "authorization-webhook-cache-unauthorized-ttl", c.Authorization.Webhook.CacheUnauthorizedTTL.Duration, ""+ 62 | "The duration to cache 'unauthorized' responses from the webhook authorizer.") 63 | 64 | flagset := flag.NewFlagSet("klog", flag.PanicOnError) 65 | klog.InitFlags(flagset) 66 | flagset.VisitAll(func(f *flag.Flag) { 67 | f.Name = "klog." + f.Name 68 | flags.AddGoFlag(f) 69 | }) 70 | } 71 | 72 | func getEnv(key, defaultValue string) string { 73 | value, found := os.LookupEnv(key) 74 | if found { 75 | return value 76 | } 77 | return defaultValue 78 | } 79 | -------------------------------------------------------------------------------- /internal/commands/root/http.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package root 16 | 17 | import ( 18 | "context" 19 | "crypto/tls" 20 | "crypto/x509" 21 | "fmt" 22 | "io" 23 | "io/ioutil" 24 | "net" 25 | "net/http" 26 | "os" 27 | "time" 28 | 29 | "github.com/pkg/errors" 30 | "github.com/virtual-kubelet/node-cli/opts" 31 | "github.com/virtual-kubelet/node-cli/provider" 32 | "github.com/virtual-kubelet/virtual-kubelet/log" 33 | "github.com/virtual-kubelet/virtual-kubelet/node/api" 34 | ) 35 | 36 | // AcceptedCiphers is the list of accepted TLS ciphers, with known weak ciphers elided 37 | // Note this list should be a moving target. 38 | var AcceptedCiphers = []uint16{ 39 | tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 40 | tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 41 | tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 42 | tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 43 | 44 | tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 45 | tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 46 | tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 47 | tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 48 | } 49 | 50 | func loadTLSConfig(ctx context.Context, certPath, keyPath, caPath string, allowUnauthenticatedClients, authWebhookEnabled bool) (*tls.Config, error) { 51 | cert, err := tls.LoadX509KeyPair(certPath, keyPath) 52 | if err != nil { 53 | return nil, errors.Wrap(err, "error loading tls certs") 54 | } 55 | 56 | var ( 57 | caPool *x509.CertPool 58 | clientAuth = tls.RequireAndVerifyClientCert 59 | ) 60 | 61 | if allowUnauthenticatedClients { 62 | clientAuth = tls.NoClientCert 63 | } 64 | if authWebhookEnabled { 65 | clientAuth = tls.RequestClientCert 66 | } 67 | 68 | if caPath != "" { 69 | caPool = x509.NewCertPool() 70 | pem, err := ioutil.ReadFile(caPath) 71 | if err != nil { 72 | return nil, err 73 | } 74 | if !caPool.AppendCertsFromPEM(pem) { 75 | return nil, errors.New("error appending ca cert to certificate pool") 76 | } 77 | } 78 | 79 | return &tls.Config{ 80 | Certificates: []tls.Certificate{cert}, 81 | MinVersion: tls.VersionTLS12, 82 | PreferServerCipherSuites: true, 83 | CipherSuites: AcceptedCiphers, 84 | ClientCAs: caPool, 85 | ClientAuth: clientAuth, 86 | }, nil 87 | } 88 | 89 | func setupHTTPServer(ctx context.Context, p provider.Provider, cfg *apiServerConfig) (_ func(), retErr error) { 90 | var closers []io.Closer 91 | cancel := func() { 92 | for _, c := range closers { 93 | c.Close() 94 | } 95 | } 96 | defer func() { 97 | if retErr != nil { 98 | cancel() 99 | } 100 | }() 101 | 102 | if cfg.CertPath == "" || cfg.KeyPath == "" || (cfg.CACertPath == "" && !cfg.AllowUnauthenticatedClients) { 103 | log.G(ctx). 104 | WithField("certPath", cfg.CertPath). 105 | WithField("keyPath", cfg.KeyPath). 106 | WithField("caPath", cfg.CACertPath). 107 | Error("TLS certificates not provided, not setting up pod http server") 108 | } else { 109 | tlsCfg, err := loadTLSConfig(ctx, cfg.CertPath, cfg.KeyPath, cfg.CACertPath, cfg.AllowUnauthenticatedClients, cfg.AuthWebhookEnabled) 110 | if err != nil { 111 | return nil, err 112 | } 113 | l, err := tls.Listen("tcp", cfg.Addr, tlsCfg) 114 | if err != nil { 115 | return nil, errors.Wrapf(err, "error setting up listener for pod http server: tlsconfig: \n%+v", tlsCfg) 116 | } 117 | 118 | mux := NewServeMuxWithAuth(ctx, cfg.Auth) 119 | 120 | podRoutes := api.PodHandlerConfig{ 121 | RunInContainer: p.RunInContainer, 122 | GetContainerLogs: p.GetContainerLogs, 123 | GetPods: p.GetPods, 124 | StreamIdleTimeout: cfg.StreamIdleTimeout, 125 | StreamCreationTimeout: cfg.StreamCreationTimeout, 126 | } 127 | 128 | if mp, ok := p.(provider.PodMetricsProvider); ok { 129 | podRoutes.GetStatsSummary = mp.GetStatsSummary 130 | } 131 | 132 | api.AttachPodRoutes(podRoutes, mux, true) 133 | 134 | s := &http.Server{ 135 | Handler: mux, 136 | TLSConfig: tlsCfg, 137 | } 138 | go serveHTTP(ctx, s, l, "pods") 139 | closers = append(closers, s) 140 | } 141 | 142 | if cfg.MetricsAddr != "" { 143 | l, err := net.Listen("tcp", cfg.MetricsAddr) 144 | if err != nil { 145 | return nil, errors.Wrap(err, "could not setup listener for pod metrics http server") 146 | } 147 | var summaryHandlerFunc api.PodStatsSummaryHandlerFunc 148 | if mp, ok := p.(provider.PodMetricsProvider); ok { 149 | summaryHandlerFunc = mp.GetStatsSummary 150 | } 151 | podMetricsRoutes := api.PodMetricsConfig{ 152 | GetStatsSummary: summaryHandlerFunc, 153 | } 154 | 155 | mux := http.NewServeMux() 156 | api.AttachPodMetricsRoutes(podMetricsRoutes, mux) 157 | s := &http.Server{ 158 | Handler: mux, 159 | } 160 | go serveHTTP(ctx, s, l, "pod metrics") 161 | closers = append(closers, s) 162 | } 163 | 164 | return cancel, nil 165 | } 166 | 167 | func serveHTTP(ctx context.Context, s *http.Server, l net.Listener, name string) { 168 | if err := s.Serve(l); err != nil { 169 | select { 170 | case <-ctx.Done(): 171 | default: 172 | log.G(ctx).WithError(err).Errorf("Error setting up %s http server", name) 173 | } 174 | } 175 | l.Close() 176 | } 177 | 178 | type apiServerConfig struct { 179 | CACertPath string 180 | CertPath string 181 | KeyPath string 182 | Addr string 183 | MetricsAddr string 184 | StreamIdleTimeout time.Duration 185 | StreamCreationTimeout time.Duration 186 | AllowUnauthenticatedClients bool 187 | 188 | Auth AuthInterface 189 | AuthWebhookEnabled bool 190 | } 191 | 192 | func getAPIConfig(c *opts.Opts) (*apiServerConfig, error) { 193 | config := apiServerConfig{ 194 | CertPath: os.Getenv("APISERVER_CERT_LOCATION"), 195 | KeyPath: os.Getenv("APISERVER_KEY_LOCATION"), 196 | } 197 | 198 | config.AuthWebhookEnabled = c.Authentication.Webhook.Enabled 199 | config.Addr = fmt.Sprintf(":%d", c.ListenPort) 200 | config.MetricsAddr = c.MetricsAddr 201 | config.StreamIdleTimeout = c.StreamIdleTimeout 202 | config.StreamCreationTimeout = c.StreamCreationTimeout 203 | config.AllowUnauthenticatedClients = c.AllowUnauthenticatedClients 204 | 205 | config.CACertPath = c.ClientCACert 206 | if c.ClientCACert == "" { 207 | config.CACertPath = os.Getenv("APISERVER_CA_CERT_LOCATION") 208 | } 209 | 210 | return &config, nil 211 | } 212 | -------------------------------------------------------------------------------- /internal/commands/root/http_test.go: -------------------------------------------------------------------------------- 1 | package root 2 | 3 | import ( 4 | "context" 5 | "crypto/tls" 6 | "crypto/x509" 7 | "fmt" 8 | "io/ioutil" 9 | "net" 10 | "net/http" 11 | "os" 12 | "path/filepath" 13 | "runtime" 14 | "strings" 15 | "testing" 16 | 17 | "github.com/pkg/errors" 18 | "github.com/virtual-kubelet/node-cli/provider" 19 | "github.com/virtual-kubelet/node-cli/provider/mock" 20 | "gotest.tools/assert" 21 | "k8s.io/apiserver/pkg/authentication/authenticator" 22 | "k8s.io/apiserver/pkg/authentication/user" 23 | "k8s.io/apiserver/pkg/authorization/authorizer" 24 | ) 25 | 26 | var ( 27 | testCert = []byte(` 28 | -----BEGIN CERTIFICATE----- 29 | MIIEWDCCAsCgAwIBAgIRANyVR7WKUbcq9aleJdW9ZhgwDQYJKoZIhvcNAQELBQAw 30 | gYExHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTErMCkGA1UECwwiY3B1 31 | Z3V5ODNAQnJpYW5zLU1TRlQtbWFjYm9vay5sb2NhbDEyMDAGA1UEAwwpbWtjZXJ0 32 | IGNwdWd1eTgzQEJyaWFucy1NU0ZULW1hY2Jvb2subG9jYWwwHhcNMjAxMTMwMTgz 33 | OTQ1WhcNMzAxMTMwMTgzOTQ1WjBkMScwJQYDVQQKEx5ta2NlcnQgZGV2ZWxvcG1l 34 | bnQgY2VydGlmaWNhdGUxOTA3BgNVBAsMMGNwdWd1eTgzQEpQTUFZQU5BR0kwNC5m 35 | YXJlYXN0LmNvcnAubWljcm9zb2Z0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP 36 | ADCCAQoCggEBAN5BoyOVbMilICvc5PChVy/Kk90uDIQl3ryIli0Xom49hFfSjvmW 37 | d2oEtwYRf3PQeQmSCFdR5zQcmTPHCbxWyipYXqeWZVcSnhB5dH5euTi8XzbpYpNP 38 | NEE0fTmK8KbdatqGmHRlOHp8aSABrQLdXwy8bhs44NRlbEHieWvy5mkiy9htcCBi 39 | Gz3qs9ozNRI4U8KXuw3wKChBJuInUW8Sv+/aDFP8doIJF/uSYLXWAI5904aRK4dB 40 | 30+9UAemrbUj6cT0p5js6VUJVz2sYRIrKOn3Pwoi8/GIo+tpBXDVnUf+kGWSj29S 41 | se15t3JMEdc2ZBDu8OwA36dte3nkJ7l0o68CAwEAAaNnMGUwDgYDVR0PAQH/BAQD 42 | AgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgw 43 | FoAUStWHau9E6srUyZ7WfQp9zX6uuhIwDwYDVR0RBAgwBocEfwAAATANBgkqhkiG 44 | 9w0BAQsFAAOCAYEAqDoiSxfYgTO0UcBvnfjjh+f5lDWkoh+AZNb6josY+koer0z8 45 | zCJKNTSSvYVOm/kFIihiclOrW/nQ0XT6Vep9P3zs4RfU18DgUbohTzFhx1U0SrZP 46 | J4Og5Bbw/Ue8j4AwZtvq8uOFEIlHjqAuZr87yT1HvbDurhEIuKAZveY9ScVR5ZCJ 47 | 0KWJr4071F/UYVaE+U9wf9fTq1gaCCHA5IxLSDf7bUyqXGWexwFzykI/GOwh2WDS 48 | MpEOPQBuj6rZQlyAwanolrLjEPrK2sjDcWfYvBXCE6WALXoNKqwBNNtbXU5jXRDJ 49 | 4bFfSFUJGqmBgP2XnrbqQsf6luQSeF77MrivX13UWCAndxlCL5wx/t+1cg8Fh3u7 50 | aMysJIscqHYz42vgdR1uQ/qHebgKowF2L/GbXw59Lhcj4vY/1iWxmBA6M9+VNAAt 51 | cuiDQAfG4WGFRdGPaQ5q9w/RJTMAQcjHVitVpoC5ikXk93R4skqWkHUmk+dhCjDW 52 | XNxkOUOi5eYwvkxk 53 | -----END CERTIFICATE----- 54 | `) 55 | 56 | testKey = []byte(` 57 | -----BEGIN PRIVATE KEY----- 58 | MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDeQaMjlWzIpSAr 59 | 3OTwoVcvypPdLgyEJd68iJYtF6JuPYRX0o75lndqBLcGEX9z0HkJkghXUec0HJkz 60 | xwm8VsoqWF6nlmVXEp4QeXR+Xrk4vF826WKTTzRBNH05ivCm3Wrahph0ZTh6fGkg 61 | Aa0C3V8MvG4bOODUZWxB4nlr8uZpIsvYbXAgYhs96rPaMzUSOFPCl7sN8CgoQSbi 62 | J1FvEr/v2gxT/HaCCRf7kmC11gCOfdOGkSuHQd9PvVAHpq21I+nE9KeY7OlVCVc9 63 | rGESKyjp9z8KIvPxiKPraQVw1Z1H/pBlko9vUrHtebdyTBHXNmQQ7vDsAN+nbXt5 64 | 5Ce5dKOvAgMBAAECggEBAK1xHWVca1sc+UEhjYt27Ln/5Wn6UIwjnXEVSdSAmCJd 65 | YVTDnQ2K7T9P1KAosYRokLv2OQojgUC6fJfaYG+YbwWilqNDi2vqvGzwywb+1p4+ 66 | 6jLI6EM60PV9h6eLFIezTHqiBID4qJ11TvhKNoCAznb66RXXSiSVzWiQ2t5x3Hr3 67 | 1z5OulVuyLxM6v0TG4I5PJaNbJSawQTjFkhinH6GWRDzP11NX1BJsBdy15EgICBx 68 | Nb91SDsa+5Ojb64Vl5FG8BE2zDHeEAyKDojCE4GLMY9L3VbXouUK3/9Ha8k6pKB3 69 | Tl2AfChTDAo9Qa+o2pJaTynv3wqFBb4rcWot2SLac1ECgYEA7YRVCrMMsAW7otv6 70 | 5+HMV8zXFshgl0E0m7kC5ouxu5ZBO5EYhkpdDNXDX5Mr/BGJ0t4lv37Datjs67Eq 71 | +5B7HhbX+WCPpr6M8jQWhyAwxVKhslEPBiR2ycFSnFE1R+xPfK9q3B2Ezq/rBY5Q 72 | 74jC/W2EY9+4/A6c3flU6zWLDskCgYEA741LS26t+Li5Q4eDJZ0J/G56EoyiHRIE 73 | LGXZsegVwqAVdnFn7qW9VLV6mGtC8QdSC9tlbpBmMcv6kTruYBKOgnfFr8iZPL+S 74 | NWZ8WL0AJ6l3nUxBvwkc2/h8N/m/OoH4y39CfKtu2Zu5yxGqBcYN9d3XUTHDIUO+ 75 | iD2LKQezgrcCgYAYQL7+TLIq9yrlwliofOIExSHhbayPRVU94XJuYC1R3lHi5zn9 76 | 3HIL8Xf1tm1zW8cbBRwNpcAGlQf8OScOcP5hYCvFhxqkCCkUQkVanurb+0gPkT9b 77 | fTWz/E2XMKOkKHklXjQnLcx13ni9JH8XNnvSrPAr0phtBID4GZGWQu1kIQKBgQCj 78 | BrycTGmXYFeszneBTJt0MNdg8laNhCpU8MeznKfaeUnB/rHlpuPv10XknvLCx+Gd 79 | ciVYlmsGLrSKy9lYhqh3v/1IgTNQNWvSbbnoRk/prhpacYA4+4GpbjVTfuMWdUeV 80 | bjkYUS8yZxmNSqs0HLJ5hg04E66hX9I2M/QV60jOhwKBgQCEFqYOpc27mssizx4x 81 | AjG7w9c0IAhDOnyBLl2SKhGBkt0JY37z0SeHOIpoSonSPfe3L2MfetFuNHxg6mA3 82 | KLI7vlVFot19Ihh74SYqHaP69ej+kKEsJyWY/0357PZdoR8ZuaI43hnvOLT/DE26 83 | zHNS9w8NRPV8bCIu1f+dFocMDw== 84 | -----END PRIVATE KEY----- 85 | `) 86 | 87 | testClientCert = []byte(` 88 | -----BEGIN CERTIFICATE----- 89 | MIIEVzCCAr+gAwIBAgIQDolyQDKLLb7NJfwhvzwnOjANBgkqhkiG9w0BAQsFADCB 90 | gTEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSswKQYDVQQLDCJjcHVn 91 | dXk4M0BCcmlhbnMtTVNGVC1tYWNib29rLmxvY2FsMTIwMAYDVQQDDClta2NlcnQg 92 | Y3B1Z3V5ODNAQnJpYW5zLU1TRlQtbWFjYm9vay5sb2NhbDAeFw0yMDExMzAxNzU4 93 | MTRaFw0zMDExMzAxNzU4MTRaMGQxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9wbWVu 94 | dCBjZXJ0aWZpY2F0ZTE5MDcGA1UECwwwY3B1Z3V5ODNASlBNQVlBTkFHSTA0LmZh 95 | cmVhc3QuY29ycC5taWNyb3NvZnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A 96 | MIIBCgKCAQEA1slkMwg6e7fSVC/ILs42+TWqFErLVwKvNrXYIyHFvdFPKdNqP+5S 97 | BQVtiuPdnPoklOqZwC2a86dWi1TbiyElPG1hzK4OnrlKZG2IQRsCTJljke+CAZqB 98 | qLdmBdywuVwxZOa7ZerEIBuQnl5A3pLiDNcfBdCXirbaSFr5ktgmarbLwW8WPwmv 99 | f2J6cKWDV3DIx8VUg2u09OAeJ4nvAAsTAUAVMD58zYy3PlfGNeEqCbgYnOzGBgfX 100 | VH/1US6GthvFlPTAbQ5pzr0Hq5LgUbXGhKgAokC9c8QxFwtoxHGCIFRMiYfn1TUp 101 | BkKH5/owCZbT23pROUdWtPFK0aDy7UiMjQIDAQABo2cwZTAOBgNVHQ8BAf8EBAMC 102 | BaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAW 103 | gBRK1Ydq70TqytTJntZ9Cn3Nfq66EjAPBgNVHREECDAGhwR/AAABMA0GCSqGSIb3 104 | DQEBCwUAA4IBgQA46TeXdFatO2SPMhnjcV0GjIpZ8gWpyHMEIcLSg9V8BtF2GbcL 105 | arlMqZ2Na5aa7JZ/QAIYx4UaPbGGTcs4KYOrb0tGBkvGrL1UfHV0GTYs9oSPMEN0 106 | HPHtXFd7jhEHqDkjChjYUfU0sXGZDW3zmjGoSJGsWxAdq8lUYRZwSwabYizhAbFK 107 | pIPwB9eHuM/HZFPRvdjQGIq/ibyXr4bq+jBCzpdCMeO6iAWWMv18739AhitMzz8T 108 | J5K6IUT5y2IWCjnh0Yu5ABIgFfWttGMNq1JSYfE0uc6fPjBpZwLGnyLinOladobI 109 | bH/VqXL2UT7o/93/5qRIgEJShzHklfPXkdgt63CgclOKsek2IxDiiZT4DrCiJ84u 110 | Ib7LIJ13CnQlCVneFHMNiSDRrJvDJFB8MxQSjIFLD1eduwDrMgc66tgPKEb5mJKG 111 | RULZKOXEeRmUxX7QEIkJR7m9R4iTnzn7OkjBgegJZIPHPJOpX6Y2sMZpcVIoUXdA 112 | NFHRrht3mW+OiFQ= 113 | -----END CERTIFICATE----- 114 | `) 115 | 116 | testClientKey = []byte(` 117 | -----BEGIN PRIVATE KEY----- 118 | MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDWyWQzCDp7t9JU 119 | L8guzjb5NaoUSstXAq82tdgjIcW90U8p02o/7lIFBW2K492c+iSU6pnALZrzp1aL 120 | VNuLISU8bWHMrg6euUpkbYhBGwJMmWOR74IBmoGot2YF3LC5XDFk5rtl6sQgG5Ce 121 | XkDekuIM1x8F0JeKttpIWvmS2CZqtsvBbxY/Ca9/YnpwpYNXcMjHxVSDa7T04B4n 122 | ie8ACxMBQBUwPnzNjLc+V8Y14SoJuBic7MYGB9dUf/VRLoa2G8WU9MBtDmnOvQer 123 | kuBRtcaEqACiQL1zxDEXC2jEcYIgVEyJh+fVNSkGQofn+jAJltPbelE5R1a08UrR 124 | oPLtSIyNAgMBAAECggEBALUV+mqkJ1qjcqsT1fzQU7zsp8aQALwNQVgpHF8SXDtb 125 | OxkSa+QWtAQTvXV6BCATLcB3wsUqLhf7H5Y9JxQ4D8LQncIJhb4Ajl35kwUBFoEq 126 | Wa5ydfOQJnzukw+iL0U4G1Tsy1Z0BoLjepxq7to4kGku/bLTWNDUtViHix9pKYqR 127 | o3LxO3MsQ/lG3w1SEH7wkj+tTR5paP85iAObywoTVzQpwfPoBnhXngJ/fKhui8eO 128 | ufpDATvG/BbbIsHSv2M1qTGSfwp8a0rAO6UbDl0nHMxIuMCg7hTgKwg3RUfHXRlS 129 | rmDIC7C1Ddq17HP+bBuIbhvcHcwTpb1MsG+S7CJtLMECgYEA9rVhYoeFnv5W7h7x 130 | dK94tz/kMOOPceP5WRPM6tLwVbsp+ACcA2gWw0Wf71cOcFmlIpAUiP1ebn/PWx4z 131 | s1Gpaw0kWxIG1WGWGr/d4pZ4VxJ1iSZ2WOTsx5KIb0v6Xxaj7emIo1dPu3lz5cNY 132 | u18FAiHjJnbdB7/Gl+iu3U2k4WUCgYEA3uA9Q5x/JeSPrLtVfttpGj/Mi7bPgUlI 133 | z4+va25f3ohmnBus12kVXmdZzLJGRA05zr9KXU4CfK4STtdWoXAeDAeuXgMarbyJ 134 | 4z/xk58/uW5V1zUZd9UwpaUUzPDu+6vjIb0XYrJIzm4lYQnY1wTboIBEpJngtsqa 135 | zcMwPoAQIAkCgYEA2jVHs4xGpYA0h10bF6f0T7DVNmCwCX4ol58pyjFUnZ9z2YVA 136 | eMriB0lX0qvfe4PuyYlCgIAJvBaT4vXtqJd8D9GJ7HsfTDCKQZKewMFyIyGSkAJS 137 | /wFMZKC4yCgdhWlTCSVb041wWlNsLTcBDolWtrIeZXEQwr/e+ZG2yMraIPkCgYEA 138 | vZszQ3O9z7TUbfSpVVS/427nSuzpN2nrIXlxmQm7UYvlD2WT82YYocl24efAU2CV 139 | D0g5sYsOHpfQR3Z24ryJM17NfnlRlwBQph3eHOJbyhsNuBoaYpHh4um/+mH2TfD7 140 | N9awMGzP955I+nbwHGyrk63Lt+SZAaj3bZliT6mPDlECgYA75EYIOQeS3ZVnXKMc 141 | o954gXZMjSY50cyAKJeoLQ9X6MyRhm/Q5hq+wf1B1gOYeotaKmRDIEo3VPLvxya1 142 | YNg0Nn7C5Wrih5O5JthcxgS5CSYAVn267pAgrkxxhipTeu4ooA5biC6tCfl9OW5b 143 | F3k6QVn+kFMDawTbPpNuofmx5Q== 144 | -----END PRIVATE KEY----- 145 | `) 146 | 147 | testCACert = []byte(` 148 | -----BEGIN CERTIFICATE----- 149 | MIIE0zCCAzugAwIBAgIQe2yY55CxyB5WeRygBI2soTANBgkqhkiG9w0BAQsFADCB 150 | gTEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSswKQYDVQQLDCJjcHVn 151 | dXk4M0BCcmlhbnMtTVNGVC1tYWNib29rLmxvY2FsMTIwMAYDVQQDDClta2NlcnQg 152 | Y3B1Z3V5ODNAQnJpYW5zLU1TRlQtbWFjYm9vay5sb2NhbDAeFw0yMDExMjMyMjQ0 153 | NDhaFw0zMDExMjMyMjQ0NDhaMIGBMR4wHAYDVQQKExVta2NlcnQgZGV2ZWxvcG1l 154 | bnQgQ0ExKzApBgNVBAsMImNwdWd1eTgzQEJyaWFucy1NU0ZULW1hY2Jvb2subG9j 155 | YWwxMjAwBgNVBAMMKW1rY2VydCBjcHVndXk4M0BCcmlhbnMtTVNGVC1tYWNib29r 156 | LmxvY2FsMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAsFmuAz92hzOp 157 | IqtyhwIjAf9JimHOOzV5LvAdcF/mj44HMtS5DeYqAZ8qQFBWGjXeeTd9L5SXNQSl 158 | lZKrUmc4yDpVGp4FcRp1wIn1T14KG2taw4CFmRSnwHdOgU3N4e/OA3SmiLVEtecZ 159 | p0+IqPM2MGpHP9URCzeXDly0lln0wRp04auwgGt3QbliOiTBBAsZI/Nh6eQJaaj6 160 | zkGQjlsw+r+SvGRGfYmD0twUVYqqe9Y0dx12InHEzXk3cCti0h51q326TMwtRRJL 161 | 3LhL06H4soEG++3NpWUEj6/ZdngUkzzYKXg+T4zVv7Yd/J+jAuUH1JgAUBkcr1sc 162 | jqENdAksAvGhLa2a6xOSYpqEObQN0ejDKiUJoJcaRlHoN19UwEZsAW33vqBxehmO 163 | fiNKREUv/kIyDODj5B9aiC6MCyx98r0Ks9FKz4Em0Vu2K961C4kJFNyvs5hrPBLN 164 | ykF36y5KC/JzEbUskxvTn71NjFYBecKnGa9Ocx4Dm1Dqd7n3Ru+FAgMBAAGjRTBD 165 | MA4GA1UdDwEB/wQEAwICBDASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRK 166 | 1Ydq70TqytTJntZ9Cn3Nfq66EjANBgkqhkiG9w0BAQsFAAOCAYEArFyHwcpQG98M 167 | rJuPj68uL4awrL7WKLa8V4RrkQ7BiQOMjeN4AQx6YpLRa2nsZ1kfMiduy3hlGlSW 168 | pPnJoHgH8sDgGSeUQ7DsaYXP0aqGsWwIqeqIp5LTdfZ9B8QJSbgsp9zlj2tlB/dv 169 | fgy0XgfMGPjiu2xL4spYlUudQhzMu6Gy9FHEY9ug9Dyd8FRdYi0ExNgwKd/bVMeM 170 | puyJ2L+FGvi9pvQeqKJMT+Blpi5R8Id2dqETgy+QuGbPuZJzkPf/Ft6RRZ/WTm1T 171 | uBgd1dA7EBIlcBoQc9os/O4tRxAW3sz1ZHuscNTRLBN88cG7S16tCjgOJ3RhF1jy 172 | BXlHRpas7mXHQPmS8Y1ElUeBSFCRLdAMLoNLJ8SYv+CrYl/xtWNJGJS4q9n4wral 173 | 2v63uZ53OPQXnYK0+6SQ6KqT0Q8hst2AK7Zg5I88/L5b0xPEz7jDsjJjpDrEaCfB 174 | +CDS+4gGSOw/b+fykIT/vD5v+mnom4KX7Xdi/SV3DbbDnXkwH5W/ 175 | -----END CERTIFICATE----- 176 | `) 177 | ) 178 | 179 | var ( 180 | calledAuthenticate = false 181 | calledAuthorize = false 182 | calledAttributes = false 183 | ) 184 | 185 | func TestHTTPServer(t *testing.T) { 186 | pCfg := mock.Config{ 187 | CPU: "1", 188 | Memory: "100M", 189 | Pods: "100", 190 | } 191 | 192 | p, err := mock.NewProviderConfig(pCfg, t.Name(), runtime.GOOS, "", 0) 193 | assert.NilError(t, err) 194 | 195 | dir, err := ioutil.TempDir("", strings.Replace(t.Name(), string(os.PathSeparator), "_", -1)) 196 | assert.NilError(t, err) 197 | defer os.RemoveAll(dir) 198 | writeTestCerts(t, dir) 199 | 200 | cert := filepath.Join(dir, "cert.pem") 201 | key := filepath.Join(dir, "key.pem") 202 | clientCA := filepath.Join(dir, "client-ca.pem") 203 | clientKey := filepath.Join(dir, "client-key.pem") 204 | clientCert := filepath.Join(dir, "client-cert.pem") 205 | badPath := "/some/nonexistent/path" 206 | 207 | clientCAPool := x509.NewCertPool() 208 | assert.Assert(t, clientCAPool.AppendCertsFromPEM(testCACert), "could not add ca cert") 209 | 210 | unauthenticatedClient := &http.Client{ 211 | Transport: &http.Transport{ 212 | TLSClientConfig: &tls.Config{ 213 | RootCAs: clientCAPool, 214 | }, 215 | }, 216 | } 217 | 218 | clientAuthCert, err := tls.LoadX509KeyPair(clientCert, clientKey) 219 | assert.NilError(t, err) 220 | 221 | authClient := &http.Client{ 222 | Transport: &http.Transport{ 223 | TLSClientConfig: &tls.Config{ 224 | Certificates: []tls.Certificate{clientAuthCert}, 225 | RootCAs: clientCAPool, 226 | }, 227 | }, 228 | } 229 | 230 | authorizedFakeFilter := &fakeAuth{ 231 | authenticateFunc: func(req *http.Request) (*authenticator.Response, bool, error) { 232 | calledAuthenticate = true 233 | return &authenticator.Response{User: &user.DefaultInfo{Name: "test"}}, true, nil 234 | }, 235 | attributesFunc: func(u user.Info, req *http.Request) authorizer.Attributes { 236 | calledAttributes = true 237 | return &authorizer.AttributesRecord{User: u} 238 | }, 239 | authorizeFunc: func(a authorizer.Attributes) (decision authorizer.Decision, reason string, err error) { 240 | calledAuthorize = true 241 | return authorizer.DecisionAllow, "", nil 242 | }, 243 | } 244 | 245 | unauthorizedFakeFilter := &fakeAuth{ 246 | authenticateFunc: func(req *http.Request) (*authenticator.Response, bool, error) { 247 | calledAuthenticate = true 248 | return &authenticator.Response{User: &user.DefaultInfo{Name: "test"}}, true, nil 249 | }, 250 | attributesFunc: func(u user.Info, req *http.Request) authorizer.Attributes { 251 | calledAttributes = true 252 | return &authorizer.AttributesRecord{User: u} 253 | }, 254 | authorizeFunc: func(a authorizer.Attributes) (decision authorizer.Decision, reason string, err error) { 255 | calledAuthorize = true 256 | return authorizer.DecisionDeny, "", nil 257 | }, 258 | } 259 | 260 | t.Run("tls", func(t *testing.T) { 261 | for name, cfg := range map[string]*apiServerConfig{ 262 | "no config": {}, 263 | "bad key path": {KeyPath: badPath}, 264 | "bad cert path": {CertPath: badPath}, 265 | "bad ca cert path": {CACertPath: badPath}, 266 | "bad ca cert and key path": {KeyPath: badPath, CACertPath: badPath}, 267 | "bad ca cert and cert path": {CertPath: badPath, CACertPath: badPath}, 268 | "bad cert and key path": {CertPath: badPath, KeyPath: badPath}, 269 | "ok cert/key paths": {CertPath: cert, KeyPath: key}, 270 | } { 271 | cfg := cfg 272 | t.Run(name, func(t *testing.T) { 273 | closer := getTestHTTPServer(t, cfg, p) 274 | assert.NilError(t, err) 275 | defer closer() 276 | 277 | c, err := net.Dial("tcp", cfg.Addr) 278 | if c != nil { 279 | c.Close() 280 | } 281 | // no listener shold be running 282 | assert.ErrorContains(t, err, "connection refused") 283 | }) 284 | 285 | } 286 | 287 | t.Run("all bad paths", func(t *testing.T) { 288 | // this is a special case, because the user provided all the certs, 289 | // but they are missing This probably should/could change, in that 290 | // perhaps invalid config like a key but not cert (or vice-cersa) 291 | // should error instead of just not listening. 292 | cfg := &apiServerConfig{ 293 | KeyPath: badPath, 294 | CertPath: badPath, 295 | CACertPath: badPath, 296 | } 297 | 298 | _, err := setupHTTPServer(context.Background(), p, cfg) 299 | assert.Assert(t, os.IsNotExist(errors.Cause(err)), err) 300 | }) 301 | 302 | t.Run("client verification", func(t *testing.T) { 303 | t.Run("auth not required", func(t *testing.T) { 304 | t.Run("no client ca but auth required", func(t *testing.T) { 305 | cfg := &apiServerConfig{ 306 | KeyPath: key, 307 | CertPath: cert, 308 | } 309 | defer getTestHTTPServer(t, cfg, p)() 310 | 311 | c, err := net.Dial("tcp", cfg.Addr) 312 | if c != nil { 313 | c.Close() 314 | } 315 | // no listener shold be running 316 | assert.ErrorContains(t, err, "connection refused") 317 | }) 318 | 319 | t.Run("no client ca but auth not required", func(t *testing.T) { 320 | cfg := &apiServerConfig{ 321 | KeyPath: key, 322 | CertPath: cert, 323 | AllowUnauthenticatedClients: true, 324 | } 325 | defer getTestHTTPServer(t, cfg, p)() 326 | 327 | resp, err := unauthenticatedClient.Get(fmt.Sprintf("https://%s/runningpods", cfg.Addr)) 328 | assert.NilError(t, err) 329 | resp.Body.Close() 330 | assert.Equal(t, resp.StatusCode, 200, resp.Status) 331 | }) 332 | }) 333 | 334 | t.Run("authenticated required", func(t *testing.T) { 335 | cfg := &apiServerConfig{ 336 | KeyPath: key, 337 | CertPath: cert, 338 | CACertPath: clientCA, 339 | } 340 | defer getTestHTTPServer(t, cfg, p)() 341 | 342 | t.Run("unauthenticated client", func(t *testing.T) { 343 | _, err := unauthenticatedClient.Get(fmt.Sprintf("https://%s/runningpods", cfg.Addr)) 344 | assert.ErrorContains(t, err, "bad certificate") 345 | }) 346 | t.Run("authenticated client", func(t *testing.T) { 347 | resp, err := authClient.Get(fmt.Sprintf("https://%s/runningpods", cfg.Addr)) 348 | assert.NilError(t, err) 349 | resp.Body.Close() 350 | assert.Equal(t, resp.StatusCode, 200, resp.Status) 351 | }) 352 | }) 353 | }) 354 | }) 355 | 356 | t.Run("webhook auth middleware", func(t *testing.T) { 357 | cfg := &apiServerConfig{ 358 | KeyPath: key, 359 | CertPath: cert, 360 | CACertPath: clientCA, 361 | } 362 | cfg.AuthWebhookEnabled = true 363 | 364 | type testCase struct { 365 | name string 366 | authClient *http.Client 367 | authWebhook *fakeAuth 368 | expectedStatus int 369 | } 370 | 371 | for _, c := range []testCase{ 372 | { 373 | name: "unauthenticated client and token auth forbidden", 374 | authClient: unauthenticatedClient, 375 | authWebhook: unauthorizedFakeFilter, 376 | expectedStatus: http.StatusForbidden, 377 | }, 378 | { 379 | name: "unauthenticated client but token auth pass", 380 | authClient: unauthenticatedClient, 381 | authWebhook: authorizedFakeFilter, 382 | expectedStatus: http.StatusOK, 383 | }, 384 | { 385 | name: "authenticated client but token auth forbidden", 386 | authClient: unauthenticatedClient, 387 | authWebhook: unauthorizedFakeFilter, 388 | expectedStatus: http.StatusForbidden, 389 | }, 390 | { 391 | name: "authenticated client and token auth pass", 392 | authClient: unauthenticatedClient, 393 | authWebhook: authorizedFakeFilter, 394 | expectedStatus: http.StatusOK, 395 | }, 396 | } { 397 | t.Run(c.name, func(t *testing.T) { 398 | cfg.Auth = c.authWebhook 399 | 400 | closer := getTestHTTPServer(t, cfg, p) 401 | assert.NilError(t, err) 402 | defer closer() 403 | 404 | resp, err := c.authClient.Get(fmt.Sprintf("https://%s/stats/summary", cfg.Addr)) 405 | assert.NilError(t, err) 406 | assert.Equal(t, resp.StatusCode, c.expectedStatus, resp.Status) 407 | assert.Assert(t, calledAuthenticate) 408 | assert.Assert(t, calledAttributes) 409 | assert.Assert(t, calledAuthorize) 410 | }) 411 | } 412 | }) 413 | } 414 | 415 | func getTestHTTPServer(t *testing.T, cfg *apiServerConfig, p provider.Provider) func() { 416 | var ( 417 | closer func() 418 | err error 419 | ctx = context.Background() 420 | port = 11250 421 | ) 422 | 423 | for i := 0; i < 100; i++ { 424 | cfg.Addr = fmt.Sprintf("127.0.0.1:%d", port+i) 425 | closer, err = setupHTTPServer(ctx, p, cfg) 426 | if err == nil { 427 | t.Log(cfg.Addr) 428 | return closer 429 | } 430 | if closer != nil { 431 | closer() 432 | } 433 | } 434 | 435 | t.Fatalf("%+v", err) 436 | return nil 437 | } 438 | 439 | func writeTestCerts(t *testing.T, dir string) { 440 | t.Helper() 441 | 442 | err := ioutil.WriteFile(filepath.Join(dir, "cert.pem"), testCert, 0600) 443 | assert.NilError(t, err) 444 | 445 | err = ioutil.WriteFile(filepath.Join(dir, "key.pem"), testKey, 0600) 446 | assert.NilError(t, err) 447 | 448 | err = ioutil.WriteFile(filepath.Join(dir, "client-cert.pem"), testClientCert, 0600) 449 | assert.NilError(t, err) 450 | 451 | err = ioutil.WriteFile(filepath.Join(dir, "client-key.pem"), testClientKey, 0600) 452 | assert.NilError(t, err) 453 | 454 | err = ioutil.WriteFile(filepath.Join(dir, "client-ca.pem"), testCACert, 0600) 455 | assert.NilError(t, err) 456 | } 457 | 458 | type fakeAuth struct { 459 | authenticateFunc func(*http.Request) (*authenticator.Response, bool, error) 460 | attributesFunc func(user.Info, *http.Request) authorizer.Attributes 461 | authorizeFunc func(authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) 462 | } 463 | 464 | func (f *fakeAuth) AuthenticateRequest(req *http.Request) (*authenticator.Response, bool, error) { 465 | return f.authenticateFunc(req) 466 | } 467 | func (f *fakeAuth) GetRequestAttributes(u user.Info, req *http.Request) authorizer.Attributes { 468 | return f.attributesFunc(u, req) 469 | } 470 | func (f *fakeAuth) Authorize(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) { 471 | return f.authorizeFunc(a) 472 | } 473 | -------------------------------------------------------------------------------- /internal/commands/root/mux.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2020 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package root 16 | 17 | import ( 18 | "context" 19 | "fmt" 20 | "net/http" 21 | 22 | "github.com/virtual-kubelet/virtual-kubelet/log" 23 | "k8s.io/apiserver/pkg/authorization/authorizer" 24 | ) 25 | 26 | // ServeMuxWithAuth implements api.ServerMux 27 | type ServeMuxWithAuth struct { 28 | auth AuthInterface 29 | ctx context.Context 30 | mux *http.ServeMux 31 | } 32 | 33 | // NewServeMuxWithAuth initiate an instance for ServeMuxWithAuth 34 | func NewServeMuxWithAuth(ctx context.Context, auth AuthInterface) *ServeMuxWithAuth { 35 | mux := http.NewServeMux() 36 | return &ServeMuxWithAuth{ 37 | auth: auth, 38 | ctx: ctx, 39 | mux: mux, 40 | } 41 | } 42 | 43 | // Handle enables auth filter for mux Handle 44 | func (s *ServeMuxWithAuth) Handle(path string, h http.Handler) { 45 | if s.auth == nil { 46 | s.mux.Handle(path, h) 47 | } else { 48 | s.mux.Handle(path, s.authHandler(h)) 49 | } 50 | } 51 | 52 | func (s *ServeMuxWithAuth) ServeHTTP(w http.ResponseWriter, r *http.Request) { 53 | s.mux.ServeHTTP(w, r) 54 | } 55 | 56 | // authHandler is the handlder to authenticate & authorize the request 57 | func (s ServeMuxWithAuth) authHandler(h http.Handler) http.Handler { 58 | return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { 59 | info, ok, err := s.auth.AuthenticateRequest(req) 60 | if err != nil { 61 | log.G(s.ctx).Infof("Unauthorized, err: %s, RequestURI:%s, UserAgent:%s", err, req.RequestURI, req.UserAgent()) 62 | resp.WriteHeader(http.StatusUnauthorized) 63 | resp.Write([]byte("Unauthorized")) 64 | 65 | return 66 | } 67 | if !ok { 68 | log.G(s.ctx).Infof("Unauthorized, ok: %t, RequestURI:%s, UserAgent:%s", ok, req.RequestURI, req.UserAgent()) 69 | resp.WriteHeader(http.StatusUnauthorized) 70 | resp.Write([]byte("Unauthorized")) 71 | 72 | return 73 | } 74 | 75 | attrs := s.auth.GetRequestAttributes(info.User, req) 76 | decision, _, err := s.auth.Authorize(req.Context(), attrs) 77 | if err != nil { 78 | msg := fmt.Sprintf("Authorization error (user=%s, verb=%s, resource=%s, subresource=%s, err=%s)", attrs.GetUser().GetName(), attrs.GetVerb(), attrs.GetResource(), attrs.GetSubresource(), err) 79 | log.G(s.ctx).Info(msg) 80 | resp.WriteHeader(http.StatusInternalServerError) 81 | resp.Write([]byte(msg)) 82 | return 83 | } 84 | if decision != authorizer.DecisionAllow { 85 | msg := fmt.Sprintf("Forbidden (user=%s, verb=%s, resource=%s, subresource=%s, decision=%d)", attrs.GetUser().GetName(), attrs.GetVerb(), attrs.GetResource(), attrs.GetSubresource(), decision) 86 | log.G(s.ctx).Info(msg) 87 | resp.WriteHeader(http.StatusForbidden) 88 | resp.Write([]byte(msg)) 89 | return 90 | } 91 | 92 | h.ServeHTTP(resp, req) 93 | }) 94 | } 95 | -------------------------------------------------------------------------------- /internal/commands/root/node.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package root 16 | 17 | import ( 18 | "context" 19 | "strings" 20 | 21 | "github.com/virtual-kubelet/node-cli/opts" 22 | "github.com/virtual-kubelet/node-cli/provider" 23 | "github.com/virtual-kubelet/virtual-kubelet/errdefs" 24 | corev1 "k8s.io/api/core/v1" 25 | v1 "k8s.io/api/core/v1" 26 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 27 | ) 28 | 29 | const osLabel = "beta.kubernetes.io/os" 30 | 31 | // NodeFromProvider builds a kubernetes node object from a provider 32 | // This is a temporary solution until node stuff actually split off from the provider interface itself. 33 | func NodeFromProvider(ctx context.Context, name string, taint *v1.Taint, p provider.Provider, version string) *v1.Node { 34 | taints := make([]v1.Taint, 0) 35 | 36 | if taint != nil { 37 | taints = append(taints, *taint) 38 | } 39 | 40 | node := &v1.Node{ 41 | ObjectMeta: metav1.ObjectMeta{ 42 | Name: name, 43 | Labels: map[string]string{ 44 | "type": "virtual-kubelet", 45 | "kubernetes.io/role": "agent", 46 | "kubernetes.io/hostname": name, 47 | }, 48 | }, 49 | Spec: v1.NodeSpec{ 50 | Taints: taints, 51 | }, 52 | Status: v1.NodeStatus{ 53 | NodeInfo: v1.NodeSystemInfo{ 54 | Architecture: "amd64", 55 | KubeletVersion: version, 56 | }, 57 | }, 58 | } 59 | 60 | p.ConfigureNode(ctx, node) 61 | if _, ok := node.ObjectMeta.Labels[osLabel]; !ok { 62 | node.ObjectMeta.Labels[osLabel] = strings.ToLower(node.Status.NodeInfo.OperatingSystem) 63 | } 64 | return node 65 | } 66 | 67 | // getTaint creates a taint using the provided key/value. 68 | // Taint effect is read from the environment 69 | // The taint key/value may be overwritten by the environment. 70 | func getTaint(o *opts.Opts) (*corev1.Taint, error) { 71 | if o.TaintValue == "" { 72 | o.TaintValue = o.Provider 73 | } 74 | 75 | var effect corev1.TaintEffect 76 | switch o.TaintEffect { 77 | case "NoSchedule": 78 | effect = corev1.TaintEffectNoSchedule 79 | case "NoExecute": 80 | effect = corev1.TaintEffectNoExecute 81 | case "PreferNoSchedule": 82 | effect = corev1.TaintEffectPreferNoSchedule 83 | default: 84 | return nil, errdefs.InvalidInputf("taint effect %q is not supported", o.TaintEffect) 85 | } 86 | 87 | return &corev1.Taint{ 88 | Key: o.TaintKey, 89 | Value: o.TaintValue, 90 | Effect: effect, 91 | }, nil 92 | } 93 | -------------------------------------------------------------------------------- /internal/commands/root/root.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package root 16 | 17 | import ( 18 | "context" 19 | "os" 20 | "path" 21 | "time" 22 | 23 | "github.com/pkg/errors" 24 | "github.com/spf13/cobra" 25 | "github.com/virtual-kubelet/node-cli/manager" 26 | "github.com/virtual-kubelet/node-cli/opts" 27 | "github.com/virtual-kubelet/node-cli/provider" 28 | "github.com/virtual-kubelet/virtual-kubelet/errdefs" 29 | "github.com/virtual-kubelet/virtual-kubelet/log" 30 | "github.com/virtual-kubelet/virtual-kubelet/node" 31 | corev1 "k8s.io/api/core/v1" 32 | k8serrors "k8s.io/apimachinery/pkg/api/errors" 33 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 34 | "k8s.io/apimachinery/pkg/fields" 35 | "k8s.io/apimachinery/pkg/types" 36 | kubeinformers "k8s.io/client-go/informers" 37 | "k8s.io/client-go/kubernetes" 38 | "k8s.io/client-go/kubernetes/scheme" 39 | "k8s.io/client-go/kubernetes/typed/coordination/v1" 40 | corev1client "k8s.io/client-go/kubernetes/typed/core/v1" 41 | "k8s.io/client-go/rest" 42 | "k8s.io/client-go/tools/clientcmd" 43 | "k8s.io/client-go/tools/record" 44 | ) 45 | 46 | // NewCommand creates a new top-level command. 47 | // This command is used to start the virtual-kubelet daemon 48 | func NewCommand(name string, s *provider.Store, o *opts.Opts) *cobra.Command { 49 | cmd := &cobra.Command{ 50 | Use: name, 51 | Short: name + " provides a virtual kubelet interface for your kubernetes cluster.", 52 | Long: name + ` implements the Kubelet interface with a pluggable 53 | backend implementation allowing users to create kubernetes nodes without running the kubelet. 54 | This allows users to schedule kubernetes workloads on nodes that aren't running Kubernetes.`, 55 | RunE: func(cmd *cobra.Command, args []string) error { 56 | return runRootCommand(cmd.Context(), s, o) 57 | }, 58 | } 59 | 60 | applyDefaults(o) 61 | installFlags(cmd.Flags(), o) 62 | 63 | return cmd 64 | } 65 | 66 | func applyDefaults(o *opts.Opts) { 67 | o.Authentication.Webhook.Enabled = false 68 | } 69 | 70 | func runRootCommand(ctx context.Context, s *provider.Store, c *opts.Opts) error { 71 | pInit := s.Get(c.Provider) 72 | if pInit == nil { 73 | return errors.Errorf("provider %q not found", c.Provider) 74 | } 75 | 76 | client, err := newClient(c.KubeConfigPath, c.KubeAPIQPS, c.KubeAPIBurst) 77 | if err != nil { 78 | return err 79 | } 80 | 81 | return runRootCommandWithProviderAndClient(ctx, pInit, client, c) 82 | } 83 | 84 | func runRootCommandWithProviderAndClient(ctx context.Context, pInit provider.InitFunc, client kubernetes.Interface, c *opts.Opts) error { 85 | ctx, cancel := context.WithCancel(ctx) 86 | defer cancel() 87 | 88 | if ok := provider.ValidOperatingSystems[c.OperatingSystem]; !ok { 89 | return errdefs.InvalidInputf("operating system %q is not supported", c.OperatingSystem) 90 | } 91 | 92 | if c.PodSyncWorkers == 0 { 93 | return errdefs.InvalidInput("pod sync workers must be greater than 0") 94 | } 95 | 96 | var taint *corev1.Taint 97 | if !c.DisableTaint { 98 | var err error 99 | taint, err = getTaint(c) 100 | if err != nil { 101 | return err 102 | } 103 | } 104 | 105 | // Create a shared informer factory for Kubernetes pods in the current namespace (if specified) and scheduled to the current node. 106 | podInformerFactory := kubeinformers.NewSharedInformerFactoryWithOptions( 107 | client, 108 | c.InformerResyncPeriod, 109 | kubeinformers.WithNamespace(c.KubeNamespace), 110 | kubeinformers.WithTweakListOptions(func(options *metav1.ListOptions) { 111 | options.FieldSelector = fields.OneTermEqualSelector("spec.nodeName", c.NodeName).String() 112 | })) 113 | podInformer := podInformerFactory.Core().V1().Pods() 114 | 115 | // Create another shared informer factory for Kubernetes secrets and configmaps (not subject to any selectors). 116 | scmInformerFactory := kubeinformers.NewSharedInformerFactoryWithOptions(client, c.InformerResyncPeriod) 117 | // Create a secret informer and a config map informer so we can pass their listers to the resource manager. 118 | secretInformer := scmInformerFactory.Core().V1().Secrets() 119 | configMapInformer := scmInformerFactory.Core().V1().ConfigMaps() 120 | serviceInformer := scmInformerFactory.Core().V1().Services() 121 | pvcInformer := scmInformerFactory.Core().V1().PersistentVolumeClaims() 122 | pvInformer := scmInformerFactory.Core().V1().PersistentVolumes() 123 | 124 | rm, err := manager.NewResourceManager(podInformer.Lister(), 125 | secretInformer.Lister(), 126 | configMapInformer.Lister(), 127 | serviceInformer.Lister(), 128 | pvcInformer.Lister(), 129 | pvInformer.Lister()) 130 | if err != nil { 131 | return errors.Wrap(err, "could not create resource manager") 132 | } 133 | 134 | // Start the informers now, so the provider will get a functional resource 135 | // manager. 136 | podInformerFactory.Start(ctx.Done()) 137 | scmInformerFactory.Start(ctx.Done()) 138 | 139 | apiConfig, err := getAPIConfig(c) 140 | if err != nil { 141 | return err 142 | } 143 | 144 | if apiConfig.AuthWebhookEnabled { 145 | // TODO(guwe): handle CA rotate? 146 | auth, _, err := BuildAuth(types.NodeName(c.NodeName), client, *c) 147 | if err != nil { 148 | return err 149 | } 150 | apiConfig.Auth = auth 151 | } 152 | 153 | initConfig := provider.InitConfig{ 154 | ConfigPath: c.ProviderConfigPath, 155 | NodeName: c.NodeName, 156 | OperatingSystem: c.OperatingSystem, 157 | ResourceManager: rm, 158 | DaemonPort: int32(c.ListenPort), 159 | InternalIP: os.Getenv("VKUBELET_POD_IP"), 160 | KubeClusterDomain: c.KubeClusterDomain, 161 | } 162 | 163 | p, err := pInit(initConfig) 164 | if err != nil { 165 | return errors.Wrapf(err, "error initializing provider %s", c.Provider) 166 | } 167 | 168 | ctx = log.WithLogger(ctx, log.G(ctx).WithFields(log.Fields{ 169 | "provider": c.Provider, 170 | "operatingSystem": c.OperatingSystem, 171 | "node": c.NodeName, 172 | "watchedNamespace": c.KubeNamespace, 173 | })) 174 | 175 | nodeProvider, ok := p.(node.NodeProvider) 176 | if !ok { 177 | nodeProvider = node.NaiveNodeProvider{} 178 | } 179 | pNode := NodeFromProvider(ctx, c.NodeName, taint, p, c.Version) 180 | opts := []node.NodeControllerOpt{ 181 | node.WithNodeStatusUpdateErrorHandler(func(ctx context.Context, err error) error { 182 | if !k8serrors.IsNotFound(err) { 183 | return err 184 | } 185 | 186 | log.G(ctx).Debug("node not found") 187 | newNode := pNode.DeepCopy() 188 | newNode.ResourceVersion = "" 189 | _, err = client.CoreV1().Nodes().Create(ctx, newNode, metav1.CreateOptions{}) 190 | if err != nil { 191 | return err 192 | } 193 | log.G(ctx).Debug("created new node") 194 | return nil 195 | }), 196 | } 197 | var leaseClient v1.LeaseInterface 198 | if c.EnableNodeLease { 199 | leaseClient = client.CoordinationV1().Leases(corev1.NamespaceNodeLease) 200 | opts = append(opts, node.WithNodeEnableLeaseV1(leaseClient, node.DefaultLeaseDuration)) 201 | } 202 | 203 | nodeRunner, err := node.NewNodeController( 204 | nodeProvider, 205 | pNode, 206 | client.CoreV1().Nodes(), 207 | opts..., 208 | ) 209 | if err != nil { 210 | log.G(ctx).Fatal(err) 211 | } 212 | 213 | eb := record.NewBroadcaster() 214 | eb.StartLogging(log.G(ctx).Infof) 215 | eb.StartRecordingToSink(&corev1client.EventSinkImpl{Interface: client.CoreV1().Events(c.KubeNamespace)}) 216 | 217 | pc, err := node.NewPodController(node.PodControllerConfig{ 218 | PodClient: client.CoreV1(), 219 | PodInformer: podInformer, 220 | EventRecorder: eb.NewRecorder(scheme.Scheme, corev1.EventSource{Component: path.Join(pNode.Name, "pod-controller")}), 221 | Provider: p, 222 | SecretInformer: secretInformer, 223 | ConfigMapInformer: configMapInformer, 224 | ServiceInformer: serviceInformer, 225 | SyncPodsFromKubernetesRateLimiter: c.SyncPodsFromKubernetesRateLimiter, 226 | DeletePodsFromKubernetesRateLimiter: c.DeletePodsFromKubernetesRateLimiter, 227 | SyncPodStatusFromProviderRateLimiter: c.SyncPodStatusFromProviderRateLimiter, 228 | }) 229 | if err != nil { 230 | return errors.Wrap(err, "error setting up pod controller") 231 | } 232 | 233 | cancelHTTP, err := setupHTTPServer(ctx, p, apiConfig) 234 | if err != nil { 235 | return err 236 | } 237 | defer cancelHTTP() 238 | 239 | go func() { 240 | if err := pc.Run(ctx, c.PodSyncWorkers); err != nil && errors.Cause(err) != context.Canceled { 241 | log.G(ctx).Fatal(err) 242 | } 243 | }() 244 | 245 | if c.StartupTimeout > 0 { 246 | // If there is a startup timeout, it does two things: 247 | // 1. It causes the VK to shutdown if we haven't gotten into an operational state in a time period 248 | // 2. It prevents node advertisement from happening until we're in an operational state 249 | err = waitFor(ctx, c.StartupTimeout, pc.Ready()) 250 | if err != nil { 251 | return err 252 | } 253 | } 254 | 255 | go func() { 256 | if err := nodeRunner.Run(ctx); err != nil { 257 | log.G(ctx).Fatal(err) 258 | } 259 | }() 260 | 261 | log.G(ctx).Info("Initialized") 262 | 263 | <-ctx.Done() 264 | return nil 265 | } 266 | 267 | func waitFor(ctx context.Context, time time.Duration, ready <-chan struct{}) error { 268 | ctx, cancel := context.WithTimeout(ctx, time) 269 | defer cancel() 270 | 271 | // Wait for the VK / PC close the the ready channel, or time out and return 272 | log.G(ctx).Info("Waiting for pod controller / VK to be ready") 273 | 274 | select { 275 | case <-ready: 276 | return nil 277 | case <-ctx.Done(): 278 | return errors.Wrap(ctx.Err(), "Error while starting up VK") 279 | } 280 | } 281 | 282 | func newClient(configPath string, qps, burst int32) (*kubernetes.Clientset, error) { 283 | var config *rest.Config 284 | 285 | // Check if the kubeConfig file exists. 286 | if _, err := os.Stat(configPath); !os.IsNotExist(err) { 287 | // Get the kubeconfig from the filepath. 288 | config, err = clientcmd.BuildConfigFromFlags("", configPath) 289 | if err != nil { 290 | return nil, errors.Wrap(err, "error building client config") 291 | } 292 | } else { 293 | // Set to in-cluster config. 294 | config, err = rest.InClusterConfig() 295 | if err != nil { 296 | return nil, errors.Wrap(err, "error building in cluster config") 297 | } 298 | } 299 | 300 | if qps != 0 { 301 | config.QPS = float32(qps) 302 | } 303 | 304 | if burst != 0 { 305 | config.Burst = int(burst) 306 | } 307 | 308 | if masterURI := os.Getenv("MASTER_URI"); masterURI != "" { 309 | config.Host = masterURI 310 | } 311 | 312 | return kubernetes.NewForConfig(config) 313 | } 314 | -------------------------------------------------------------------------------- /internal/commands/root/root_test.go: -------------------------------------------------------------------------------- 1 | package root 2 | 3 | import ( 4 | "context" 5 | "testing" 6 | 7 | "github.com/virtual-kubelet/node-cli/opts" 8 | "github.com/virtual-kubelet/node-cli/provider" 9 | "github.com/virtual-kubelet/node-cli/provider/mock" 10 | "gotest.tools/assert" 11 | corev1 "k8s.io/api/core/v1" 12 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 13 | "k8s.io/client-go/kubernetes/fake" 14 | ) 15 | 16 | func TestRunRootCommand(t *testing.T) { 17 | ctx, cancel := context.WithCancel(context.Background()) 18 | defer cancel() 19 | opts := opts.New() 20 | providerInitFunc := func(cfg provider.InitConfig) (provider.Provider, error) { 21 | mockConfig := mock.Config{ 22 | CPU: "1", 23 | Memory: "128M", 24 | Pods: "120", 25 | } 26 | return mock.NewProviderConfig(mockConfig, cfg.NodeName, cfg.OperatingSystem, cfg.InternalIP, cfg.DaemonPort) 27 | } 28 | fakeClient := fake.NewSimpleClientset() 29 | errCh := make(chan error) 30 | go func() { 31 | errCh <- runRootCommandWithProviderAndClient(ctx, providerInitFunc, fakeClient, opts) 32 | }() 33 | 34 | watch, err := fakeClient.CoreV1().Nodes().Watch(ctx, metav1.ListOptions{}) 35 | assert.NilError(t, err) 36 | defer watch.Stop() 37 | for ev := range watch.ResultChan() { 38 | node := ev.Object.(*corev1.Node) 39 | t.Logf("Node registered: %+v", node) 40 | break 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /internal/commands/version/version.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package version 16 | 17 | import ( 18 | "fmt" 19 | 20 | "github.com/spf13/cobra" 21 | ) 22 | 23 | // NewCommand creates a new version subcommand command 24 | func NewCommand(version, buildTime string) *cobra.Command { 25 | return &cobra.Command{ 26 | Use: "version", 27 | Short: "Show the version of the program", 28 | Long: `Show the version of the program`, 29 | Run: func(cmd *cobra.Command, args []string) { 30 | fmt.Printf("Version: %s, Built: %s\n", version, buildTime) 31 | }, 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /logrus/flags.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package logrus 16 | 17 | import ( 18 | "github.com/spf13/pflag" 19 | ) 20 | 21 | // Config is used to configure a logrus logger from CLI flags. 22 | type Config struct { 23 | LogLevel string 24 | } 25 | 26 | // FlagSet creates a new flag set based on the current config 27 | func (c *Config) FlagSet() *pflag.FlagSet { 28 | flags := pflag.NewFlagSet("logrus", pflag.ContinueOnError) 29 | flags.StringVar(&c.LogLevel, "log-level", c.LogLevel, `set the log level, e.g. "debug", "info", "warn", "error"`) 30 | return flags 31 | } 32 | -------------------------------------------------------------------------------- /logrus/init.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package logrus 16 | 17 | import ( 18 | "github.com/pkg/errors" 19 | "github.com/sirupsen/logrus" 20 | "github.com/virtual-kubelet/virtual-kubelet/errdefs" 21 | ) 22 | 23 | // Configure sets up the logrus logger 24 | func Configure(c *Config, logger *logrus.Logger) error { 25 | if c.LogLevel != "" { 26 | lvl, err := logrus.ParseLevel(c.LogLevel) 27 | if err != nil { 28 | return errdefs.AsInvalidInput(errors.Wrap(err, "error parsing log level")) 29 | } 30 | 31 | if logger == nil { 32 | logger = logrus.StandardLogger() 33 | } 34 | logger.SetLevel(lvl) 35 | } 36 | 37 | return nil 38 | } 39 | -------------------------------------------------------------------------------- /manager/resource.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package manager 16 | 17 | import ( 18 | "github.com/virtual-kubelet/virtual-kubelet/log" 19 | v1 "k8s.io/api/core/v1" 20 | "k8s.io/apimachinery/pkg/labels" 21 | corev1listers "k8s.io/client-go/listers/core/v1" 22 | ) 23 | 24 | // ResourceManager acts as a passthrough to a cache (lister) for pods assigned to the current node. 25 | // It is also a passthrough to a cache (lister) for Kubernetes secrets and config maps. 26 | type ResourceManager struct { 27 | podLister corev1listers.PodLister 28 | secretLister corev1listers.SecretLister 29 | configMapLister corev1listers.ConfigMapLister 30 | serviceLister corev1listers.ServiceLister 31 | pvcLister corev1listers.PersistentVolumeClaimLister 32 | pvLister corev1listers.PersistentVolumeLister 33 | } 34 | 35 | // NewResourceManager returns a ResourceManager with the internal maps initialized. 36 | func NewResourceManager(podLister corev1listers.PodLister, 37 | secretLister corev1listers.SecretLister, 38 | configMapLister corev1listers.ConfigMapLister, 39 | serviceLister corev1listers.ServiceLister, 40 | pvcLister corev1listers.PersistentVolumeClaimLister, 41 | pvLister corev1listers.PersistentVolumeLister) (*ResourceManager, error) { 42 | rm := ResourceManager{ 43 | podLister: podLister, 44 | secretLister: secretLister, 45 | configMapLister: configMapLister, 46 | serviceLister: serviceLister, 47 | pvcLister: pvcLister, 48 | pvLister: pvLister, 49 | } 50 | return &rm, nil 51 | } 52 | 53 | // GetPod retrieves the specified pod from Kubernetes. 54 | func (rm *ResourceManager) GetPod(name, namespace string) (*v1.Pod, error) { 55 | return rm.podLister.Pods(namespace).Get(name) 56 | } 57 | 58 | // GetPods returns a list of all known pods assigned to this virtual node. 59 | func (rm *ResourceManager) GetPods() []*v1.Pod { 60 | l, err := rm.podLister.List(labels.Everything()) 61 | if err == nil { 62 | return l 63 | } 64 | log.L.Errorf("failed to fetch pods from lister: %v", err) 65 | return make([]*v1.Pod, 0) 66 | } 67 | 68 | // GetConfigMap retrieves the specified config map from the cache. 69 | func (rm *ResourceManager) GetConfigMap(name, namespace string) (*v1.ConfigMap, error) { 70 | return rm.configMapLister.ConfigMaps(namespace).Get(name) 71 | } 72 | 73 | // GetSecret retrieves the specified secret from Kubernetes. 74 | func (rm *ResourceManager) GetSecret(name, namespace string) (*v1.Secret, error) { 75 | return rm.secretLister.Secrets(namespace).Get(name) 76 | } 77 | 78 | // GetSecrets retrieves the all secrets of a namespace from Kubernetes. 79 | func (rm *ResourceManager) GetSecrets(namespace string) ([]*v1.Secret, error) { 80 | return rm.secretLister.Secrets(namespace).List(labels.Everything()) 81 | } 82 | 83 | // ListServices retrieves the list of services from Kubernetes. 84 | func (rm *ResourceManager) ListServices() ([]*v1.Service, error) { 85 | return rm.serviceLister.List(labels.Everything()) 86 | } 87 | 88 | // GetPersistentVolumeClaim retrieves the specified pvc from Kubernetes 89 | func (rm *ResourceManager) GetPersistentVolumeClaim(name, namespace string) (*v1.PersistentVolumeClaim, error) { 90 | return rm.pvcLister.PersistentVolumeClaims(namespace).Get(name) 91 | } 92 | 93 | // GetPersistentVolume retrieves the specified pv from Kubernetes 94 | func (rm *ResourceManager) GetPersistentVolume(name string) (*v1.PersistentVolume, error) { 95 | return rm.pvLister.Get(name) 96 | } 97 | -------------------------------------------------------------------------------- /opencensus/flags.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package opencensus 16 | 17 | import ( 18 | "fmt" 19 | "os" 20 | 21 | "github.com/spf13/pflag" 22 | ) 23 | 24 | // Config is used to configured a tracer. 25 | type Config struct { 26 | SampleRate string 27 | ServiceName string 28 | Tags map[string]string 29 | Exporters []string 30 | AvailableExporters map[string]ExporterInitFunc 31 | ZpagesAddr string 32 | } 33 | 34 | func FromEnv() *Config { 35 | return &Config{ZpagesAddr: os.Getenv("ZPAGES_ADDR")} 36 | } 37 | 38 | // FlagSet creates a new flag set based on the current config 39 | func (c *Config) FlagSet() *pflag.FlagSet { 40 | if len(c.AvailableExporters) == 0 { 41 | return nil 42 | } 43 | 44 | flags := pflag.NewFlagSet("opencensus", pflag.ContinueOnError) 45 | 46 | exporters := make([]string, 0, len(c.AvailableExporters)) 47 | for e := range c.AvailableExporters { 48 | exporters = append(exporters, e) 49 | } 50 | 51 | flags.StringSliceVar(&c.Exporters, "trace-exporter", c.Exporters, fmt.Sprintf("sets the tracing exporter to use, available exporters: %s", exporters)) 52 | flags.StringVar(&c.ServiceName, "trace-service-name", c.ServiceName, "sets the name of the service used to register with the trace exporter") 53 | flags.StringToStringVar(&c.Tags, "trace-tag", c.Tags, "add tags to include with traces in key=value form") 54 | flags.StringVar(&c.SampleRate, "trace-sample-rate", c.SampleRate, "set probability of tracing samples") 55 | flags.StringVar(&c.ZpagesAddr, "trace-zpages-addr", c.ZpagesAddr, "set the listen address to use for zpages") 56 | 57 | return flags 58 | } 59 | -------------------------------------------------------------------------------- /opencensus/init.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package opencensus 16 | 17 | import ( 18 | "context" 19 | "net" 20 | "net/http" 21 | "strconv" 22 | "strings" 23 | 24 | "github.com/pkg/errors" 25 | "github.com/virtual-kubelet/node-cli/opts" 26 | "github.com/virtual-kubelet/virtual-kubelet/errdefs" 27 | "github.com/virtual-kubelet/virtual-kubelet/log" 28 | "go.opencensus.io/trace" 29 | "go.opencensus.io/zpages" 30 | ) 31 | 32 | // ExporterInitFunc is the function that is called to initialize an exporter. 33 | // This is used when registering an exporter and called when a user specified they want to use the exporter. 34 | type ExporterInitFunc func(*Config) (trace.Exporter, error) 35 | 36 | func (c *Config) getExporter(name string) (trace.Exporter, error) { 37 | init, ok := c.AvailableExporters[name] 38 | if !ok { 39 | return nil, errdefs.NotFoundf("exporter not found: %s", name) 40 | } 41 | return init(c) 42 | } 43 | 44 | var reservedTagNames = map[string]bool{ 45 | "operatingSystem": true, 46 | "provider": true, 47 | "nodeName": true, 48 | } 49 | 50 | // Configure sets up opecensus from the passed in config 51 | func Configure(ctx context.Context, c *Config, o *opts.Opts) error { 52 | for k := range c.Tags { 53 | if reservedTagNames[k] { 54 | return errdefs.InvalidInputf("invalid trace tag %q, must not use a reserved tag key", k) 55 | } 56 | } 57 | 58 | if c.Tags == nil { 59 | c.Tags = make(map[string]string, 3) 60 | } 61 | 62 | c.Tags["operatingSystem"] = o.OperatingSystem 63 | c.Tags["provider"] = o.Provider 64 | c.Tags["nodeName"] = o.NodeName 65 | 66 | for _, e := range c.Exporters { 67 | if e == "zpages" { 68 | if c.ZpagesAddr == "" { 69 | log.G(ctx).Warn("Zpages trace exporter requested but listen address was not set, sipping") 70 | } 71 | setupZpages(ctx, c.ZpagesAddr) 72 | continue 73 | } 74 | 75 | exporter, err := c.getExporter(e) 76 | if err != nil { 77 | return err 78 | } 79 | 80 | trace.RegisterExporter(exporter) 81 | } 82 | 83 | if len(c.Exporters) == 0 { 84 | return nil 85 | } 86 | 87 | var s trace.Sampler 88 | switch strings.ToLower(c.SampleRate) { 89 | case "": 90 | case "always": 91 | s = trace.AlwaysSample() 92 | case "never": 93 | s = trace.NeverSample() 94 | default: 95 | rate, err := strconv.Atoi(c.SampleRate) 96 | if err != nil { 97 | return errdefs.AsInvalidInput(errors.Wrap(err, "unsupported trace sample rate")) 98 | } 99 | if rate < 0 || rate > 100 { 100 | return errdefs.AsInvalidInput(errors.Wrap(err, "trace sample rate must be between 0 and 100")) 101 | } 102 | s = trace.ProbabilitySampler(float64(rate) / 100) 103 | } 104 | 105 | if s != nil { 106 | trace.ApplyConfig( 107 | trace.Config{ 108 | DefaultSampler: s, 109 | }, 110 | ) 111 | } 112 | 113 | return nil 114 | } 115 | 116 | func setupZpages(ctx context.Context, addr string) { 117 | listener, err := net.Listen("tcp", addr) 118 | if err != nil { 119 | log.G(ctx).WithError(err).Error("Could not bind to specified zpages addr: %s", addr) 120 | return 121 | } 122 | 123 | mux := http.NewServeMux() 124 | zpages.Handle(mux, "/debug") 125 | 126 | go func() { 127 | // This should never terminate, if it does, it will always terminate with an error 128 | e := http.Serve(listener, mux) 129 | if e == http.ErrServerClosed { 130 | return 131 | } 132 | log.G(ctx).WithError(e).Error("Zpages server exited") 133 | }() 134 | } 135 | -------------------------------------------------------------------------------- /opts/opts.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package opts 16 | 17 | import ( 18 | "os" 19 | "path/filepath" 20 | "strconv" 21 | "time" 22 | 23 | "github.com/mitchellh/go-homedir" 24 | "github.com/pkg/errors" 25 | corev1 "k8s.io/api/core/v1" 26 | "k8s.io/client-go/util/workqueue" 27 | ) 28 | 29 | // Defaults for root command options 30 | const ( 31 | DefaultNodeName = "virtual-kubelet" 32 | DefaultOperatingSystem = "Linux" 33 | DefaultInformerResyncPeriod = 1 * time.Minute 34 | DefaultMetricsAddr = "" 35 | DefaultListenPort = 10250 // TODO(cpuguy83)(VK1.0): Change this to an addr instead of just a port.. we should not be listening on all interfaces. 36 | DefaultPodSyncWorkers = 10 37 | DefaultKubeNamespace = corev1.NamespaceAll 38 | DefaultKubeClusterDomain = "cluster.local" 39 | 40 | DefaultTaintEffect = string(corev1.TaintEffectNoSchedule) 41 | DefaultTaintKey = "virtual-kubelet.io/provider" 42 | DefaultStreamIdleTimeout = 4 * time.Hour 43 | DefaultStreamCreationTimeout = 30 * time.Second 44 | ) 45 | 46 | // Opts stores all the options for configuring the root virtual-kubelet command. 47 | // It is used for setting flag values. 48 | // 49 | // You can set the default options by creating a new `Opts` struct and passing 50 | // it into `SetDefaultOpts` 51 | type Opts struct { 52 | // Path to the kubeconfig to use to connect to the Kubernetes API server. 53 | KubeConfigPath string 54 | // Namespace to watch for pods and other resources 55 | KubeNamespace string 56 | // Domain suffix to append to search domains for the pods created by virtual-kubelet 57 | KubeClusterDomain string 58 | 59 | // Sets the port to listen for requests from the Kubernetes API server 60 | ListenPort int32 61 | 62 | // Node name to use when creating a node in Kubernetes 63 | NodeName string 64 | 65 | // Operating system to run pods for 66 | OperatingSystem string 67 | 68 | Provider string 69 | ProviderConfigPath string 70 | 71 | TaintKey string 72 | TaintEffect string 73 | TaintValue string 74 | DisableTaint bool 75 | 76 | MetricsAddr string 77 | 78 | // Only trust clients with tls certs signed by the provided CA 79 | ClientCACert string 80 | // Do not require client tls verification 81 | AllowUnauthenticatedClients bool 82 | 83 | // Number of workers to use to handle pod notifications 84 | PodSyncWorkers int 85 | InformerResyncPeriod time.Duration 86 | 87 | // Use node leases when supported by Kubernetes (instead of node status updates) 88 | EnableNodeLease bool 89 | 90 | // Startup Timeout is how long to wait for the kubelet to start 91 | StartupTimeout time.Duration 92 | // StreamIdleTimeout is the maximum time a streaming connection 93 | // can be idle before the connection is automatically closed. 94 | StreamIdleTimeout time.Duration 95 | // StreamCreationTimeout is the maximum time for streaming connection 96 | StreamCreationTimeout time.Duration 97 | 98 | // KubeAPIQPS is the QPS to use while talking with kubernetes apiserver 99 | KubeAPIQPS int32 100 | // KubeAPIBurst is the burst to allow while talking with kubernetes apiserver 101 | KubeAPIBurst int32 102 | 103 | // SyncPodsFromKubernetesRateLimiter defines the rate limit for the SyncPodsFromKubernetes queue 104 | SyncPodsFromKubernetesRateLimiter workqueue.RateLimiter 105 | // DeletePodsFromKubernetesRateLimiter defines the rate limit for the DeletePodsFromKubernetesRateLimiter queue 106 | DeletePodsFromKubernetesRateLimiter workqueue.RateLimiter 107 | // SyncPodStatusFromProviderRateLimiter defines the rate limit for the SyncPodStatusFromProviderRateLimiter queue 108 | SyncPodStatusFromProviderRateLimiter workqueue.RateLimiter 109 | 110 | Version string 111 | 112 | // authentication specifies how requests to the virtual-kubelet's server are authenticated 113 | Authentication Authentication 114 | // authorization specifies how requests to the virtual-kubelet's server are authorized 115 | Authorization Authorization 116 | } 117 | 118 | // FromEnv sets default options for unset values on the passed in option struct. 119 | // Fields tht are already set will not be modified. 120 | func FromEnv() (*Opts, error) { 121 | o := &Opts{} 122 | setDefaults(o) 123 | 124 | o.NodeName = getEnv("DEFAULTNODE_NAME", o.NodeName) 125 | 126 | if kp := os.Getenv("KUBELET_PORT"); kp != "" { 127 | p, err := strconv.Atoi(kp) 128 | if err != nil { 129 | return o, errors.Wrap(err, "error parsing KUBELET_PORT environment variable") 130 | } 131 | o.ListenPort = int32(p) 132 | } 133 | 134 | o.KubeConfigPath = os.Getenv("KUBECONFIG") 135 | if o.KubeConfigPath == "" { 136 | home, _ := homedir.Dir() 137 | if home != "" { 138 | o.KubeConfigPath = filepath.Join(home, ".kube", "config") 139 | } 140 | } 141 | 142 | o.TaintKey = getEnv("VKUBELET_TAINT_KEY", o.TaintKey) 143 | o.TaintValue = getEnv("VKUBELET_TAINT_VALUE", o.TaintValue) 144 | o.TaintEffect = getEnv("VKUBELET_TAINT_EFFECT", o.TaintEffect) 145 | 146 | return o, nil 147 | } 148 | 149 | func New() *Opts { 150 | o := &Opts{} 151 | setDefaults(o) 152 | return o 153 | } 154 | 155 | func setDefaults(o *Opts) { 156 | o.OperatingSystem = DefaultOperatingSystem 157 | o.NodeName = DefaultNodeName 158 | o.TaintKey = DefaultTaintKey 159 | o.TaintEffect = DefaultTaintEffect 160 | o.KubeNamespace = DefaultKubeNamespace 161 | o.PodSyncWorkers = DefaultPodSyncWorkers 162 | o.ListenPort = DefaultListenPort 163 | o.MetricsAddr = DefaultMetricsAddr 164 | o.InformerResyncPeriod = DefaultInformerResyncPeriod 165 | o.KubeClusterDomain = DefaultKubeClusterDomain 166 | o.StreamIdleTimeout = DefaultStreamIdleTimeout 167 | o.StreamCreationTimeout = DefaultStreamCreationTimeout 168 | o.EnableNodeLease = true 169 | o.SyncPodsFromKubernetesRateLimiter = workqueue.DefaultControllerRateLimiter() 170 | o.DeletePodsFromKubernetesRateLimiter = workqueue.DefaultControllerRateLimiter() 171 | o.SyncPodStatusFromProviderRateLimiter = workqueue.DefaultControllerRateLimiter() 172 | } 173 | 174 | func getEnv(key, defaultValue string) string { 175 | value, found := os.LookupEnv(key) 176 | if found { 177 | return value 178 | } 179 | return defaultValue 180 | } 181 | -------------------------------------------------------------------------------- /opts/types.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2020 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package opts 16 | 17 | import ( 18 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 19 | ) 20 | 21 | // Authorization holds the state related to the authorization in the kublet. 22 | type Authorization struct { 23 | // webhook contains settings related to Webhook authorization. 24 | Webhook WebhookAuthorization 25 | } 26 | 27 | // WebhookAuthorization holds the state related to the Webhook 28 | // Authorization in the Kubelet. 29 | type WebhookAuthorization struct { 30 | // cacheAuthorizedTTL is the duration to cache 'authorized' responses from the webhook authorizer. 31 | CacheAuthorizedTTL metav1.Duration 32 | // cacheUnauthorizedTTL is the duration to cache 'unauthorized' responses from the webhook authorizer. 33 | CacheUnauthorizedTTL metav1.Duration 34 | } 35 | 36 | // Authentication holds the Kubetlet Authentication setttings. 37 | type Authentication struct { 38 | // webhook contains settings related to webhook bearer token authentication 39 | Webhook WebhookAuthentication 40 | } 41 | 42 | // WebhookAuthentication contains settings related to webhook authentication 43 | type WebhookAuthentication struct { 44 | // enabled allows bearer token authentication backed by the tokenreviews.authentication.k8s.io API 45 | Enabled bool 46 | // cacheTTL enables caching of authentication results 47 | CacheTTL metav1.Duration 48 | } 49 | -------------------------------------------------------------------------------- /provider/README.md: -------------------------------------------------------------------------------- 1 | Follow these steps to be accepted as a provider within the Virtual Kubelet repo. 2 | 3 | 1. Replicate the life-cycle of a pod for example creation and deletion of a pod and how that maps to your service. 4 | 2. Create a new provider folder with a descriptive name and the necessary code. 5 | 3. When committing your code add a README.md, helm chart, dockerfile and specify a maintainer of the provider. 6 | 4. Within the PR itself add a justification for why the provider should be accepted, as well as customer use cases if applicable. 7 | 8 | Some providers are translations of Virtual Kubelet to allow others to adapt their service or applications that are written in other languages. 9 | 10 | 11 | -------------------------------------------------------------------------------- /provider/doc.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2017 The virtual-kubelet authors 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | // Package provider has the interfaces used by the the cli implementing a node 16 | package provider 17 | -------------------------------------------------------------------------------- /provider/mock/mock.go: -------------------------------------------------------------------------------- 1 | package mock 2 | 3 | import ( 4 | "context" 5 | "encoding/json" 6 | "fmt" 7 | "io" 8 | "io/ioutil" 9 | "math/rand" 10 | "strings" 11 | "time" 12 | 13 | "github.com/virtual-kubelet/virtual-kubelet/errdefs" 14 | "github.com/virtual-kubelet/virtual-kubelet/log" 15 | "github.com/virtual-kubelet/virtual-kubelet/node/api" 16 | "github.com/virtual-kubelet/virtual-kubelet/node/api/statsv1alpha1" 17 | "github.com/virtual-kubelet/virtual-kubelet/trace" 18 | v1 "k8s.io/api/core/v1" 19 | "k8s.io/apimachinery/pkg/api/resource" 20 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 21 | ) 22 | 23 | const ( 24 | // Provider configuration defaults. 25 | defaultCPUCapacity = "20" 26 | defaultMemoryCapacity = "100Gi" 27 | defaultPodCapacity = "20" 28 | 29 | // Values used in tracing as attribute keys. 30 | namespaceKey = "namespace" 31 | nameKey = "name" 32 | containerNameKey = "containerName" 33 | ) 34 | 35 | // See: https://github.com/virtual-kubelet/virtual-kubelet/issues/632 36 | /* 37 | var ( 38 | _ providers.Provider = (*ProviderV0)(nil) 39 | _ providers.PodMetricsProvider = (*ProviderV0)(nil) 40 | _ node.PodNotifier = (*Provider)(nil) 41 | ) 42 | */ 43 | 44 | // ProviderV0 implements the virtual-kubelet provider interface and stores pods in memory. 45 | type ProviderV0 struct { 46 | nodeName string 47 | operatingSystem string 48 | internalIP string 49 | daemonEndpointPort int32 50 | pods map[string]*v1.Pod 51 | config Config 52 | startTime time.Time 53 | notifier func(*v1.Pod) 54 | } 55 | 56 | // Provider is like ProviderV0, but implements the PodNotifier interface 57 | type Provider struct { 58 | *ProviderV0 59 | } 60 | 61 | // Config contains a mock virtual-kubelet's configurable parameters. 62 | type Config struct { 63 | CPU string `json:"cpu,omitempty"` 64 | Memory string `json:"memory,omitempty"` 65 | Pods string `json:"pods,omitempty"` 66 | } 67 | 68 | // NewProviderConfig creates a new ProviderV0. Mock legacy provider does not implement the new asynchronous podnotifier interface 69 | func NewProviderV0Config(config Config, nodeName, operatingSystem string, internalIP string, daemonEndpointPort int32) (*ProviderV0, error) { 70 | //set defaults 71 | if config.CPU == "" { 72 | config.CPU = defaultCPUCapacity 73 | } 74 | if config.Memory == "" { 75 | config.Memory = defaultMemoryCapacity 76 | } 77 | if config.Pods == "" { 78 | config.Pods = defaultPodCapacity 79 | } 80 | provider := ProviderV0{ 81 | nodeName: nodeName, 82 | operatingSystem: operatingSystem, 83 | internalIP: internalIP, 84 | daemonEndpointPort: daemonEndpointPort, 85 | pods: make(map[string]*v1.Pod), 86 | config: config, 87 | startTime: time.Now(), 88 | // By default notifier is set to a function which is a no-op. In the event we've implemented the PodNotifier interface, 89 | // it will be set, and then we'll call a real underlying implementation. 90 | // This makes it easier in the sense we don't need to wrap each method. 91 | notifier: func(*v1.Pod) {}, 92 | } 93 | 94 | return &provider, nil 95 | } 96 | 97 | // NewProviderV0 creates a new ProviderV0 98 | func NewProviderV0(providerConfig, nodeName, operatingSystem string, internalIP string, daemonEndpointPort int32) (*ProviderV0, error) { 99 | config, err := loadConfig(providerConfig, nodeName) 100 | if err != nil { 101 | return nil, err 102 | } 103 | 104 | return NewProviderV0Config(config, nodeName, operatingSystem, internalIP, daemonEndpointPort) 105 | } 106 | 107 | // NewProviderConfig creates a new Provider with the given config 108 | func NewProviderConfig(config Config, nodeName, operatingSystem string, internalIP string, daemonEndpointPort int32) (*Provider, error) { 109 | p, err := NewProviderV0Config(config, nodeName, operatingSystem, internalIP, daemonEndpointPort) 110 | 111 | return &Provider{ProviderV0: p}, err 112 | } 113 | 114 | // NewProvider creates a new Provider, which implements the PodNotifier interface 115 | func NewProvider(providerConfig, nodeName, operatingSystem string, internalIP string, daemonEndpointPort int32) (*Provider, error) { 116 | config, err := loadConfig(providerConfig, nodeName) 117 | if err != nil { 118 | return nil, err 119 | } 120 | 121 | return NewProviderConfig(config, nodeName, operatingSystem, internalIP, daemonEndpointPort) 122 | } 123 | 124 | // loadConfig loads the given json configuration files. 125 | func loadConfig(providerConfig, nodeName string) (config Config, err error) { 126 | data, err := ioutil.ReadFile(providerConfig) 127 | if err != nil { 128 | return config, err 129 | } 130 | configMap := map[string]Config{} 131 | err = json.Unmarshal(data, &configMap) 132 | if err != nil { 133 | return config, err 134 | } 135 | if _, exist := configMap[nodeName]; exist { 136 | config = configMap[nodeName] 137 | if config.CPU == "" { 138 | config.CPU = defaultCPUCapacity 139 | } 140 | if config.Memory == "" { 141 | config.Memory = defaultMemoryCapacity 142 | } 143 | if config.Pods == "" { 144 | config.Pods = defaultPodCapacity 145 | } 146 | } 147 | 148 | if _, err = resource.ParseQuantity(config.CPU); err != nil { 149 | return config, fmt.Errorf("Invalid CPU value %v", config.CPU) 150 | } 151 | if _, err = resource.ParseQuantity(config.Memory); err != nil { 152 | return config, fmt.Errorf("Invalid memory value %v", config.Memory) 153 | } 154 | if _, err = resource.ParseQuantity(config.Pods); err != nil { 155 | return config, fmt.Errorf("Invalid pods value %v", config.Pods) 156 | } 157 | return config, nil 158 | } 159 | 160 | // CreatePod accepts a Pod definition and stores it in memory. 161 | func (p *ProviderV0) CreatePod(ctx context.Context, pod *v1.Pod) error { 162 | ctx, span := trace.StartSpan(ctx, "CreatePod") 163 | defer span.End() 164 | 165 | // Add the pod's coordinates to the current span. 166 | ctx = addAttributes(ctx, span, namespaceKey, pod.Namespace, nameKey, pod.Name) 167 | 168 | log.G(ctx).Infof("receive CreatePod %q", pod.Name) 169 | 170 | key, err := buildKey(pod) 171 | if err != nil { 172 | return err 173 | } 174 | 175 | now := metav1.NewTime(time.Now()) 176 | pod.Status = v1.PodStatus{ 177 | Phase: v1.PodRunning, 178 | HostIP: "1.2.3.4", 179 | PodIP: "5.6.7.8", 180 | StartTime: &now, 181 | Conditions: []v1.PodCondition{ 182 | { 183 | Type: v1.PodInitialized, 184 | Status: v1.ConditionTrue, 185 | }, 186 | { 187 | Type: v1.PodReady, 188 | Status: v1.ConditionTrue, 189 | }, 190 | { 191 | Type: v1.PodScheduled, 192 | Status: v1.ConditionTrue, 193 | }, 194 | }, 195 | } 196 | 197 | for _, container := range pod.Spec.Containers { 198 | pod.Status.ContainerStatuses = append(pod.Status.ContainerStatuses, v1.ContainerStatus{ 199 | Name: container.Name, 200 | Image: container.Image, 201 | Ready: true, 202 | RestartCount: 0, 203 | State: v1.ContainerState{ 204 | Running: &v1.ContainerStateRunning{ 205 | StartedAt: now, 206 | }, 207 | }, 208 | }) 209 | } 210 | 211 | p.pods[key] = pod 212 | p.notifier(pod) 213 | 214 | return nil 215 | } 216 | 217 | // UpdatePod accepts a Pod definition and updates its reference. 218 | func (p *ProviderV0) UpdatePod(ctx context.Context, pod *v1.Pod) error { 219 | ctx, span := trace.StartSpan(ctx, "UpdatePod") 220 | defer span.End() 221 | 222 | // Add the pod's coordinates to the current span. 223 | ctx = addAttributes(ctx, span, namespaceKey, pod.Namespace, nameKey, pod.Name) 224 | 225 | log.G(ctx).Infof("receive UpdatePod %q", pod.Name) 226 | 227 | key, err := buildKey(pod) 228 | if err != nil { 229 | return err 230 | } 231 | 232 | p.pods[key] = pod 233 | p.notifier(pod) 234 | 235 | return nil 236 | } 237 | 238 | // DeletePod deletes the specified pod out of memory. 239 | func (p *ProviderV0) DeletePod(ctx context.Context, pod *v1.Pod) (err error) { 240 | ctx, span := trace.StartSpan(ctx, "DeletePod") 241 | defer span.End() 242 | 243 | // Add the pod's coordinates to the current span. 244 | ctx = addAttributes(ctx, span, namespaceKey, pod.Namespace, nameKey, pod.Name) 245 | 246 | log.G(ctx).Infof("receive DeletePod %q", pod.Name) 247 | 248 | key, err := buildKey(pod) 249 | if err != nil { 250 | return err 251 | } 252 | 253 | if _, exists := p.pods[key]; !exists { 254 | return errdefs.NotFound("pod not found") 255 | } 256 | 257 | now := metav1.Now() 258 | delete(p.pods, key) 259 | pod.Status.Phase = v1.PodSucceeded 260 | pod.Status.Reason = "ProviderPodDeleted" 261 | 262 | for idx := range pod.Status.ContainerStatuses { 263 | pod.Status.ContainerStatuses[idx].Ready = false 264 | pod.Status.ContainerStatuses[idx].State = v1.ContainerState{ 265 | Terminated: &v1.ContainerStateTerminated{ 266 | Message: "Mock provider terminated container upon deletion", 267 | FinishedAt: now, 268 | Reason: "ProviderPodContainerDeleted", 269 | StartedAt: pod.Status.ContainerStatuses[idx].State.Running.StartedAt, 270 | }, 271 | } 272 | } 273 | 274 | p.notifier(pod) 275 | 276 | return nil 277 | } 278 | 279 | // GetPod returns a pod by name that is stored in memory. 280 | func (p *ProviderV0) GetPod(ctx context.Context, namespace, name string) (pod *v1.Pod, err error) { 281 | ctx, span := trace.StartSpan(ctx, "GetPod") 282 | defer func() { 283 | span.SetStatus(err) 284 | span.End() 285 | }() 286 | 287 | // Add the pod's coordinates to the current span. 288 | ctx = addAttributes(ctx, span, namespaceKey, namespace, nameKey, name) 289 | 290 | log.G(ctx).Infof("receive GetPod %q", name) 291 | 292 | key, err := buildKeyFromNames(namespace, name) 293 | if err != nil { 294 | return nil, err 295 | } 296 | 297 | if pod, ok := p.pods[key]; ok { 298 | return pod, nil 299 | } 300 | return nil, errdefs.NotFoundf("pod \"%s/%s\" is not known to the provider", namespace, name) 301 | } 302 | 303 | // GetContainerLogs retrieves the logs of a container by name from the provider. 304 | func (p *ProviderV0) GetContainerLogs(ctx context.Context, namespace, podName, containerName string, opts api.ContainerLogOpts) (io.ReadCloser, error) { 305 | ctx, span := trace.StartSpan(ctx, "GetContainerLogs") 306 | defer span.End() 307 | 308 | // Add pod and container attributes to the current span. 309 | ctx = addAttributes(ctx, span, namespaceKey, namespace, nameKey, podName, containerNameKey, containerName) 310 | 311 | log.G(ctx).Info("receive GetContainerLogs %q", podName) 312 | return ioutil.NopCloser(strings.NewReader("")), nil 313 | } 314 | 315 | // RunInContainer executes a command in a container in the pod, copying data 316 | // between in/out/err and the container's stdin/stdout/stderr. 317 | func (p *ProviderV0) RunInContainer(ctx context.Context, namespace, name, container string, cmd []string, attach api.AttachIO) error { 318 | log.G(context.TODO()).Infof("receive ExecInContainer %q", container) 319 | return nil 320 | } 321 | 322 | // GetPodStatus returns the status of a pod by name that is "running". 323 | // returns nil if a pod by that name is not found. 324 | func (p *ProviderV0) GetPodStatus(ctx context.Context, namespace, name string) (*v1.PodStatus, error) { 325 | ctx, span := trace.StartSpan(ctx, "GetPodStatus") 326 | defer span.End() 327 | 328 | // Add namespace and name as attributes to the current span. 329 | ctx = addAttributes(ctx, span, namespaceKey, namespace, nameKey, name) 330 | 331 | log.G(ctx).Infof("receive GetPodStatus %q", name) 332 | 333 | pod, err := p.GetPod(ctx, namespace, name) 334 | if err != nil { 335 | return nil, err 336 | } 337 | 338 | return &pod.Status, nil 339 | } 340 | 341 | // GetPods returns a list of all pods known to be "running". 342 | func (p *ProviderV0) GetPods(ctx context.Context) ([]*v1.Pod, error) { 343 | ctx, span := trace.StartSpan(ctx, "GetPods") 344 | defer span.End() 345 | 346 | log.G(ctx).Info("receive GetPods") 347 | 348 | var pods []*v1.Pod 349 | 350 | for _, pod := range p.pods { 351 | pods = append(pods, pod) 352 | } 353 | 354 | return pods, nil 355 | } 356 | 357 | func (p *ProviderV0) ConfigureNode(ctx context.Context, n *v1.Node) { 358 | _, span := trace.StartSpan(ctx, "ConfigureNode") 359 | defer span.End() 360 | 361 | n.Status.Capacity = p.capacity() 362 | n.Status.Allocatable = p.capacity() 363 | n.Status.Conditions = p.nodeConditions() 364 | n.Status.Addresses = p.nodeAddresses() 365 | n.Status.DaemonEndpoints = p.nodeDaemonEndpoints() 366 | os := p.operatingSystem 367 | if os == "" { 368 | os = "Linux" 369 | } 370 | n.Status.NodeInfo.OperatingSystem = os 371 | n.Status.NodeInfo.Architecture = "amd64" 372 | n.ObjectMeta.Labels["alpha.service-controller.kubernetes.io/exclude-balancer"] = "true" 373 | } 374 | 375 | // Capacity returns a resource list containing the capacity limits. 376 | func (p *ProviderV0) capacity() v1.ResourceList { 377 | return v1.ResourceList{ 378 | "cpu": resource.MustParse(p.config.CPU), 379 | "memory": resource.MustParse(p.config.Memory), 380 | "pods": resource.MustParse(p.config.Pods), 381 | } 382 | } 383 | 384 | // NodeConditions returns a list of conditions (Ready, OutOfDisk, etc), for updates to the node status 385 | // within Kubernetes. 386 | func (p *ProviderV0) nodeConditions() []v1.NodeCondition { 387 | // TODO: Make this configurable 388 | return []v1.NodeCondition{ 389 | { 390 | Type: "Ready", 391 | Status: v1.ConditionTrue, 392 | LastHeartbeatTime: metav1.Now(), 393 | LastTransitionTime: metav1.Now(), 394 | Reason: "KubeletReady", 395 | Message: "kubelet is ready.", 396 | }, 397 | { 398 | Type: "OutOfDisk", 399 | Status: v1.ConditionFalse, 400 | LastHeartbeatTime: metav1.Now(), 401 | LastTransitionTime: metav1.Now(), 402 | Reason: "KubeletHasSufficientDisk", 403 | Message: "kubelet has sufficient disk space available", 404 | }, 405 | { 406 | Type: "MemoryPressure", 407 | Status: v1.ConditionFalse, 408 | LastHeartbeatTime: metav1.Now(), 409 | LastTransitionTime: metav1.Now(), 410 | Reason: "KubeletHasSufficientMemory", 411 | Message: "kubelet has sufficient memory available", 412 | }, 413 | { 414 | Type: "DiskPressure", 415 | Status: v1.ConditionFalse, 416 | LastHeartbeatTime: metav1.Now(), 417 | LastTransitionTime: metav1.Now(), 418 | Reason: "KubeletHasNoDiskPressure", 419 | Message: "kubelet has no disk pressure", 420 | }, 421 | { 422 | Type: "NetworkUnavailable", 423 | Status: v1.ConditionFalse, 424 | LastHeartbeatTime: metav1.Now(), 425 | LastTransitionTime: metav1.Now(), 426 | Reason: "RouteCreated", 427 | Message: "RouteController created a route", 428 | }, 429 | } 430 | 431 | } 432 | 433 | // NodeAddresses returns a list of addresses for the node status 434 | // within Kubernetes. 435 | func (p *ProviderV0) nodeAddresses() []v1.NodeAddress { 436 | return []v1.NodeAddress{ 437 | { 438 | Type: "InternalIP", 439 | Address: p.internalIP, 440 | }, 441 | } 442 | } 443 | 444 | // NodeDaemonEndpoints returns NodeDaemonEndpoints for the node status 445 | // within Kubernetes. 446 | func (p *ProviderV0) nodeDaemonEndpoints() v1.NodeDaemonEndpoints { 447 | return v1.NodeDaemonEndpoints{ 448 | KubeletEndpoint: v1.DaemonEndpoint{ 449 | Port: p.daemonEndpointPort, 450 | }, 451 | } 452 | } 453 | 454 | // GetStatsSummary returns dummy stats for all pods known by this provider. 455 | func (p *ProviderV0) GetStatsSummary(ctx context.Context) (*statsv1alpha1.Summary, error) { 456 | _, span := trace.StartSpan(ctx, "GetStatsSummary") 457 | defer span.End() 458 | 459 | // Grab the current timestamp so we can report it as the time the stats were generated. 460 | time := metav1.NewTime(time.Now()) 461 | 462 | // Create the Summary object that will later be populated with node and pod stats. 463 | res := &statsv1alpha1.Summary{} 464 | 465 | // Populate the Summary object with basic node stats. 466 | res.Node = statsv1alpha1.NodeStats{ 467 | NodeName: p.nodeName, 468 | StartTime: metav1.NewTime(p.startTime), 469 | } 470 | 471 | // Populate the Summary object with dummy stats for each pod known by this provider. 472 | for _, pod := range p.pods { 473 | var ( 474 | // totalUsageNanoCores will be populated with the sum of the values of UsageNanoCores computes across all containers in the pod. 475 | totalUsageNanoCores uint64 476 | // totalUsageBytes will be populated with the sum of the values of UsageBytes computed across all containers in the pod. 477 | totalUsageBytes uint64 478 | ) 479 | 480 | // Create a PodStats object to populate with pod stats. 481 | pss := statsv1alpha1.PodStats{ 482 | PodRef: statsv1alpha1.PodReference{ 483 | Name: pod.Name, 484 | Namespace: pod.Namespace, 485 | UID: string(pod.UID), 486 | }, 487 | StartTime: pod.CreationTimestamp, 488 | } 489 | 490 | // Iterate over all containers in the current pod to compute dummy stats. 491 | for _, container := range pod.Spec.Containers { 492 | // Grab a dummy value to be used as the total CPU usage. 493 | // The value should fit a uint32 in order to avoid overflows later on when computing pod stats. 494 | dummyUsageNanoCores := uint64(rand.Uint32()) 495 | totalUsageNanoCores += dummyUsageNanoCores 496 | // Create a dummy value to be used as the total RAM usage. 497 | // The value should fit a uint32 in order to avoid overflows later on when computing pod stats. 498 | dummyUsageBytes := uint64(rand.Uint32()) 499 | totalUsageBytes += dummyUsageBytes 500 | // Append a ContainerStats object containing the dummy stats to the PodStats object. 501 | pss.Containers = append(pss.Containers, statsv1alpha1.ContainerStats{ 502 | Name: container.Name, 503 | StartTime: pod.CreationTimestamp, 504 | CPU: &statsv1alpha1.CPUStats{ 505 | Time: time, 506 | UsageNanoCores: &dummyUsageNanoCores, 507 | }, 508 | Memory: &statsv1alpha1.MemoryStats{ 509 | Time: time, 510 | UsageBytes: &dummyUsageBytes, 511 | }, 512 | }) 513 | } 514 | 515 | // Populate the CPU and RAM stats for the pod and append the PodsStats object to the Summary object to be returned. 516 | pss.CPU = &statsv1alpha1.CPUStats{ 517 | Time: time, 518 | UsageNanoCores: &totalUsageNanoCores, 519 | } 520 | pss.Memory = &statsv1alpha1.MemoryStats{ 521 | Time: time, 522 | UsageBytes: &totalUsageBytes, 523 | } 524 | res.Pods = append(res.Pods, pss) 525 | } 526 | 527 | // Return the dummy stats. 528 | return res, nil 529 | } 530 | 531 | // NotifyPods is called to set a pod notifier callback function. This should be called before any operations are done 532 | // within the provider. 533 | func (p *Provider) NotifyPods(ctx context.Context, notifier func(*v1.Pod)) { 534 | p.notifier = notifier 535 | } 536 | 537 | func buildKeyFromNames(namespace string, name string) (string, error) { 538 | return fmt.Sprintf("%s-%s", namespace, name), nil 539 | } 540 | 541 | // buildKey is a helper for building the "key" for the providers pod store. 542 | func buildKey(pod *v1.Pod) (string, error) { 543 | if pod.ObjectMeta.Namespace == "" { 544 | return "", fmt.Errorf("pod namespace not found") 545 | } 546 | 547 | if pod.ObjectMeta.Name == "" { 548 | return "", fmt.Errorf("pod name not found") 549 | } 550 | 551 | return buildKeyFromNames(pod.ObjectMeta.Namespace, pod.ObjectMeta.Name) 552 | } 553 | 554 | // addAttributes adds the specified attributes to the provided span. 555 | // attrs must be an even-sized list of string arguments. 556 | // Otherwise, the span won't be modified. 557 | // TODO: Refactor and move to a "tracing utilities" package. 558 | func addAttributes(ctx context.Context, span trace.Span, attrs ...string) context.Context { 559 | if len(attrs)%2 == 1 { 560 | return ctx 561 | } 562 | for i := 0; i < len(attrs); i += 2 { 563 | ctx = span.WithField(ctx, attrs[i], attrs[i+1]) 564 | } 565 | return ctx 566 | } 567 | -------------------------------------------------------------------------------- /provider/mock/mock_test.go: -------------------------------------------------------------------------------- 1 | package mock 2 | 3 | // We can guarantee the right interfaces are implemented inside of by putting casts in place. We must do the verification 4 | // that a given type *does not* implement a given interface in this test. 5 | // Cannot implement this due to: https://github.com/virtual-kubelet/virtual-kubelet/issues/632 6 | /* 7 | func TestMockLegacyInterface(t *testing.T) { 8 | var mlp providers.Provider = &MockLegacyProvider{} 9 | _, ok := mlp.(node.PodNotifier) 10 | assert.Assert(t, !ok) 11 | } 12 | */ 13 | -------------------------------------------------------------------------------- /provider/provider.go: -------------------------------------------------------------------------------- 1 | package provider 2 | 3 | import ( 4 | "context" 5 | "io" 6 | 7 | "github.com/virtual-kubelet/virtual-kubelet/node" 8 | "github.com/virtual-kubelet/virtual-kubelet/node/api" 9 | "github.com/virtual-kubelet/virtual-kubelet/node/api/statsv1alpha1" 10 | v1 "k8s.io/api/core/v1" 11 | ) 12 | 13 | // Provider contains the methods required to implement a virtual-kubelet provider. 14 | // 15 | // Errors produced by these methods should implement an interface from 16 | // github.com/virtual-kubelet/virtual-kubelet/errdefs package in order for the 17 | // core logic to be able to understand the type of failure. 18 | type Provider interface { 19 | node.PodLifecycleHandler 20 | 21 | // GetContainerLogs retrieves the logs of a container by name from the provider. 22 | GetContainerLogs(ctx context.Context, namespace, podName, containerName string, opts api.ContainerLogOpts) (io.ReadCloser, error) 23 | 24 | // RunInContainer executes a command in a container in the pod, copying data 25 | // between in/out/err and the container's stdin/stdout/stderr. 26 | RunInContainer(ctx context.Context, namespace, podName, containerName string, cmd []string, attach api.AttachIO) error 27 | 28 | // ConfigureNode enables a provider to configure the node object that 29 | // will be used for Kubernetes. 30 | ConfigureNode(context.Context, *v1.Node) 31 | } 32 | 33 | // PodMetricsProvider is an optional interface that providers can implement to expose pod stats 34 | type PodMetricsProvider interface { 35 | GetStatsSummary(context.Context) (*statsv1alpha1.Summary, error) 36 | } 37 | -------------------------------------------------------------------------------- /provider/store.go: -------------------------------------------------------------------------------- 1 | package provider 2 | 3 | import ( 4 | "sync" 5 | 6 | "github.com/virtual-kubelet/node-cli/manager" 7 | ) 8 | 9 | // Store is used for registering/fetching providers 10 | type Store struct { 11 | mu sync.Mutex 12 | ls map[string]InitFunc 13 | } 14 | 15 | func NewStore() *Store { 16 | return &Store{ 17 | ls: make(map[string]InitFunc), 18 | } 19 | } 20 | 21 | // Register registers a providers init func by name 22 | func (s *Store) Register(name string, f InitFunc) { 23 | s.mu.Lock() 24 | s.ls[name] = f 25 | s.mu.Unlock() 26 | } 27 | 28 | // Get gets the registered init func for the given name 29 | // The returned function may be nil if the given name is not registered. 30 | func (s *Store) Get(name string) InitFunc { 31 | s.mu.Lock() 32 | f := s.ls[name] 33 | s.mu.Unlock() 34 | return f 35 | } 36 | 37 | // List lists all the registered providers 38 | func (s *Store) List() []string { 39 | s.mu.Lock() 40 | defer s.mu.Unlock() 41 | 42 | ls := make([]string, 0, len(s.ls)) 43 | for p := range s.ls { 44 | ls = append(ls, p) 45 | } 46 | 47 | return ls 48 | } 49 | 50 | // Exists returns if there is an init function registered under the provided name 51 | func (s *Store) Exists(name string) bool { 52 | s.mu.Lock() 53 | _, ok := s.ls[name] 54 | s.mu.Unlock() 55 | return ok 56 | } 57 | 58 | // InitConfig is the config passed to initialize a registered provider. 59 | type InitConfig struct { 60 | ConfigPath string 61 | NodeName string 62 | OperatingSystem string 63 | InternalIP string 64 | DaemonPort int32 65 | KubeClusterDomain string 66 | ResourceManager *manager.ResourceManager 67 | } 68 | 69 | type InitFunc func(InitConfig) (Provider, error) 70 | -------------------------------------------------------------------------------- /provider/types.go: -------------------------------------------------------------------------------- 1 | package provider 2 | 3 | const ( 4 | // OperatingSystemLinux is the configuration value for defining Linux. 5 | OperatingSystemLinux = "Linux" 6 | // OperatingSystemWindows is the configuration value for defining Windows. 7 | OperatingSystemWindows = "Windows" 8 | ) 9 | 10 | type OperatingSystems map[string]bool 11 | 12 | var ( 13 | // ValidOperatingSystems defines the group of operating systems 14 | // that can be used as a kubelet node. 15 | ValidOperatingSystems = OperatingSystems{ 16 | OperatingSystemLinux: true, 17 | OperatingSystemWindows: true, 18 | } 19 | ) 20 | 21 | func (o OperatingSystems) Names() []string { 22 | keys := make([]string, 0, len(o)) 23 | for k := range o { 24 | keys = append(keys, k) 25 | } 26 | return keys 27 | } 28 | --------------------------------------------------------------------------------